Abstract
As a result of growing economic pressures, collaborations and process orientation are rapidly gaining importance for hospitals. With organisation and software landscapes which have grown over time in line with specific professional groups and functions, the paradigm shift places high demands on integration. One of the key challenges in this context is the hospital-wide management of medical staff identities along patient processes. Effective identity management calls for technical means (e.g. for exchanging user data between applications), organisational definitions (e.g. HR processes for starts, departures and changes of hospital medical staff) and regulated responsibilities (e.g. for role definitions). The article shows that while the technical solutions do exist in practice, the necessary prerequisites are frequently missing where organisation and responsibility are concerned. The changes linked with meeting those prerequisites are likely to affect the work of medical staff and can encounter resistance. A very cautious approach is required to the apparently “technical” task of establishing a system of identity management. The article presents a procedure model which has been put to the test in practice. It ensures that responsibility and authority for identity management are successively installed in line with the specific circumstances that prevail in hospitals.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
For the integration between the applications of different institutions (external cooperation, integration scenario b), technical concepts for distinguishing between centralized authentication and decentralized authorization are known under the heading of “Identity Federation” in the hospitals surveyed (cf. Böhm and Caumanns 2007). As yet, however, no solutions have been implemented or any concrete planning steps taken. In none of the hospitals surveyed is it clear how the various organizational structures and processes as well as the different compliance and security policies of the institutions involved are to be taken into account. What is clear throughout, however, is that “order” first has to be established in internal identity management before link-ups with external partnerscan be initiated.
The Data Hub can also be connected to applications which administer patient data. If, for example, web-based eHealth services are to be offered to patients and authentication and authorization are necessary for the respective applications, patient data can be extracted and user data created via the DDS.
References
Ahern DM, Clouse A, Turner R (2004) CMMI distilled: a practical introduction to integrated process improvement. Addison-Wesley, Boston
Aier S, Winter R (2009) Virtual decoupling for IT/business alignment—conceptual foundations, architecture design and implementation example. Bus Inf Syst Eng 1(2):175–191
Albrecht M, Töpfer A (2006) Erfolgreiches Change Management im Krankenhaus – 15 Punkte Sofortprogramm für Kliniken. Springer, Heidelberg
Al-Mashari M, Zairi M (1999) BPR Implementation process: an analysis of key sucess and failure Factors. Business Process Management Journal 5(1):87–112
Anderson R, McDaniel R (2000) Managing health care organizations: where professionalism meets complexity science. Health Care Management Review (Winter) 2000:83–92
Apitzsch F (2008) Digital rights management for electronic health records. In: Proc of the CeHR 2007 international conference, Regensburg
Bartz M (2006) Patientenpfade – Ein Instrument zur Prozessoptimierung im Krankenhaus. VDM, Saarbrücken
Becker J, Knackstedt R, Pöppelbuß J (2009) Entwicklung von Reifegradmodellen für das IT-Management: Vorgehensmodell und praktische Anwendung. Wirtschaftsinformatik 51(3):249–260
Benantar M (2006) Access control sSystems: security, identity management and trust models. Springer, New York
Bessant J, Caffin S (1997) High-involvement Innovation through continuous improvement. International Journal of Technology Management 14(1):14–22
BFS (2006) Statistik der stationären Betriebe des Gesundheitswesens. Krankenhaustypologie. http://www.hplus.ch/fileadmin/user_upload/Spitalinformatik___Statistik/statistik/Krankenhausstatistik/s_krankenhausstat_krankenhaustypologie.pdf. Accessed 2011-09-15
Bihr H, Seelos HJ (1997) Entwicklung eines Referenzdatenmodells für Krankenhäuser. Wirtschaftsinformatik 39(4):367–371
Bohmer RMJ (2009) Designing care: aligning the nature and management of health care. Harvard Business Press, Boston
Böhm O, Caumanns J (2007) Föderatives Identitätsmanagement am Beispiel der elektronischen Fallakte. Informatik-Spektrum 30(4):240–250
Braun von Reinersdorff A (2007) Strategische Krankenhausführung – Vom Lean Management zum Balanced Hospital Managment. Hans Huber, Bern
Cinquini L, Vitali PM, Pitzalis A, Campanale C (2009) Process view and cost management of a new surgery technique in hospital. Business Process Management Journal 15(6):895–919. 6
Connel NAD, Young TP (2007) Evaluating healthcare information systems through an “Enterprise” perspective. Journal of Information & Management 44(4):433–440
de Bruin T, Rosemann M, Freeze R, Kulkarni U (2005) Understanding the main phases of developing a maturity assessment model. In: Proc of the 16th Australasian conference on information systems, Sydney, Australia
Davenport TH, Short JE (1990) The new industrial engineering: information technology and business process redesign. Sloan Management Review 31(4):11–27
De Clercq E (2008) Problem-oriented patient record model as a conceptual foundation for a multi-professional electronic patient record. International Journal of Medical Informatics 77(9):565–575
Dykes PC, Wheeler K (2002) Critical pathways – Interdisziplinäre Versorgungspfade. Hans Huber, Bern
EFQM – European foundation for quality management (1999) The EFQM excellence model. EFQM Representative Office, Brüssel
Farsi M, Filippini M (2006) An analysis of efficiency and productivity in Swiss hospitals. Swiss Journal of Economics and Statistics 142(1):1–37
Fernando S, Choudrie J, Lycett C, de Cesare S (2010) Hidden assumptions and their influence on clinicians’ acceptance of new IT systems in the NHS. Information Systems Frontiers
Fitterer R, Rohner P (2010) Patientenidentifikation und Prozessorientierung – Problemstellung und Grundlagen. In: Rohner P, Winter R (eds) Patientenidentifikation und Prozessorientierung. Springer, Berlin, pp 15–32
Fraser P, Moultrie J, Gregory M (2002) The use of maturity models/grids as a tool in assessing product development capability. In: Proc of the IEEE international engineering management conference, Piscataway, NJ
Flynn MJ (2007) Enterprise identity services. http://360tek.blogspot.com/2006/07/enterprise-identity-services.html. Accessed 2011-10-15
Fuchs L, Pernul G (2008) Prorole: a process-oriented lifecycle model for role systems leveraging identity management and guiding role projects. In: Proc of the 16th European conference on information systems, Galway, Ireland
Gericke A, Rohner P, Winter R (2006) Vernetzungsfähigkeit im Gesundheitswesen – Notwendigkeit, Bewertung und systematische Entwicklung als Voraussetzung zur Erhöhung der Wirtschaftlichkeit administrativer Prozesse. HMD - Praxis der Wirtschaftsinformatik 251:20–30
Gibson CF, Nolan RL (1974) Managing the four stages of EDP growth. Harvard Business Review 52(1):76–88
Gibson M, Arnott D (2007) The use of focus groups in design science research. In: Proc of the 18th Australasian conference on information systems, Toowoomba, Australia
Glouberman S, Mintzberg H (2001) Managing the care of health and the cure of disease – Part I: Differentiation. Health Care Management Review 26(1):56–69
Haas P (2005) Medizinische Informationssysteme und Elektronische Krankenakten. Springer, Berlin
Haraden C, Resar R (2005) Patient flow in hospitals: understanding and controlling it better. Frontiers of Health Services Management 2004 Summer 20(4):3–15
Haux R, Winter A, Ammenwerth E, Brigl B (2004) Strategic information management in hospitals: an introduction to hospital information systems. Springer, New York
Healthnet British Columbia (2003) B.C. healthcare – client identity management strategy report. Verfügbar unter http://healthnet.hnet.bc.ca/hcimsfinalrpt_071803_v1_1.pdf. Accessed 2010-05-10
Helfert M (2009) Challenges of business processes management in healthcare – experience in the Irish healthcare sector. Business Process Management Journal 15(6):937–952
Herwig V, Schlawitz L (2004) Unternehmensweites Berechtigungsmanagement. Wirtschaftsinformatik 46(4):289–294
Hevner AR, Chatterjee S (2010) Design research in information systems: theory and practice. Springer, New York
Hoffmann E (2010) Von der Strategie zur Umsetzung – Unterstützungsprozesse und Identitätsmanagement im Krankenhaus. In: Rohner P, Winter R (eds) Patientenidentifikation und Prozessorientierung. Springer, Berlin, pp 109–136
Huang H (1999) PACS. Basic principles and applications. Wiley, New York
Informatikstrategieorgan Bund (2012) HERMES – Die schweizerische Projektführungsmethode. http://www.hermes.admin.ch/. Accessed 2011-11-21
Ingenerf J, Stausberg J (2005) Klinische Arbeitsplatzsysteme. In: Lehmann M (ed) Handbuch der Medizinischen Informatik. Hanser, München, pp 626–646
Khoumbati K, Themistocleous M (2006) Integrating the IT infrastructures in healthcare organizations: a proposition of influencial factors. The Electronic Journal of e-Government 4(1):27–36
Köbler F, Fähling J, Leimeister JM, Krcmar H (2010) German hospitals—an empirical study among IT decision makers. Bus Inf Syst Eng 2(6):359–370
Lahrmann G, Marx F, Mettler T, Winter R, Wortmann F (2011) Inductive design of maturity models: applying the rasch algorithm for design science research. In: Jain H, Sinha AP, Vitharana P (eds) DESRIST 2011. LNCS, vol 6629, pp 176–191
Lenson CM (1998) Building a successful enterprise master patient index: a case study. Topics in Health Information Management 19(1):66–71
Lindberg P, Berger A (1997) Continuous improvement: design, organization, and management. International Journal of Technology Management 14(1):86–101
Links HC (2008) Identity & access management success tips. Links. Business Group, Issaquah
Looser H (2010) Patientenidentifikation – ein Beitrag zur integrierten und prozessorientierten Versorgung. In: Rohner P, Winter R (eds) Patientenidentifikation und Prozessorientierung. Springer, Berlin, pp 1–14
Luftman J (2000) Assessing business-IT alignment maturity. Comm AIS 4(14):1–10
Lux T (2007) Identity Management. In: Gluchowski P, Chamoni P, Gersch M, Krebs S, Reinersmann S (eds) Schlaglichter der Wirtschaftsinformatik. GUC, Chemnitz, pp 33–46
Mackinnon P (2007) Large-scale identity Management. In: Birch D (ed) Digital identity management – technological, business and social implications. Gower, Aldershot, pp 103–112
Mauro C, Leimeister JM, Sunyaev A, Krcmar H (2008) Zentrale Verwaltung von Gesundheitskarten im stationären Krankenhausumfeld – Das IQ-Medi-LOG-Produkt als Alternative zu gematik-Konzepten. Wirtschaftsinformatik 6(6):489–499
Mentges G (2006) Vom Prinzip Zufall zum geordneten Patientenpfad. In: Debatin JF, Goyen M, Schmitz C (eds) Zukunft Krankenhaus. ABW, Berlin, pp 100–124
Mettler T, Fitterer R, Rohner P (2007) Strategies for a systematical patient identification. In: Proc of the 2nd European conference on eHealth, GI-edition. Lecture notes in informatics (LNI). Oldenburg, Germany
Mettler T, Rohner P (2009) Management digitaler Identitäten von Health Professionals am Universitätsspital Zürich. In: Winter R (ed) Management von Integrationsprojekten: Konzeptionelle Grundlagen und Fallstudien aus fachlicher und IT-Sicht. Springer, Berlin, pp 123–133
Mezler C (2008) In: Identity Management – Grundlagen, Technik, wirtschaftlicher Nutzen. dpunkt, Heidelberg
Münz JO, Müller L, Behavka P (2008) Integration and management of large heterogeneous healthcare information systems. In: Proc of the CeHR 2007 international conference, Regensburg, Germany
Niemann H, Hasselbring W, Wendt T, Winter A, Meierhofer M (2002) Kopplungsstrategien für Anwendungssysteme im Krankenhaus. Wirtschaftsinformatik 44(5):425–434
Palm J (2009) Prozessoptimierung durch Klinische Pfade – Personal und Patienten profitieren von Leitlinienorientierung. f&w Strategie und Organization 26(5):493–496
Paulk MC et al. (1993) Capability maturity model, Version 1.1. IEEE Software 10(4):18–27
Peffers K, Tuunanen T, Rothenberger M, Chatterjee S (2007) A design science research methodology for information systems research. Journal of Management Information Systems 24(3):45–77
Richter M (2007) Identity Management – Integration der Benutzerverwaltung in einer heterogenen Systemlandschaft. VDM, Saarbrücken
Rotter T, Kinsman L, James E, Machotta A, Gothe H, Willis J, Snow P, Kugler J (2010) Clinical pathways: effects on professional practice, patient outcomes, length of stay and hospital costs. Cochrane Database of Systematic Reviews 2010. Wiley, New York
Royer D, Meints M (2009) Enterprise Identity Management—Towards a Decision Support Framework Based on the Balanced Scorecard Approach. Bus Inf Syst Eng 1(3):245–253
Santana Tapia RG, Daneva M, van Eck PAT, Wieringa RJ (2008) Towards a business-IT alignment maturity model for collaborative networked organizations. In: Proc of the international workshop on enterprise interoperability. Centre for Telematics and Information Technology, Munich, pp 70–81
Satchell C, Shanks G, Howard S, Murphy J (2006) Knowing Me, Knowing You: end user perceptions of identity management systems. In: Proc of the 14th European conference on information Systems, Göteborg, Sweden
Sward D (2006) Measuring the business value of information technology. Intel Press, Hillsboro
Todorov D (2007) Mechanics of user identification and authentication – fundamentals of identity management. Taylor & Francis, Boca Raton
Tsolkas A, Schmidt K (2010) Rollen und Berechtigungskonzepte – Ansätze für das Identity- und Access Management im Unternehmen. Vieweg & Teubner, Wiesbaden
Van Bemmel J, Musen M (2000) Handbook of medical informatics. Springer, New York
Vera A, Kuntz L (2007) Process-based organization design and hospital efficiency. Health Care Management Review 32(1):55–65
Vogd W (2006) Die Organization Krankenhaus im Wandel – Eine dokumentarische Evaluation aus Sicht der ärztlichen Akteure. Hans Huber, Bern
Walston S, Chadwick C (2003) Perceptions and misperceptions of major organizational changes in hospitals: do change efforts fail because of inconsistent organizational perceptions of restructuring and reengineering? International Journal of Public Administration 26(14):1581–1605
Windley PJ (2005) Digital identity. O’Reilly, Sebastopol
Winter R (2003) Modelle, Techniken und Werkzeuge im Business Engineering. In: Österle H, Winter R (eds) Business Engineering: Auf dem Weg zum Unternehmen des Informationszeitalters. Springer, Berlin, pp 87–118
WHO (World Health Organization) (2008) Focus groups on health care experiences. Verfügbar unter http://www.who.int/responsiveness/surveys/Focus-Group-Mod-Guide-final.pdf. Accessed 2009-11-05
Wortmann F, Winter R (2007) Vorgehensmodelle für die rollenbasierte Autorisierung in heterogenen Systemlandschaften. Wirtschaftsinformatik 49(6):439–447
Author information
Authors and Affiliations
Corresponding author
Additional information
Accepted after three revisions by Prof. Dr. Buhl.
This article is also available in German in print and via http://www.wirtschaftsinformatik.de: Rohner P (2012) Identitätsmanagement für Behandelnde in Krankenhäusern. Reifegradmodell und Methode zur Integration von Verantwortungs-, Organisations- und IT-Aspekten. WIRTSCHAFTSINFORMATIK. doi: 10.1007/s11576-012-0346-y.
Rights and permissions
About this article
Cite this article
Rohner, P. Identity Management for Health Professionals. Bus Inf Syst Eng 5, 17–33 (2013). https://doi.org/10.1007/s12599-012-0244-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12599-012-0244-2