ISMS and privacy challenges related to PeHS : A Qualitative study / Utmaningar kring informationssäkerhetsarbete och dataskydd relaterat till invånartjänster

Mannebäck, Emelie

January 2022

The future of healthcare is increasingly digital, which includes a shift towards more personalised services that allow for more patient-centred and transparent patient care. These services are defined as PeHS and although there are great potential benefits of these services, there are also challenges regarding infor[1]mation security and privacy related to providing this type of services. This thesis project aims to examine the state of ISMS related to PeHS, which would also involve an examination of considerations taken regarding privacy in PeHS. The data collection methods for this thesis project were a systematic literature review and qualitative interviews.In total 18,667 publications published between 2017 and 2022 were found during the database searches. When the selection criteria had been applied 17 publications from the search process and 1 publication from the backward snowball process were accepted. The accepted publications were analysed by applying thematic analysis. Furthermore, two interviews with three participants were conducted after the literature review had been completed. The interview material was analysed by applying the analysis method of qualitative content analysis. The results showed that there are several challenges regarding ISMS and privacy related to PeHS. For example, there is a lack of knowledge within the organisations on why they should be applying the methods and tools available to ensure the security of the information flow through the healthcare services. Another example is the challenge of keeping up with the pace of digitalisation and adjust the ISMS to ensure sufficient information security of the services.

ISMS

privacy

Personal eHealth Services

PeHS

Information Systems, Social aspects