sponsors
Ethnography of Computer Security Evasions in Healthcare Settings: Circumvention as the Norm
Jim Blythe, University of Southern California; Ross Koppel, University of Pennsylvania; Vijay Kothari and Sean Smith, Dartmouth College
Healthcare professionals have unique motivations, goals, perceptions, training, tensions, and behaviors, which guide workflow and often lead to unprecedented workarounds that weaken the efficacy of security policies and mechanisms. Identifying and understanding these factors that contribute to circumvention, as well as the acts of circumvention themselves, is key to designing, implementing, and maintaining security subsystems that achieve security goals in healthcare settings. To this end, we present our research on workarounds to computer security in healthcare settings without compromising the fundamental health goals. We argue and demonstrate that understanding workarounds to computer security, especially in medical settings, requires not only analyses of computer rules and processes, but also interviews and observations with users and security personnel. In addition, we discuss the value of shadowing clinicians and conducting focus groups with them to understand their motivations and tradeoffs for circumvention. Ethnographic investigation of workflow is paramount to achieving security objectives.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
Presentation Video
Presentation Audio
author = {Jim Blythe and Ross Koppel and Vijay Kothari and Sean Smith},
title = {Ethnography of Computer Security Evasions in Healthcare Settings: Circumvention as the Norm},
year = {2014},
address = {San Diego, CA},
publisher = {{USENIX} Association},
}
connect with us