An Activity Theory Approach to Leak Detection and Mitigation in Patient Health Information (PHI)

被引:3
作者
Valecha, Rohit [1 ]
Upadhyaya, Shambhu [2 ,3 ]
Rao, H. Raghav [4 ]
机构
[1] Univ Texas San Antonio, Informat Syst & Cyber Secur, San Antonio, TX 78249 USA
[2] SUNY Buffalo, Comp Sci & Engn, Buffalo, NY USA
[3] SUNY Buffalo, Ctr Excellence Informat Syst Assurance Res & Educ, Buffalo, NY USA
[4] Univ Texas San Antonio, Coll Business, Dept Informat Syst & Cyber Secur, San Antonio, TX USA
来源
JOURNAL OF THE ASSOCIATION FOR INFORMATION SYSTEMS | 2021年 / 22卷 / 04期
基金
美国国家科学基金会;
关键词
Patient Health Information (PHI); PHI Leak Detection and Mitigation; Activity Theory; Access Control Model; Design Science; Crisis Management; ACCESS-CONTROL; DESIGN SCIENCE; SYSTEMS; PRIVACY; CARE; MANAGEMENT; SECURITY; RECORDS; MODEL; AUTHORIZATION;
D O I
10.17705/1jais.00687
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The migration to electronic health records (EHR) in the healthcare industry has raised issues with respect to security and privacy. One issue that has become a concern for healthcare providers, insurance companies, and pharmacies is patient health information (PHI) leaks because PHI leaks can lead to violation of privacy laws, which protect the privacy of individuals' identifiable health information, potentially resulting in a healthcare crisis. This study explores the issue of PHI leaks from an access control viewpoint. We utilize access control policies and PHI leak scenarios derived from semi structured interviews with four healthcare practitioners and use the lens of activity theory to articulate the design of an access control model for detecting and mitigating PHI leaks. Subsequently, we follow up with a prototype as a proof of concept.
引用
收藏
页码:1007 / 1036
页数:30
相关论文
共 12 条
  • [1] A novel pipeline leak detection approach independent of prior failure information
    Rai, Akhand
    Kim, Jong-Myon
    MEASUREMENT, 2021, 167
  • [2] An activity theory approach to information security non-compliance
    Khatib, Rima
    Barki, Henri
    INFORMATION AND COMPUTER SECURITY, 2020, 28 (04) : 485 - 501
  • [3] CHALLENGES IN IMPLEMENTING PATIENT-CENTRED INFORMATION SYSTEMS IN TANZANIA: AN ACTIVITY THEORY PERSPECTIVE
    Shidende, Nima Herman
    ELECTRONIC JOURNAL OF INFORMATION SYSTEMS IN DEVELOPING COUNTRIES, 2014, 64 (01):
  • [4] The role of intrusion detection systems in electronic information security From the activity theory perspective
    Mlitwa, Nhlanhla Boyfriend Wilton
    Birch, Dwain
    JOURNAL OF ENGINEERING DESIGN AND TECHNOLOGY, 2011, 9 (03) : 296 - 312
  • [5] Impact of Perceived Barriers of Electronic Health Information Exchange on Physician's Use of EHR: A Normalisation Process Theory Approach
    Sengupta, Avijit
    Mukherjee, Anik
    Vandermeer, Debra
    INFORMATION SYSTEMS FRONTIERS, 2024,
  • [6] Activity Theory Approach and Geographic Information Systems Affordance for Effective Land Management and Administration Actualization
    Bawa, Danjuma
    SCIENTIFIC AFRICAN, 2024, 23
  • [7] Integrating Constructivist Grounded Theory with a Patient-Oriented Research Approach to Enhance Health Promotion Research
    Nelson, Heather J.
    Bally, Jill M. G.
    Spurr, Shelley
    Foulds, Heather
    de Padua, Anthony
    INTERNATIONAL JOURNAL OF QUALITATIVE METHODS, 2023, 22
  • [8] Mapping the Variables of Care in Health and Medical Communication Contexts: A Script Theory-Prototype Theory Approach to Patient-Centered Design
    Amant, Kirk St
    SIGDOC'17: PROCEEDINGS OF THE 35TH ACM INTERNATIONAL CONFERENCE ON THE DESIGN OF COMMUNICATION, 2017,
  • [9] Clinical decision support in Tanzanian healthcare facilities: an activity theory approach to analysing tools and procedures for enhanced patient care
    Mwogosi, Augustino
    Mambile, Cesilia
    INFORMATION TECHNOLOGY & PEOPLE, 2024,
  • [10] Wearable Activity Trackers Supporting Elderly Living Independently: A Standards based Approach for Data Integration to Health Information Systems
    Urbauer, Philipp
    Frohner, Matthias
    David, Veronika
    Sauermann, Stefan
    PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON SOFTWARE DEVELOPMENT AND TECHNOLOGIES FOR ENHANCING ACCESSIBILITY AND FIGHTING INFO-EXCLUSION (DSAI 2018), 2018, : 302 - 309