Document Type

Book Chapter

Publication Date




Publication Title

HTI Open Access Collection 2020


19 pp.


Electronic patient data use and handling are critical issues in terms of privacy, confidentiality, security, and the Health Insurance Portability and Accountability Act (HIPAA) regulations. The risks associated with electronic patient data are not limited to identity theft but rather include a person’s social, economic, and psychological well-being. However, there have not been many studies that have focused on the associated risk factors that could lead to these situations. This paper identifies those risks related to electronic patient data breaches by means of a grounded theory approach and develops a systemic risk management plan that enables engineering managers and risk managers to more effectively and efficiently overcome risks associated with electronic patient data.

Original Publication Citation

Zahedi, Z., Mahmud, F., & Pinto, C. (2020). Systemic risk management plan for electronic medical records (EMR): Why and how? In HTI Open Access Collection 2020 (19 pp.). IOS Press