MBA619 IT and Business Strategy and Technical Systems

MBA619 IT and Business Strategy and Technical Systems

Task:

In the beginning modules, we talked about how Information Systems literacy requires that we move past just the technical and understand how systems are used by people within organizations. Using the socio-technical view, break down the Eisenmann case into the 3 types – technology issues, people issues, and organizational issues. Provide a synopsis of each issue, along with what possible solutions might be to the issue for the hospital to move forward.
 
The socio-technical system theory is based on the understanding that an organizational system can only undergo success and improved performance, only if both of its technical and social systems are interconnected and coordinated with each other (Ghaffari et al., 2019). As the case study indicates, emergency response plan for organizations operating in the healthcare sector is of utmost importance for enhanced maintenance of their emergency components.  The case of Sunnylake Hospital demonstrates how an absence of social and technical integration can disrupt long term performance, staff teamwork and coordination respectively (Eisenmann et al., 2009). Concerning Sunnylake Hospital, the data security paradigms are extremely vulnerable for cyber-attacks to occur. The same happened with them as the cybercriminals got access to their online medical records and are demanding a hefty ransom to let them free. The scenario of this organization also clearly highlights the influence of social and technical integrations regarding long-term functioning, collaboration within the personnel and more. Depending upon the socio-technical paradigms, the scenario can be assessed with three portions effectively:
Technology Issues: Technology issues comprise of the existing technical systems, processes, artifacts which are used within the organization. The attack, specifically termed a ransomware attack generally took place due to the vulnerability concerns within the IT department of the healthcare institution. One of the first technical issues is that the hospital completely lacked any system to continue with traditional paper-based documentation systems – thus resulting in a complete disruption of services in the event of the security breach. The Electronic Medical Record System (Stuebe et al., 2019), though have several benefits for optimizing its operations, but the implementation lacked perseverance. They entirely were dependent upon the record system and lacked the strategy to encounter such an emergency. They should have implemented a manual process for backing up the records even if the EMR is operational. Incorporating the traditional paper-based paradigms for covering the medical records would have saved them from this consequence. Secondly, the security of the existing IT system was also not evaluated previously thus resulting in a lack of preparedness during the security attack. The organization also lacked a monitoring system for assessing the files and other relevant software. Initiating an extra eye over the employee activities will assist the overall functionalities in mitigating the risks of the unintentional entrance of malware, phishing emails and more. Security-enhancing measures such as the installation of antivirus software and relevant approaches were missing. They need to stay updated and implement these measures as they are dealing with medical records of numerous patients that are confidential. Lastly, the absence of a technical or security system which could have restricted staff actions pertaining to accessing certain websites for unofficial purposes is another technical issue contributing to the security breach (Eisenmann et al., 2009; Huang, Siegel & Madnick, 2018).
 
People Issues: People issues comprise of the human resources within the organization and their behaviors, beliefs, skills, and principles as well as the systems and relationships in place between various departments and staff. Human resource and their attributes are the fundamentals that contribute to the functionalities of the organization. However, they had specific personnel for tackling the IT-related problems but lacked the skills and strategies for encountering a malware attack or a security breach. Moreover, implementing a digitized function requires specific skills by the employees to operate (Sousa & Rocha, 2019). The employees of the organization had no time to come up with the system and the traditional record-keeping system was removed entirely. One of the significant people issues is that the IT staff had Sunnylake did not possess the skills or experience associated with tackling a security breach within the organization. Secondly, while revolutionizing digital healthcare, the usage of traditional paper-based documentation was discontinued thus resulting in a sense of unpreparedness in the hospital staff when electronic monitoring records (EMRs) could no longer be used. The organization provided very little assistance towards the employees in encountering the change, which resulted in a null situation for them in terms of reacting to the security breach. The shortage of communication among the employee and the executives were the primary reasons for the security breach to gain significance as none of them were ready for tackling the situation.  Lastly, prior to administering the digitalization in healthcare services, the management did little to address existing staff resistance towards change – thus resulting in their dissatisfaction and discouragement during the event of the security breach (Eisenmann et al., 2009; Shinde & Kulkarni, 2021).
 
Organizational Issues: With relevance to every healthcare institution (Pears  & Konstantinidis, 2021), cybersecurity and relevant privacy approaches should be the priority since they accumulate many pieces of information from somewhat confidential patients. Organizational issues imply the existing policies and procedures existing for governing the overall system and functioning of a business. With the growing advent of data and technical upgrades, privacy, risk management and emergency response plan are on the checklists of every organization. Precisely, Sunnylake Hospital lacked these entirely throughout its operations. A key issue is the absence of any policy or procedure aimed at informing the staff of the actions they would undertake in the event of an emergency situation such as a security breach. The organization lacked the governance policies and regulations for the employees for any emergency rather than a security breach. An occurrence of panic was initiated among the employees and other executives of the hospital as no specific planning existed in tackling the security breach. Secondly, the organization also did not have any training procedures which could have prepared both new as well as tenured healthcare staff with the actions which they would undertake in the absence of EMRs. Lastly, the organization also did not demonstrate any specific policy, regulation, or code of conduct to penalize staff for undertaken any online action which can threaten the security of the hospital in the future (Eisenmann et al., 2009; Brooks, 2017). The lack of backup systems since potential reliance on the electronic medium is not a good option in this technologically advanced scenario (Alhayani et al., 2021) due to which cyber threats and cyber-attacks are impacting organizations much often.

Read less
QUALITY: 100% ORIGINAL PAPER – NO PLAGIARISM – CUSTOM PAPER
error: Content is protected !!