University of Kassel
Chair for Information Systems
Wichtige Sicherheitsfragen der Deutschen Gesundheitstelematik sind noch offen. Sie sollten vor der flächendeckenden Einführung der elektronischen Gesundheitskarte in Deutschland unbedingt behoben bzw. verhindert werden.
- by Ali Sunyaev and +1
- •
In this paper, we provide a detailed overview of specific characteristics required to evaluate IS security approaches with regard to their applicability in the healthcare domain. The future of integrated treatment is enabled by e-health... more
In this paper, we provide a detailed overview of specific characteristics required to evaluate IS security approaches with regard to their applicability in the healthcare domain. The future of integrated treatment is enabled by e-health solutions that comprise health services and information delivered or enhanced through communication and information technologies. This is based on the communication between medical information systems involving all healthcare stakeholders. Thus, the implementation of e-health requires not only the establishment of IS communication infrastructures and the appropriate reorganization of current processes, but also requires the deployment of adequate security approaches concerning information systems in healthcare. Due to the special requirements that need to be met to ensure the security of personal health information and due to the healthcare processes that directly affect the care and service delivered to the patients, there is a strong need for clear, concise and healthcare specific IS security approach characteristics.
Der Beitrag beschreibt die Single Sign-On Clinic Card-Lösung zur zen- tralen Verwaltung von Gesundheitskarten im Krankenhaus. Ziel dieses Konzeptes ist es, die propagierten Effektivitäts- und Effizienzverbesserungspotenziale, gege- ben... more
Der Beitrag beschreibt die Single Sign-On Clinic Card-Lösung zur zen- tralen Verwaltung von Gesundheitskarten im Krankenhaus. Ziel dieses Konzeptes ist es, die propagierten Effektivitäts- und Effizienzverbesserungspotenziale, gege- ben durch die Einführung der elektronischen Gesundheitskarten, vorteilhafter heben zu können, als es die bisher von der gematik spezifizierten Ansätze zur ge- planten HBA-Integration in Krankenhausprozesse erlauben. Anhand eines kon- zeptionellen Vergleichs kann die Vorteilhaftigkeit des neuen Ansatzes de- monstriert werden. In einem Ausblick werden weitere Anwendungspotenziale für diesen zentralen Ansatz zur Verwaltung von Gesundheitskarten dargestellt.
- by Ali Sunyaev and +2
- •
- Single Sign On
The electronic health card (EHC) is presently being introduced in Germany, however in a much slower pace than originally anticipated and planned. For an evaluation of the applications of EHC a doctors practice of a dentist was chosen as... more
The electronic health card (EHC) is presently being introduced in Germany, however in a much slower pace than originally anticipated and planned. For an evaluation of the applications of EHC a doctors practice of a dentist was chosen as reference practice. To analyze the direct effect of the EHC, a process analysis was made of the actual and future EHC processes. For exploring potential user acceptance a patient survey including 49 patients was conducted. The benefits for all involved parties were observable. Based on these analyses, some conclusions are drawn for the improvement of the EHC introduction in Germany.
This paper describes a single sign-on solution for the central management of health care provider’s smart cards in hospitals. The proposed approach which is expected to be an improvement over current methods is made possible through the... more
This paper describes a single sign-on solution for the central management of health care provider’s smart cards in hospitals. The proposed approach which is expected to be an improvement over current methods is made possible through the introduction of a national healthcare telematics infrastructure in Germany where every physician and every patient will automatically be given an electronic health smart card (for patients) and a corresponding health professional card (for health care providers). This introduction will cause changes in many existing health care administrative processes. The example process of writing a discharge letter is used in the paper to compare two existing approaches for integrating the new smart cards to the proposed single sign-on approach. Based on the findings we support a centralized single sign-on card management approach which allows us to exploit possible process improvements now and in the future. In closing we outline further application potentials of the described approach for management of smart cards in health care and, in particular, in hospitals.
The role of security management in the development and operation of information systems has a long tradition of research in computer science, information systems and management science. Integrating the economic, organizational, and... more
The role of security management in the development and operation of information systems has a long tradition of research in computer science, information systems and management science. Integrating the economic, organizational, and technical aspects of information systems security analysis and assessment requires a bridging of these different research streams. We examined major articles published concerning IS security using a new classification scheme for IS security analysis and assessment approaches. We looked at approaches discussed in recent publications as well those examined as in past articles that have attempted to classify various approaches to IS security. This paper therefore organizes a diverse collection of literature into a cohesive whole with the aim of providing IS management with an overview of current security analysis approaches, thereby offering management an effective aide for selecting the methods best suited to their needs. Furthermore, this work structures IS security research into a classification scheme that can also be used in future research and practice.
The objective of this paper is an analysis of security issues of the forthcoming German healthcare telematics infrastructure. The current analysis reevaluates results from a former security analysis conducted in 2007/08 and introduces new... more
The objective of this paper is an analysis of security issues of the forthcoming German healthcare telematics infrastructure. The current analysis reevaluates results from a former security analysis conducted in 2007/08 and introduces new results based on the updated specification documents of the German healthcare telematics. As a result, basics for further security analysis activities are given and corresponding security measures to overcome the identified vulnerabilities are derived. Due to the transferability of the healthcare telematics security concept, which is currently applied in Germany, the achieved results might be helpful for worldwide healthcare telematics projects in the future.
- by Ali Sunyaev and +1
- •
- Security Analysis
Ausgehend von der Analyse der Spezifika im Gesundheitswesen wird das Ziel der integrierten Versorgung identifiziert und erläutert. Hiefür sind relevante Informationen nicht nur abteilungs- oder institutionsbezogen, sondern... more
Ausgehend von der Analyse der Spezifika im Gesundheitswesen wird das Ziel der integrierten Versorgung identifiziert und erläutert. Hiefür sind relevante Informationen nicht nur abteilungs- oder institutionsbezogen, sondern patientenorientiert entlang des gesamten Behandlungsprozesses bereitzustellen. Die Darstellung unterschiedlicher Initiativen zur Informationsintegration verdeutlicht, dass keiner der untersuchten Ansätze die wesentlichen Integrationsanforderungen vollständig erfüllt. Als Lösung wird ein agentenbasiertes Vorgehen vorgeschlagen und anhand einer prototypischen Implementierung beschrieben. Abschließend werden die Ergebnisse bewertet und zentrale Themenstellungen für die Forschung im eHealth-Umfeld im Allgemeinen und für Software-Agenten im Besonderen aufgezeigt.
- by Ali Sunyaev and +1
- •
Gamification has taken the world by storm. Regardless of where one stands on gamification, it can aptly be described as interesting but also galvanising and controversial. We are pleased to write a provocative editorial to kick off this... more
Gamification has taken the world by storm. Regardless of where one stands on gamification, it can aptly be described as interesting but also galvanising and controversial. We are pleased to write a provocative editorial to kick off this special issue on gamification in the European Journal of Information Systems. Our position is that the information systems (IS) discipline has the opportunity to play an outsized role in navigating the discourse of gamification—an increasingly influential, interdisciplinary discourse in research and practice. We assert that active engagement in the gamification discourse is a compelling IS research opportunity, given the growing, globalised platform-based economy. Consequently, we frame our editorial with the knowledge we have gained as IS researchers who engage in gamification research in an effort to share what we have learned about artefacts and original theorisation with both IS and gamification scholars. We do so by proposing a pragmatic path forward for gamification and IS researchers who wish to contribute to these related discourses, both individually and in the form of the combined IS–gamification discourse. We propose a framework of three practices that we are confident can more systematically generate the key theoretical artefacts needed to generate native theory in the IS–gamification discourse and hence to improve the associated research and practice. Foundational to this framework is our paradigm, which advocates active engagement with IS–gamification research and practice, as bridged by a strong focus on design thinking and generating artefacts that are foundational to theory generation.
Despite the increasing importance of digitization for economy and society, there is few structuring of the very heterogenous kinds of digital work. Representatives from business, politics and science need a basis for the development of... more
Despite the increasing importance of digitization for economy and society, there is few structuring of the very heterogenous kinds of digital work. Representatives from business, politics and science need a basis for the development of strategies to encounter the challenges that result from this digitization. We aim at delivering a contribution to that basis by systematically investigating what different types of digital work exist and by developing a taxonomy. As a first important step towards this goal, we investigate in this paper what digital work tools exist since such tools are a major constituent element of digital work. Using a hybrid approach including both a deductive conceptual-to-empirical and an inductive empirical-to-conceptual procedure, we create an artifact that gives business leaders an overview of existing digital work tools as a basis for strategic decisions and at the same time provides researchers with stimuli for future investigations in the dynamic domain of ...
- by Mahei Li
- •
Fur Bottom-up initiierte Software existieren nicht ausreichend Support-Strukturen, da traditionelle Support-Strukturen, zum Beispiel Trainings oder online-Portale, oftmals das notige Domanenwissen der Organisation nicht mitbringen. Fur... more
Fur Bottom-up initiierte Software existieren nicht ausreichend Support-Strukturen, da traditionelle Support-Strukturen, zum Beispiel Trainings oder online-Portale, oftmals das notige Domanenwissen der Organisation nicht mitbringen. Fur diese Art von Nutzerinnovation schlagen wir ein Crowd-Based Support vor, das zusatzlich zu den traditionellen IT-Support-Strukturen eingefuhrt wird. Ferner stellen wir in diesem Beitrag das begleitende Crowd-Based Support System (CBSS) vor, das die drei grundlegenden Kerndienstleistungen unterstutzt: der Losungssuche, dem Self-Service und dem Erstellen von nutzergenerierter Lernmaterialien. Theoretisch berufen wir uns auf die Interaktionstheorie und diskutieren die Rolle der Lernmaterialienerstellungsdynamik fur das CBSS. Das CBSS ermoglicht den Aufbau von dezentralen Supportstrukturen im Unternehmen, der traditionelle IT-Support wird um wichtige Lernmaterialien bereichert und durch strukturierte Interaktion zwischen den Mitarbeitern unterstutzt. Somi...
Turning IT -investments into organizational benefits is one of the key research objectives for in-formation systems. There is a significant body of knowledge dealing with research on system development and management approaches. However,... more
Turning IT -investments into organizational benefits is one of the key research objectives for in-formation systems. There is a significant body of knowledge dealing with research on system development and management approaches. However, by leveraging crowd mechanisms, we be-lieve that from a service systems perspective, after the rollout (also called shakedown phase) organizations still require active involvement by end-users in order to create IT-impacts and ultimately enhance organizational performance. We follow a design science research approach and suggest integrating user-generated services into an existing service system. Our artifact will hence consist of design requirements and design principles, which we will validate in our future work through two hermeneutic circles, in which users are given the means to identify existing problems and create their own fitting solutions. The focus of this research-in-progress paper lies on identifying design requirements that address the...
- by Mahei Li
- •
A hypergraph-based modeling of businesses bridges the gap between business model innovations and its implementation into enterprise solutions. By formalizing resources, actors, activities (processes) and functions into one model, their... more
A hypergraph-based modeling of businesses bridges the gap between business model innovations and its implementation into enterprise solutions. By formalizing resources, actors, activities (processes) and functions into one model, their relationships are clearly defined, while encompassing both the data and processual structure. A database-based graphical tool supports system analysts and decision makers to structure and analyze their business model and corresponding value proposition. This model can thus be used for future implementations.
- by Mahei Li
- •