Título: International Journal of Medical InformaticsImportada do Authenticus Pesquisar Publicações da Revista

Vol. 79 Nº 4

Páginas: 268-283

ISSN: 1386-5056

Editora: Elsevier

ISI Web of Knowledge - 16 Citações

Scopus - 18 Citações

FOS: Ciências exactas e naturais > Ciências da computação e da informação

ID Authenticus: P-003-7VA

DOI: 10.1016/j.ijmedinf.2010.01.009

Abstract (EN): Purpose: The objective of this paper is to showthat grounded theory (GT), together with mixed methods, can be used to involve healthcare professionals in the design and enhancement of access control policies to Electronic Medical Record (EMR) systems. Methods: The mixed methods applied for this research included, in this sequence, focus groups (main qualitative method that used grounded theory for the data analysis) and structured questionnaires (secondary quantitative method). Results: Results showed that the presented methodology can be used to involve healthcare professionals in the definition of access control policies to EMR systems and explore these issues in a diversified and integrated way. The methodology allowed for the generation of great amounts of data in the beginning of the study and in a short time span. Results from the applied methodology revealed a first glimpse of the theories to be generated and integrated, with future research, into access control policies. Conclusions: The methodological research described in this paper is very rarely, if ever, applied in developing security tools such as access control. Nevertheless, it can be an effective way of involving healthcare professionals in the definition and enhancement of access control policies and in making information security more grounded into their workflows and daily practices.

Idioma: Inglês

Tipo (Avaliação Docente): Científica

Contacto: af84@kent.ac.uk

Nº de páginas: 16