RFID Privacy Concerns: A Conceptual Analysis in the Healthcare Sector

Radio Frequency Identification (RFID) is a wireless technology that utilizes radio waves to automatically capture data for identifying and tracking objects and/or people. As the use of RFID has grown, so has the chorus of privacy invasions against this identity-aware technology. With the planned deployment and use of RFID in healthcare, there are concerns regarding the social, technological and regulatory complexity of the RFID technology vis-à-vis the requirements of the Health Insurance Portability and Accountability Act (HIPAA). In this paper we use the principles of Fair Information Practice (FIP) as a guideline to examine the design of Privacy Enhancing Technologies (PETs). The outcome shows that PETs fail to incorporate the FIP principles and the importance of examining the social aspect of this ubiquitous technology from a sociotechnical perspective. The socio-technical perspective, with its emphasis on the examination of complex relations among social and technical interactions of RFID, can provide a useful insight to assess the societal impact and changes to individual behavior that may arise from privacy concerns. We believe that, using the groundwork laid down in this study, future research along these directions could contribute significantly to addressing privacy concerns expressed about RFID in the context of healthcare

Healthcare Information Privacy Research: Iusses, Gaps and What Next?

The proliferation of e-health holds great promises in sharing medical data, improving healthcare quality, saving patient lives and reducing costs. However, these potential benefits also bring much attention to the issues of information privacy. Given that medical data disclosure is the second highest reported breaches, it is imperative to understand both information privacy and its context in healthcare. Just as lack of appropriate privacy measures might cause economic harm or denied service from insurance or employers, tight privacy can prevent care providers from accessing patient information in time to save lives. This paper takes an integrated look into the area of healthcare information privacy from both MIS and health informatics perspectives. Based on the literature review and our personal communication with health informatics experts, we identified and presented four major themes: 1) scope and definition of privacy and electronic health records, 2) the information privacy issues and threats, 3) the countermeasures used to address and manage information privacy and 4) why privacy responses matter. This paper provides a unique perspective to privacy in the context of healthcare by focusing on the issues, the matching countermeasures and the drivers behind organizational behaviors into how they manage these threats

Understanding the Drivers and Outcomes of Healthcare Organizational Privacy Responses

This research adopts a grounded theory approach to examine the drivers, safeguards and operational outcomes of organizational information privacy responses in the healthcare context. Semi-structured interviews with key healthcare stakeholders were conducted. The findings are sobering. First, privacy safeguards are driven by legal compliance, competitive advantages, available resources and best practices. However, organizations have to balance conflicting risks associated with these drivers. Second, this study identifies the operational and behavioral outcomes which results in major balance issues. Third, the adoption of a privacy impact assessment (PIA) allows the integration of a risk management approach to effectively assess the different types of privacy risks. The findings provide evidence for: (1) a gap between privacy responses and their outcomes on healthcare practice and delivery; (2) the importance of the privacy impact assessment as a risk management tool; and (3) the challenging context of the healthcare environment of how privacy responses are unfolding

Information Disclosure and Online Social Networks: From the Case of Facebook News Feed Controversy to a Theoretical Understanding

Based on the insights learned from the case analysis of the Facebook News Feed outcry, we develop a theoretical understanding that identifies major drivers and impediments of information disclosure in Online Social Networks (OSNs). Research propositions are derived to highlight the roles of privacy behavioral responses, privacy concerns, perceived information control, trust in OSN providers, trust in social ties, and organizational privacy interventions. The synthesis of privacy literature, bounded rationality and trust theories provides a rich understanding of the adoption of OSNs that creates privacy and security vulnerabilities, and therefore, informs the privacy research in the context of OSNs. The findings are also potentially useful to privacy advocates, regulatory bodies, OSN providers, and marketers to help shape or justify their decisions concerning OSNs

Designing a Healthcare Data Analytics Course: A Contextual Active Learning Approach

Despite calls for next-generation business analytics professionals, there is a lack of curricular modules that emphasize context-specific learning of analytics pertaining to healthcare. Healthcare analytics can provide different stakeholders the ability to use their data to improve patient care and engagement, evidenced-based interventions, financial efficiency and operational effectiveness. Such course has not been widely offered in business schools, hence there is no established curricular material or pedagogical research that presents a strategized curriculum. To address this need, this article discusses the use a pedagogical approach that emphasizes active and contextual learning in module design. We develop a set of new curricular modules within an interdisciplinary course - that integrates information systems and medical informatics - using a contextual active learning approach. We discuss the findings and challenges, and conclude with implications for future research

Reframing the Role of Information Technology in Crisis Response

While much attention has been given to vaccines, treatments, and therapies within the field of medical sciences for human survival during the COVID-19 pandemic, information technology (IT) has played a crucial role in the economic and operational survival of organizations. A crisis, like COVID-19, acts as an external force that demands current state operations and processes unfreeze in order to adapt. This pandemic has challenged higher education institutions to respond and evolve operations, practices, and processes. During times of change new learnings can be found, and if recognized, may even support a new standard of best practices. The COVID-19 crisis has revealed our extreme dependence on technology. While much research has recognized the power of technology in improving responses during emergencies, few studies focused on information technology and IT responses during crisis. The purpose of this study was to investigate how academic institutions responded during the COVID 19 crisis, analyzed IT response and strategies employed and understood how they influenced effectivity. More specifically, we researched how academic organizations have strategically used technology to respond during the COVID-19 crisis, and the impacts associated with the strategies used . This study employed a qualitative case study methodology using an interpretive philosophy. The use of an interpretive methodology allowed us to account for and explore IT strategies and responses during COVID-19. Semi-structured interviews were conducted with a total of 23 informants holding a university leadership and decision making role, which included deans, associate deans, provosts, university presidents, vice presidents, IT managers, and chief information officers. Our findings from the interpretive analysis of this ongoing study suggested that health, technical, siloed data and socio-economic inequities challenged how higher education institutions strategically respond to the IT requirements of the pandemic. The results showed that, while most schools have emergency response plans for natural hazards, none included plans for epidemic or pandemic response. Our analysis demonstrated that the strategic responses led to best practices and measurable impact in the areas of sustainability, analytics, culture, and systemic racism. We discuss the implication of these findings, IT strategies, and best practices that evolved from crisis management

Organizational Privacy Responses in Healthcare: A Conceptual Framework

With rising unpredictability and continued changes in the healthcare environment, organizational responses to information privacy threats are unclear, needing better classification and precision. This paper presents an innovative approach by combining the pressures of the healthcare environment and its internal context by extending two organizational typologies: Oliver’s (1991) strategic responses to institutional processes, a motivational framework for examining privacy responses in light of institutional pressures, and Miles’ and Snow\u27s (1978) organization strategy, structure, and process framework providing a perspective on proactiveness. The findings based on in-depth interview data of executive-level healthcare information privacy decision makers highlight both the dimensions of resistance (resistance to institutional pressures) and proactiveness (the degree to which the strategy is proactive in protecting PHI (Protected Health Information). The resulting framework generates theoretically different but sound explanations for differences in information privacy strategic behaviors. The authors offer suggestions, implications and recommendations to researchers and practitioners