Professional Culture, Information Security, and Healthcare Quality

Electronic information systems in healthcare imply new demands on the care professionals, not least concerning upholding the information security. The aim of this study was to illuminate and describe how physicians and nurses in healthcare reason in relation to the value conflicts that may arise in their daily work when using electronic information systems. In this way, we wished to illuminate how social norms and the caregivers’ professional values influence information security specifically, and the quality of care in general.

The research questions were:

  • How do the care professionals reason concerning the resolution of value conflicts in their daily work, involving the use of electronic information systems?
  • Which elements of the professional cultures may be illuminated by the care professionals’ reasoning regarding how they handle such value conflicts?
  • How do the above aspects influence information security and quality of care?

The study was based on individual interviews in two phases. In the first phase, we interviewed care professionals, managers and staff who all had some type of responsibility for the implementation of electronic information systems in their care organization. The aim of these interviews was to capture and describe relevant value conflicts in the use of electronic information systems. In phase two, we used vignettes that illustrated situations in the professionals’ work, where such value conflicts were manifest. Fourteen physicians and nurses within different medical specialties in two Swedish regions were asked to describe how they would act in a similar situation, and explicate what spoke in favor of this way of acting and what spoke against. The responses were analyzed using a Grounded Theory methodology.

The results indicated that the care professionals are often required to evaluate and act in complex situations, requiring fine-tuned adjustments and judgements. Compliance to the information security rules, which aim to secure high quality of care and patient integrity, may be in conflict with other professional values and needs that are essential to secure quality of care, patient safety, efficiency and cooperation. The care professionals handled these value conflicts in a manner that maintained an overarching professional cultural basic assumption. This assumption was that the ultimate aim of healthcare is to secure the physical health and well-being of the patient. In daily value conflicts, professional needs and values, including those underpinning the information security rules, were weighted dynamically in the professionals’ decision to act, taking into account also an array of situation specific factors. These situational factors concerned for example the patient’s needs, the competence and trustworthiness of other staff involved, and the professional’s own competence. They also took into account the legitimacy of the information security rule that may be violated, and the risks to themselves if breaching this rule.

These results indicate a need for future research on, for one, how electronic information systems and rules may be better designed, but also on how the healthcare organization and management may be developed to minimize the occurrence of value conflicts, and to support the healthcare professionals in handling such conflicts.

GU and HV. ( 2013) Kvalitativ delstudie: SECURIT– vård

Pousette A. (2014) (working paper) Bortfallsanalys SECURIT-piloten.

Törner M. (2017) Inledning och förklaring av några centrala begrepp. I Hallberg J, Johansson P, Karlsson F, Lundberg F, Lundgren B, Törner M: Informationssäkerhet och organisationskultur. Studentlitteratur, Lund.

Pousette A, Törner M. (2017) Kunskap om informationssäkerhetsklimat ger verktyg för förändring. I Hallberg J, Johansson P, Karlsson F, Lundberg F, Lundgren B, Törner M: Informationssäkerhet och organisationskultur. Studentlitteratur, Lund.

Törner M, Skyvell-Nilsson M, Pousette A. (2017) Värdekonflikter och problemlösning i sjukvårdens informationshantering. I Hallberg J, Johansson P, Karlsson F, Lundberg F, Lundgren B, Törner M: Informationssäkerhet och organisationskultur. Studentlitteratur, Lund.

Törner M. (2017) Regler, regelföljande och informationssäkerhet. I Hallberg J, Johansson P, Karlsson F, Lundberg F, Lundgren B, Törner M: Informationssäkerhet och organisationskultur. Studentlitteratur, Lund.