Health Information Systems Threats Management

The use of information systems has transformed the quality of care available to many patients. The Electronic Medical Record (EMR) is used in hospitals to document the nature of medical support and patient outcomes. EMRs make it easier for physicians to understand the health needs of their patients and deliver evidence-based care (Fichman, Kohli, & Krishnan, 2011). However, the use of health information systems (HI) can result in numerous security challenges. The existence of system threats explains why adequate measures should be considered in order to address patients’ health needs.

System Threats

The targeted healthcare facility uses several HI systems to support the health needs of the targeted patients. The EMR system in the hospital monitors the approaches used to deliver adequate patient care. Unfortunately, the system encounters a number of threats. Such challenges affect the effectiveness of the healthcare delivery process (Aghazadeh, Aliyev, & Ebrahimnezhad, 2012). The first threat was observed when the institution was converting its paper-based data to electronic health records (EHRs). Some of the files were not captured correctly. Consequently, the hospital encountered numerous challenges while trying to implement and use the new EMR system.

The second threat is lack of privacy. The current system used in the hospital relies on the use of passwords to safeguard the information of the patients. Sometimes the users fail to safeguard their passwords. Consequently, some people have been able to access confidential information. The third threat facing the system is the issue of hacking. This is the case because cybercrime remains a critical challenge in the world today (Fichman et al., 2011).

The fourth security concern is vandalism. The effectiveness of the healthcare delivery model in the institution depends on the security of the EMR system. The destruction of hardware equipment will affect the hospital’s performance. Fire outbreaks pose a major threat to this system (Aghazadeh et al., 2012). A powerful strategy is therefore needed to protect the system.

The sixth threat arises from the skills of the system managers and users. Ineffective skills can affect the performance of the system. Some files might be duplicated or copied inappropriately. The process is known to affect the decisions made to address the needs of the targeted patients. The seventh threat arises from system shutdown (Grandia, 2015). When the system fails, the institution might not deliver quality patient support.

Information System Policies for Threat Management

In order to manage the EMR system and minimize threats, the hospital collaborates with a Records Management (RM) firm. The consultants from the company use their competencies to ensure the system operates optimally. The experts educate, guide, and address the concerns raised by the users of the EMR system (Noraziani et al., 2013). The individuals monitor the system frequently.

Caregivers and nurses are trained in order to use the system effectively. The acquired skills make it easier for them to address the issues affecting the system. Verification procedures are executed frequently to test the system (Grandia, 2015). This threat management strategy can be used to safeguard the physical aspects of the system from theft or vandalism.

The use of software applications such as anti-viruses is taken seriously at the hospital. The users are required to change their passwords frequently. Technologists in the hospital are required manage threats and improve the effectiveness of the EMR system (Fichman et al., 2011).

However, it is agreeable that the policy measures used in the organization are ineffective. Sometimes the EMR system fails to function optimally. This occurrence affects the healthcare delivery models in the hospital. Cybercrime is a major problem affecting many IT systems. Poor utilization or implementation of the EMR system might affect its effectiveness (Noraziani et al., 2013). These problem areas should be analyzed to support the sustainability of the EMR system.

Evidence-Based Solutions to the Above Threats

The first threat arises from the conversion of paper-based to electronic files. This threat should be addressed through continuous verification. The second one is privacy and should be tackled using strong passwords. Specific individuals can be hired to manage the passwords. Anti-viruses and firewalls should be used prevent the problem of cybercrime. The fourth threat arises from vandalism (Wang, 2015). Physical security measures should be used to ensure the computers and cables are protected from thieves.

Fire fighting skills and resources should be used in the hospital. This approach will minimize the threats of fire outbreaks. The sixth threat arises from the absence of adequate skills. The system managers should be equipped with the best skills and competencies. This move will make it easier for the leaders to address the unique challenges affecting the system. Finally, a proper maintenance is needed to support the entire system (Noraziani et al., 2013). Software applications will also be updated frequently.


This exercise has equipped me with powerful insights regarding the issue of systems security. The implementation and use of powerful information systems can support patients’ health needs. Issues such as cybercrime, physical threats, and inadequate utilization threaten the effectiveness of different systems such as the EMR system. I have also understood why administrative controls should be used to update procedures, terms of use, and security training processes (Tsai, 2010). In conclusion, the security threats affecting such systems should be addressed in a timely manner.


Aghazadeh, S., Aliyev, A., & Ebrahimnezhad, M. (2012). Review the role of hospital information systems in medical services development. International Journal of Computer Theory and Engineering, 6(4), 866-870.

Fichman, R., Kohli, R., & Krishnan, R. (2011). The role of information systems in healthcare: Current research and future trends. Information Systems Research, 22(3), 419-428.

Grandia, L. (2015). Healthcare information systems: A look at the past, present, and future. Web.

Noraziani, K., Ain, A., Azhim, M., Eslami, S., Drak, B., Ezat, S.,…Akma, A. (2013). An overview of electronic medical record implementation in healthcare system: Lesson to learn. World Applied Sciences Journal, 25(2), 323-332.

Tsai, F. (2010). Security issues in e-healthcare. Journal of Medical and Biological Engineering, 30(4), 209-214.

Wang, C. (2015). Security and privacy of personal health record, electronic medical record and health information. Problems and Perspectives in Management, 13(4), 19-26.