How the General Data Protection Regulation affects Health Information System innovation : An explorative study of General Data Protection Regulation challenges and benefits for Health Information System innovation initiatives
MetadataShow full item record
Original versionChristensen, F. & Næss, P. S. (2020) How the General Data Protection Regulation affects Health Information System innovation : An explorative study of General Data Protection Regulation challenges and benefits for Health Information System innovation initiatives (Master's thesis). University of Agder, Kristiansand.
Thereisa growing demand for health information systems (HIS)innovation to address the challenges of delivering better quality and more efficient healthcare. Atthe same time, innovations must adhere to increasingly strictprivacy regulations especially related to personal health data.While prior research has indicated that privacy regulation can have both constraining and stimulating effects on innovation in general, there is a knowledge gap on how privacy regulation affects HIS innovation specifically. In this master thesis, westudy the effects the General Data Protection Regulation (GDPR)haveon HIS innovation, and the responses of the health sector and HIS providers. To this aim, we conducteda qualitative explorative study with semi-structured interviews in the Norwegian healthcare sector including both healthcare service providers and HIS suppliers.Our results show that while there is an emphasis on innovatingwith regulation-compliant HIS amongst the market actors, there aredifferent interpretations ofthe regulation and different levels of regulation enforcement, affecting cooperation, trust and innovation adoption forHIS initiatives. We furthermore identify that the GDPR is experienced as complicated and not technology-specific when it comes to emerging technologies within healthcare, such as public cloud solutions implemented in Norway for HIS and artificial intelligence and machine learning solutions. This negatively affects HIS innovation building upon these technology paths. We arguethat raising the knowledge on GDPR, aligning regulation interpretation and introducing standardscan strengthen HIS innovation and aid HIS suppliers to build trust with the healthcare providers. Future longitudinalresearch is needed toinvestigate the effects of GDPR on HIS innovation in the long-term, as well as how standardisation of privacy regulation canaffect HIS innovation.
Master's thesis in Information systems (IS501)