Consequential analysis of information system criticality in a healthcare organization

S. J. Perry, R. L. Wears, N. Chozos, C. W. Johnson, K. F. Smith

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

Abstract

Implementation of information technology (IT) in healthcare has increased with little attention paid to the consequences of system failures. This qualitative study assesses the organizational understanding of IT vulnerabilities, the potential consequences of failure and system recovery capabilities within a large healthcare facility. Fifty nine percent (59%) of identified software applications were rated mission critical by participants, 46% were medium impact and 1 application was a non-factor. Downtime procedures were in place for only 39% of applications with 30% of those deemed "mission-critical" lacking downtime procedures. Expected recovery time objectives (RTO) and recovery point objectives (RPO) for users were not consistent with those projected by the IT department. A sub-analysis of the emergency department showed a high percentage of mission critical software but only 36% had downtime procedures. Continued inattention to the risks and hazards associated with widely disseminated IT within healthcare represents a continuing and little discussed vulnerability.

Original languageEnglish
Title of host publicationProceedings of the Human Factors and Ergonomics Society 50th Annual Meeting, HFES 2006
Place of PublicationThousand Oaks, CA
PublisherSAGE Publications
Pages1466-1468
Number of pages3
ISBN (Print)9780945289296
Publication statusPublished - 2006
Externally publishedYes
Event50th Annual Meeting of the Human Factors and Ergonomics Society, HFES 2006 - San Francisco, CA, United States
Duration: 16 Oct 200620 Oct 2006

Other

Other50th Annual Meeting of the Human Factors and Ergonomics Society, HFES 2006
CountryUnited States
CitySan Francisco, CA
Period16/10/0620/10/06

Fingerprint

Dive into the research topics of 'Consequential analysis of information system criticality in a healthcare organization'. Together they form a unique fingerprint.

Cite this