“Access denied”? Managing access to the World Wide Web within the National Health Service (NHS) in England: technology, risk, culture, policy and practice

Ebenezer, Catherine and Bath, Peter A and Pinfield, Stephen “Access denied”? Managing access to the World Wide Web within the National Health Service (NHS) in England: technology, risk, culture, policy and practice., 2015 . In ISHIMR 2015, York (United Kingdom), 24th-26th June 2015. [Conference poster]

Text ISHIMR-poster-website-blocking-updated.pdf - Other Download (1MB)

English abstract

1. Introduction The research project as a whole examines the factors that bear on the accessibility of online published professional information within the National Health Service (NHS) in England. The poster focuses on one aspect of this, control of access to the World Wide Web within NHS organisations. The overall aim of this study is to investigate the apparent disjunction between stated policy regarding evidence-based practice and professional learning, and actual IT (information technology) strategy, service delivery and security practice at NHS trust level, from both technical and organisational perspectives. The poster discusses the following specific issues: 1) the nature and extent of restrictions on access to the World Wide Web within NHS organisations; 2) the impacts of these on professional information seeking and working practices; 3) the attitudes, presuppositions and practices of information governance, IT, communications and human resources staff which bear on how web security is implemented within NHS trusts, in relation to overall organisational priorities and strategies. 2. Methods The study adopted a qualitative case study method, taking three NHS trusts of different types for its setting. The lead researcher [CE] conducted a total of 40 semi-structured interviews with library and workforce development staff, IT managers, information governance managers, and clinical professionals. Interview findings are set in the context of the trusts’ and other relevant reports, policies, strategies and standards. 3. Results Staff in the teaching hospital trust experienced the greatest number of obstacles to information seeking caused by the blocking of legitimate websites (‘false positives’). This affected the work of clinical educators in particular. All the trusts heavily restricted staff access to and use of popular social media applications and platforms. Such restrictions appeared to relate primarily to perceptions of risk in respect of breaches of confidentiality or privacy. Much decision-making in relation to information security issues seemed to be tacit. IT security managers reported not having the time to evaluate the effectiveness or impact of the web security devices they deploy on NHS networks. They were likely to accept the default configurations and categorisations of content offered by the suppliers. The focus of their attention appeared to be on the potential security risks posed by ‘recreational’/non-work use of the web. 4. Conclusions Little attention has been paid within the NHS information systems community to the issue of access to legitimate published information. The focus is heavily on the secure and appropriate management of clinical records and systems. Community-based staff appeared to be more likely (than their hospital-based colleagues) to be significantly disadvantaged by restrictive access control policies. These arise from the nature of their workplaces outside NHS networks, i.e., in local authority or general practice premises. Information-seeking does not feature within professional cultures as an aspect of clinical or professional autonomy: there appears to be no parallel with academic freedom. There is little or no strategic engagement between NHS IT and research dissemination or e-learning initiatives, either nationally or locally.

Item type:	Conference poster
Keywords:	Information behaviour, information security, National Health Service, organisational culture, web filtering
Subjects:	B. Information use and sociology of information > BZ. None of these, but in this section. H. Information sources, supports, channels. > HZ. None of these, but in this section. L. Information technology and library technology > LC. Internet, including WWW.
Depositing user:	Ms Catherine Ebenezer
Date deposited:	15 Jul 2015 12:10
Last modified:	15 Jul 2015 12:10
URI:	http://hdl.handle.net/10760/25425

References

Blenkinsopp J. Bookmarks: web blocking – giving Big Brother a run for his

money. He@lth Information on the Internet 2008; 62: 10-11.

Donaldson A, Walker P. Information governance--a view from the NHS.

Int J Med Inform 2004; 73(3): 281–4.

Kolkowska E. Security subcultures in an organization – exploring value I Nconflicts. In ECIS 2011 Proceedings, paper 237. LIhttp://aisel.aisnet.org/ecis2011/237

Provos N, Rajab M A, Mavromattis P. Cybercrime 2.0: when the cloud turns LIdark. ACM Queue 2009; 18: 46–53.

Technical Design Authority Group. TDAG survey of access to electronic LIresources in healthcare libraries. London: TDAG, 2009

Downloads

Actions (login required)

View Item