Consequential Analysis of Information System Criticality in a Healthcare Organization
| Autor: | K. F. Smith, R. L. Wears, C. W. Johnson, N. Chozos, S. J. Perry |
|---|---|
| Rok vydání: | 2006 |
| Předmět: | |
| Zdroj: | Proceedings of the Human Factors and Ergonomics Society Annual Meeting. 50:1466-1468 |
| ISSN: | 1071-1813 2169-5067 |
| DOI: | 10.1177/154193120605001501 |
| Popis: | Implementation of information technology (IT) in healthcare has increased with little attention paid to the consequences of system failures. This qualitative study assesses the organizational understanding of IT vulnerabilities, the potential consequences of failure and system recovery capabilities within a large healthcare facility. Fifty nine percent (59%) of identified software applications were rated mission critical by participants, 46% were medium impact and 1 application was a non-factor. Downtime procedures were in place for only 39% of applications with 30% of those deemed “mission-critical” lacking downtime procedures. Expected recovery time objectives (RTO) and recovery point objectives (RPO) for users were not consistent with those projected by the IT department. A sub-analysis of the emergency department showed a high percentage of mission critical software but only 36% had downtime procedures. Continued inattention to the risks and hazards associated with widely disseminated IT within healthcare represents a continuing and little discussed vulnerability. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|