Degree Name

Doctor of Philosophy (PhD)


School of Information Technology and Computer Science - Faculty of Informatics


Patient safety and Medical errors are of growing concern in the health care industry. Some errors are caused by preventable adverse events; identifying potential errors and preventing them would mitigate risk and hence enhance the safety. Electronic health records (EHRs) are an inherent part of the healthcare systems and thus it is imperative that errors do not originate from EHRs. A thorough literature review indicated that no risk assessment methods currently exist for EHR systems. Project management risk and system security risk assessments do exist but not risk assessment of threats to safety. Accordingly, this research aims to develop a framework for the safety and dependability of EHRs, in order to analyse the risks associated with electronic health record systems. This research has identified a relationship of dependability and data quality of EHRs and attributes for the safety assessment of EHRs. The research involved (i) developing a theoretical basis of safety, based on dependability and data quality, (ii) defining the safety attributes of EHRs, (iii) identifying the risk assessment method applicable to EHRs, and (iv) conducting case studies of EHRs in different healthcare settings. A thorough understanding of EHRs is important to identify safety attributes of EHRs. Therefore, different EHRs, EHR systems around the world � their purposes, functionalities and information management - are all explored. This study investigated different available risk assessment methods and analysed them against different case scenarios to determine the appropriate risk assessment method for EHRs. After careful consideration, Failure Mode Effect Analysis (FMEA) was identified as an appropriate method for EHRs risk assessment. The idea and concept of risk assessment of EHRs were investigated by empirical studies on (i) the Community Health Information Management Enterprise (CHIME), Illawarra Area Health Service, and (ii) Maternal and Infant Network (MINET) database, South Western Sydney Area Health Service. Results from the case studies indicated that safety attributes identified from this research are appropriate for EHRs and that FMEA is indeed a suitable risk assessment method for EHRs. This study has verified by case studies that data availability, reliability and security are all important for safety. Potential systems risks- such as patient misidentification, security breaches due to initial password, and incorrect linkage of data were identified from this research and notified to the appropriate personnel such as system administrators and health care providers. Improvements to the systems in question have been achieved through modifications based on the results uncovered from these case studies. It can be concluded that the safety attributes identified from this research are essential for the safety of EHRs. It was also discovered that system quality is just as important, and therefore should be included in any safety assessment of electronic health record systems. It was further found that the safety cultures of organisations and healthcare providers are important in conducting risk assessment of EHRs.

02Whole.pdf (605 kB)