Significance and Current Status of Integrated IT GRC in Health Care: An Explorative Study in Swiss Hospitals

Author

Krey, Mike

Author_Institution

Inst. of Bus. Inf. Technol., Zurich Univ. of Appl. Sci., Zurich, Switzerland

fYear

2015

fDate

5-8 Jan. 2015

Firstpage

3002

Lastpage

3012

Abstract

Because the systematic management of assets, systems, and stakeholders are essential to the overall effectiveness of IT in hospitals, hospital IT executives must balance many competing priorities. These endeavours require, in addition to the appropriate utilisation of given IT resources, a far-sighted alignment of IT issues with objectives, and a thorough understanding of uncertainties and legal obligations. This approach to integrated IT governance, IT risk management, and IT compliance (IT GRC) in the hospital Environment is the subject of the work presented here. Given the complexities in both, the hospital environment and the field of IT GRC, the objectives of this works are to systemise the significance of integrated IT GRC for health care to analyse the degree to which the principles of IT GRC are recognised, established, and accepted by CIOs and IT executives of Swiss hospitals, and finally, to draw conclusion on the greatest barriers to overcome.

Keywords

health care; hospitals; information technology; law; risk management; IT compliance; IT governance; IT risk management; Swiss hospitals; health care; information technology; integrated IT GRC; legal obligations; systematic management; Bibliographies; Hospitals; Information technology; Reliability; Risk management; Hospital; IT GRC; Survey; Switzerland;

fLanguage

English

Publisher

ieee

Conference_Titel

System Sciences (HICSS), 2015 48th Hawaii International Conference on

Conference_Location

Kauai, HI

ISSN

1530-1605

Type

conf

DOI

10.1109/HICSS.2015.363

Filename

7070178