Healthcare practitioners\u27 perspectives on the use of e-health applications to support overweight and obese adolescents

The aim of this research was to investigate, from an Australian healthcare practitioners\u27 perspective, whether online and e-health applications could provide support for and be beneficial to overweight and obese adolescents. This research has investigated whether diet and exercise related environmental causes of obesity could be positively affected by using e-health applications to re-educate adolescents about healthy eating and exercise behaviours the research identified what online and electronic resources healthcare practitioners\u27 recommended to their patients, in order to understand how information systems· solutions could better assist these patients in achieving healthier lifestyle outcomes. Additionally, the research investigated what content, features and functionality healthcare practitioners\u27 believed should be incorporated into future e-health initiatives. The research was exploratory in design and attempted to identify future research projects. The research targeted healthcare practitioners who made their contact details publicly available via the Internet, including the online Yellow Pages, and those that routinely treat overweight and obese adolescents. The research had a multidisciplinary approach as practitioners from numerous professions were identified as potential respondents, they included: Aboriginal health experts, cardiologists, child health experts, dietitians, exercise physiologists, general practitioners, health promotion researchers, homeopaths, medical practitioners, naturopaths, nutritionists, nurses, obesity experts, paediatricians, psychiatrists, psychologists, and sports dietitians. The attitude data of these healthcare practitioners is considered to be useful and relevant in regards to the future development of information systems and in designing appropriate resources for patients. Hence, the research was information systems (IS) based, and a survey was selected as the overarching research methodology upon which to conduct this investigation. The theoretical contribution of this research is in the extension of theory relating to the use of electronic support information as it is perceived by Australian healthcare practitioners. Further, this research highlights healthcare practitioners\u27 attitudes towards, and adoption of current e-health technology. These are significant issues given the rapid growth of e-health information on the Internet and patients growing demand for these resources to be made widely available

The Applicability of ISO/IEC27014:2013 For Use Within General Medical Practice

General practices are increasingly cognizant of their responsibilities in regards to information security, as is evidenced by professional bodies such as the Royal Australian College of General Practitioners (RACGP) who publish the Computer and Information Security Standards (CISS) for General Practices. Information security governance in general medical practice is an emerging area of importance. As such, the CISS (2013) standard incorporates elements of information security governance. The International Organization for Standardization (ISO) released a new global standard in May 2013 entitled, ISO/IEC 27014:2013 Information technology -- Security techniques -- Governance of information security. The release of this revised ISO standard, which is applicable to organisations of all sizes, offers a framework against which to assess and implement this governance component of information security within general medical practice. This paper reports on an analysis of this standard to determine how it could be applied to Australian general practice. The paper further reports on two qualitative interviews with information security experts relating to the suitability of utilising this standard within general practice. The results confirm that the governance component of information security. which is currently insufficiently addressed within general practice, requires support in the form of standards, however that developing a security culture is crucial to good governance in medical information security

Secure transmission of shared electronic health records

Paper-based health records together with electronic Patient Management Systems remain the norm for hospitals and primary care practices to manage patient health information in Australia. Although the benefits of recording patient health information into an electronic format known as an electronic health record (EHR) are well documented, the use of these systems has not yet been fully realised. The next advancement for EHRs is the ability to share health records for the primary purpose of improved patient care. This may for example enable a primary care physician, with the patient\u27s consent, to electronically share pertinent health information with a specialist, providing timely information transfer and reducing the need for replicated testing. Australia is in the process of adopting a national approach to an integrated health records solution. The Australian National Ehealth Transition Authority (NEHTA) has released their lnteroperability Framework together with specifications and standards for secure messaging in E-health. This is expected to promote an environment in which vendors competing for market share will develop medical applications that are interoperable. With an aging population and the baby boomers preparing for retirement, it is anticipated that these initiatives may Indirectly help to reduce the anticipated strain on the health care budget. Anticipated secondary benefits include the collection of de-identified information for public health research and the development of health management strategies. This paper discusses NEHTA\u27s secure transmission initiatives and the resultant security issues related to the transfer of shared EHRs

Developing Governance Capability to Improve Information Security Resilience in Healthcare

General medical practices’ in Australia are vulnerable to information security threats and insecure practices. It is becoming well accepted in the healthcare environment that information security is both a technical and a human endeavour, and that the human behaviours, particularly around integration with healthcare workflow, are key barriers to good information security practice. This paper develops a holistic capability approach to information security by completing a preliminary iteration of mapping operational capabilities to governance capabilities. Using an operational backup capability matrix exemplar, the approach is analysed against the governance policy capability matrix. The resultant mapping between the operational and governance capability frameworks demonstrates that resilience can be promoted through sound governance. This implies that improved security performance and compliance contributes to measurement and oversight of the governance processes thereby making the organisations demonstrably more resilient to security threats. This paper proposes the need for a holistic capability approach to information securit

Developing And Validating A Healthcare Information Security Governance Framework

General medical practices\u27 in Australia are vulnerable to information security threats and insecure practices. It is well accepted in the healthcare environment that information security is both a technical and a human endeavour, and that the human behaviours, particularly around integration with healthcare workflow, are key barriers to good information security practice. The Royal Australian College of General Practitioner\u27s (RACGP) Computer and Information Security Standards (CISS) 2013 are the best practice standards for general practices, against which information security is assessed during practice accreditation. With the release of ISO/IEC 27014:2013 Information technology - Security techniques - Governance of information security in May 2013, it is this governance component of information security that is insufficiently addressed within General Practice at present. This paper documents the development and validation of an information security governance framework for use within general medical practice. The aim of the proposed Information Security Governance Framework is to extend current best practice information security management to include information security governance

Challenges in improving information security practice in Australian general practice

The status of information security in Australian medical general practice is discussed together with a review of the challenges facing small practices that often lack the technical knowledge and skill to secure patient information by themselves. It is proposed that an information security governance framework is required to assist practices in identifying weaknesses and gaps and then to plan and implement how to overcome their shortcomings through policies, training and changes to processes and management structure

Measuring information security governance within general medical practice

Information security is becoming increasingly important within the Australian general medical practice environment as legal and accreditation compliance is being enforced. Using a literature review, approaches to measuring information security governance were analysed for their potential suitability and use within General Practice for the effective protection of confidential information. The models, frameworks and guidelines selected were analysed to evaluate if they were Key Performance Indicator (KPI), or process driven; whether the approach taken was strategic, tactical or operational; and if governance or management assessment tools were presented. To measure information security governance, and be both effective and practical, the approach to be utilised within General Practice would need to function at an operational level and be KPI driven. Eight of the 29 approaches identified, were deemed to be applicable for measuring information security governance within the General Practice environment. However, further analysis indicated that these measurement approaches were either too complex to be directly implemented into General Practice, or collected self-assessment security data rather than actual security measurements. The literature review presented in this paper establishes the need for further research to develop an approach for measuring information security governance within General Practice

Secure transmission of shared electronic health records: A review

Paperbased health records together with electronic Patient Management Systems remain the norm for hospitals and primary care practices to manage patient health information in Australia. Although the benefits of recording patient health information into an electronic format known as an electronic health record (EHR) are well documented, the use of these systems has not yet been fully realised. The next advancement for EHRs is the ability to share health records for the primary purpose of improved patient care. This may for example enable a primary care physician, with the patient’s consent, to electronically share pertinent health information with a specialist, providing timely information transfer and reducing the need for replicated testing. Australia is in the process of adopting a national approach to an integrated health records solution. The Australian National Ehealth Transition Authority (NEHTA) has released their Interoperability Framework together with specifications and standards for secure messaging in Ehealth. This is expected to promote an environment in which vendors competing for market share will develop medical applications that are interoperable. With an aging population and the baby boomers preparing for retirement, it is anticipated that these initiatives may indirectly help to reduce the anticipated strain on the health care budget. Anticipated secondary benefits include the collection of deidentified information for public health research and the development of health management strategies. This paper discusses NEHTA’s secure transmission initiatives and the resultant security issues related to the transfer of shared EHRs

International Relations and Cyber Attacks: Official and Unofficial Discourse

The potential for cyberwarfare is vast and is of concern to all nations, and national security defence. It appears that many countries are actively trying to protect their computer networks, whilst looking for ways that might bring down the networks of other countries, although this is not officially acknowledged. Bringing down another nations computer networks could give the attacking national intelligence and control. These kinds of interactions are now a part of the way in which international relations are played out, and the internet is also a place in which international relations are contested. As such the internet plays a role in the visualisation and articulation of international relations both officially and unofficially, via official pronouncements and the activities of private citizens. What makes the internet different to other media forms is that the internet also represents a space in which international relations are contested in terms of cyber attacks and information warfare. This paper analyses official and unofficial discourses surrounding the way in which international relations in regards to cyber attacks have been played out via the internet, using North Korea and Stuxnet as case studies

Challenges in Improving Information Security Practice in Australian General

The status of information security in Australian medical general practice is discussed together with a review of the challenges facing small practices that often lack the technical knowledge and skill to secure patient information by themselves. It is proposed that an information security governance framework is required to assist practices in identifying weaknesses and gaps and then to plan and implement how to overcome their shortcomings through policies, training and changes to processes and management structure