Workarounds to Computer Access in Healthcare Organizations: You Want My Password or a Dead Patient?
Title | Workarounds to Computer Access in Healthcare Organizations: You Want My Password or a Dead Patient? |
Publication Type | Book Chapter |
Year of Publication | 2015 |
Authors | Ross Koppel, University of Pennsylvania, Sean W. Smith, Dartmouth College, Jim Blythe, University of Southern California, Vijay Kothari, Dartmouth College |
Book Title | Studies in Health Technology and Informatics Driving Quality Informatics: Fulfilling the Promise |
Volume | 208 |
Keywords | computer access, cybersecurity, NSA SoS Lablets Materials, Science of Human Circumvention of Security, science of security, UIUC, workarounds, workflow |
Abstract | Workarounds to computer access in healthcare are sufficiently common that they often go unnoticed. Clinicians focus on patient care, not cybersecurity. We argue and demonstrate that understanding workarounds to healthcare workers' computer access requires not only analyses of computer rules, but also interviews and observations with clinicians. In addition, we illustrate the value of shadowing clinicians and conducing focus groups to understand their motivations and tradeoffs for circumvention. Ethnographic investigation of the medical workplace emerges as a critical method of research because in the inevitable conflict between even well-intended people versus the machines, it's the people who are the more creative, flexible, and motivated. We conducted interviews and observations with hundreds of medical workers and with 19 cybersecurity experts, CIOs, CMIOs, CTO, and IT workers to obtain their perceptions of computer security. We also shadowed clinicians as they worked. We present dozens of ways workers ingeniously circumvent security rules. The clinicians we studied were not "black hat" hackers, but just professionals seeking to accomplish their work despite the security technologies and regulations. |
URL | https://goo.gl/yMmF9F |
Citation Key | node-32590 |