Enhancing the home-sampling process of a laboratory company

Tutkimuksen tavoitteena oli kehittää laboratorioyrityksen kotinäytteenottoprosessia. Ensimmäinen tavoite oli kuvata yrityksen nykyinen kotinäytteenoton prosessi ja toisena tavoitteena kuvata tahtotilan prosessi, eli kuvata tarkemmin, miltä prosessin tulisi näyttää tulevaisuudessa. Tämän lisäksi selvitettiin, miten informaatioteknologiaa voidaan hyödyntää prosessin uudelleensuunnittelussa ja miten projekti peilautuu tutkimuksen teoreettisiin lähtökohtiin. Teoriapohjana tutkimuksessa oli liiketoiminnan uudelleenrakentaminen eli BPR (Business Process Reengineering). BPR:llä tarkoitetaan organisaation liiketoimintaprosessin tai –prosessien perusteellista uudelleenrakentamista ja kehittämistä IT:n avulla. Tämän tueksi tutkimuksessa käsiteltiin myös IT-kyvykkyyksiä, joita hyödynnettiin suunnitteluvaiheessa. Tutkimusotteena oli toiminta-analyyttinen tutkimusote, koska tutkimuksessa oli keskeistä ymmärtää käsiteltävää ilmiötä. Lisäksi tutkija oli tiiviissä yhteydessä tutkimuksen kohteeseen tutkimuksen aikana ja tuloksiin vaikutti keskeisesti tutkijan omaan ymmärrykseen perustuvat tulkinnat. Tutkimusmenetelmänä käytettiin tapaustutkimusta sekä toimintatutkimusta. Aineiston keruussa hyödynnettiin useita tiedonkeruumenetelmiä; haastattelu, täsmäryhmähaastattelu sekä havainnointi. Kotinäytteenoton tahtotilan prosessimallissa IT:n hyödyntäminen oli suuressa roolissa. Suurimpina muutoksina vanhaan prosessiin nähden olivat varausjärjestelmän uusiminen, reittioptimoinnin käyttöönotto, tiedonkulun mahdollistaminen eri järjestelmien välillä sekä mobiilisovelluksen ja –laitteen käyttöönotto. Muutosten ja niillä saavutettavien hyötyjen perustana olivat IT-kyvykkyyksistä erityisesti transaktionaalinen, maantieteellinen, automatisoiva ja tietämyksen hallinnallinen kyvykkyys. Projektista tunnistettiin monia kirjallisuudessa esiintyviä BPR:n piirteitä, vaikka projektista ei varsinaisesti BPR-nimitystä käytettykään. Vaikka monet piirteet projektissa olivat yleistettävissä BPR-teoriaan, tutkimustulokset ovat hyvin organisaatiosidonnaiset eivätkä siten helposti yleistettävissä

An Integrated and Distributed Framework for a Malaysian Telemedicine System (MyTel)

The overall aim of the research was to produce a validated framework for a Malaysian integrated and distributed telemedicine system. The framework was constructed so that it was capable of being useful in retrieving and storing a patient's lifetime health record continuously and seamlessly during the downtime of the computer system and the unavailability of a landline telecommunication network. The research methodology suitable for this research was identified including the verification and validation strategies. A case study approach was selected for facilitating the processes and development of this research. The empirical data regarding the Malaysian health system and telemedicine context were gathered through a case study carried out at the Ministry of Health Malaysia (MOHM). The telemedicine approach in other countries was also analysed through a literature review and was compared and contrasted with that in the Malaysian context. A critical appraisal of the collated data resulted in the development of the proposed framework (MyTel) a flexible telemedicine framework for the continuous upkeep o f patients' lifetime health records. Further data were collected through another case study (by way of a structured interview in the outpatient clinics/departments of MOHM) for developing and proposing a lifetime health record (LHR) dataset for supporting the implementation of the MyTel framework. The LHR dataset was developed after having conducted a critical analysis of the findings of the clinical consultation workflow and the usage o f patients' demographic and clinical records in the outpatient clinics. At the end of the analysis, the LHR components, LHR structures and LHR messages were created and proposed. A common LHR dataset may assist in making the proposed framework more flexible and interoperable. The first draft of the framework was validated in the three divisions of MOHM that were involved directly in the development of the National Health JCT project. The division includes the Telehealth Division, Public and Family Health Division and Planning and Development Division. The three divisions are directly involved in managing and developing the telehealth application, the teleprimary care application and the total hospital information system respectively. The feedback and responses from the validation process were analysed. The observations and suggestions made and experiences gained advocated that some modifications were essential for making the MyTel framework more functional, resulting in a revised/ final framework. The proposed framework may assist in achieving continual access to a patient's lifetime health record and for the provision of seamless and continuous care. The lifetime health record, which correlates each episode of care of an individual into a continuous health record, is the central key to delivery of the Malaysian integrated telehealth application. The important consideration, however, is that the lifetime health record should contain not only longitudinal health summary information but also the possibility of on-line retrieval of all of the patient's health history whenever required, even during the computer system's downtime and the unavailability of the landline telecommunication network

A framework for secure mobile computing in healthcare

Mobile computing is rapidly becoming part of healthcare’s electronic landscape, helping to provide better quality of care and reduced cost. While the technology provides numerous advantages to the healthcare industry, it is not without risk. The size and portable nature of mobile computing devices present a highly vulnerable environment, which threaten the privacy and security of health information. Since these devices continually access possibly sensitive healthcare information, it is imperative that these devices are considered for security in order to meet regulatory compliance. In fact, the increase in government and industry regulation to ensure the privacy and security of health information, makes mobile security no longer just desirable, but mandatory. In addition, as healthcare becomes more aware of the need to reinforce patient confidence to gain competitive advantage, it makes mobile security desirable. Several guidelines regarding security best practices exist. Healthcare institutions are thus faced with matching the guidelines offered by best practices, with the legal and regulatory requirements. While this is a valuable question in general, this research focuses on the aspect of considering this question when considering the introduction of mobile computing into the healthcare environment. As a result, this research proposes a framework that will aid IT administrators in healthcare to ensure that privacy and security of health information is extended to mobile devices. The research uses a comparison between the best practices in ISO 17799:2005 and the regulatory requirements stipulated in HIPAA to provide a baseline for the mobile computing security model. The comparison ensures that the model meets healthcare specific industry requirement and international information security standard. In addition, the framework engages the Information Security Management System (ISMS) model based on the ISO 27000 standard. The framework, furthermore, points to existing technical security measurers associated with mobile computing. It is believed that the framework can assist in achieving mobile computing security that is compliant with the requirements in the healthcare industry

A framework for secure mobile computing in healthcare

Mobile computing is rapidly becoming part of healthcare’s electronic landscape, helping to provide better quality of care and reduced cost. While the technology provides numerous advantages to the healthcare industry, it is not without risk. The size and portable nature of mobile computing devices present a highly vulnerable environment, which threaten the privacy and security of health information. Since these devices continually access possibly sensitive healthcare information, it is imperative that these devices are considered for security in order to meet regulatory compliance. In fact, the increase in government and industry regulation to ensure the privacy and security of health information, makes mobile security no longer just desirable, but mandatory. In addition, as healthcare becomes more aware of the need to reinforce patient confidence to gain competitive advantage, it makes mobile security desirable. Several guidelines regarding security best practices exist. Healthcare institutions are thus faced with matching the guidelines offered by best practices, with the legal and regulatory requirements. While this is a valuable question in general, this research focuses on the aspect of considering this question when considering the introduction of mobile computing into the healthcare environment. As a result, this research proposes a framework that will aid IT administrators in healthcare to ensure that privacy and security of health information is extended to mobile devices. The research uses a comparison between the best practices in ISO 17799:2005 and the regulatory requirements stipulated in HIPAA to provide a baseline for the mobile computing security model. The comparison ensures that the model meets healthcare specific industry requirement and international information security standard. In addition, the framework engages the Information Security Management System (ISMS) model based on the ISO 27000 standard. The framework, furthermore, points to existing technical security measurers associated with mobile computing. It is believed that the framework can assist in achieving mobile computing security that is compliant with the requirements in the healthcare industry