| Information technology has become increasingly necessary for competition in the 21st century. The medical industry has taken on a more comprehensive approach by creating and adopting different types of electronic medical records (EMR). Laws and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) or the Meaningful Use regulation have divided the adoption or implementation of EMR into stages with given deadlines for compliance. A qualitative phenomenological research study was used to investigate the lived experiences and personal beliefs and perceptions of private practicing physicians concerning the adoption of EMR in consideration of information assurance and security. The information assurance and security concerns with a specific focus on confidentiality, integrity, and availability. The research included phone interviews with private practice physicians that were geographically dispersed and covered different medical fields. The themes that emerged in the process of analyzing the data showed that similar experiences had been reported across the field of medicine practiced, the age of the participants, and the geographic locations of the various practices. The nine themes that emerged were ease of use, perceived usefulness, compatibility, peer influence, hospital/medical insurance influence, patient influence, self-efficacy, resource facilitating, and technology facilitating. The implications derived from the results included the reluctance of EMR adoption or implementation because of cost, the weakening of influence on EMR adoption requirements from physicians in private practice, an increase in managed healthcare, and the loss of control concerning a patient's record. Also, the implications for the IT industry require a further look into protecting the security triad (confidentiality, integrity, availability) of the EMR. Protection methods vary from implementing technologies related to biometric authentication, two-factor authentication, and encryption. |
