The conventional process for selecting and acquiring an Information System (IS) would relate to an analysis of the needs and requirements – essentially the ultimate purpose of the IS – and then a comparison as to the suitability of developing and deploying such a solution using in-house technologies and expertise or whether there is a need to utilize third party hardware and software solutions. Consequently an appraisal and cost benefit analysis of each solution, usually with a minimum of three potential sources would be developed in order to ensure that the organization is achieving the best possible return on its investment, both in the short and long-term.
This process is complicated within healthcare organizations due to the critical nature of ensuring accessibility to data while also ensuring the relevant privacy and security concerns that should be addressed in the storage and transmission of information. The 1996 Health Insurance Portability and Accountability Act created specific standards concerning certain health information with a privacy rule establishing national standards for the protection of health information and a security rule establishing a national set of security standards for protecting health information that is held or transferred in electronic form.
It is important that all elements are considered with regards to how data will be interacted with, both by internal and external users of the information system . As a result each of the below aspects will need to be analyzed in detail:
Once these elements are considered then the process with regards to the overall procurement of the required IS can proceed