The Health Technology Assessment (HTA) approach

By | Sunday January 15th, 2017

Give the citizen a reliable health data, secure and easy to use is not possible without an overview of all the business processes. These can be standardized and simplified if the critical issues are identified, evaluated and removed. In the conduct of information security governance, healthcare organizations can make use of the methodological approach of Health Technology Assessment (HTA).
HTA is a multidisciplinary methodology that evaluates the real effects of a technology and/or a process across multiple dimensions such as efficacy, security, costs, social and organizational impact. In particular, the HTA analysis conducted on existing technologies and processes may highlight critical situations, such as the core assets that, although widely used, may be outdated and inadequate. The possible disinvestment of obsolete technologies and processes, if conducted according to HTA criteria, improves service to the citizen adhering to privacy regulations. Eliminate obsolete equipment also means removing the difficulties in fulfilling regulatory. Also with regard to the management of health data protection, the HTA multidisciplinary approach is in line with the indications of the General Data Protection Regulation on security of processing.
The exceptions in the standard processing add cost, complexity and redundancy in the system, to the detriment of the proper functioning of healthcare organizations. The proper use of HTA approach provides a tool capable of affecting these sources of inefficiency, waste and risk.
The activities to be performed in the field of data protection are certainly remarkable. Inevitable resistances increase the difficulties, and it’s impossible to innovate whithout resolve them. Most likely, most of the energy must be expended in removing the opposition to technological and organizational change, often related to the existence of technical / operational constraints, but also to insufficient managerial determination.

Category: Impact, Risk and Measures Tags: , , , ,

About Giampaolo Franco

Giampaolo Franco, degree in Computer Science, Certified Information Security Manager (CISM). Dr. Franco has more than 10 years of experience in governance, risk management, and compliance at Azienda Provinciale per i Servizi Sanitari (APSS, the main healthcare provider of the Autonomous Province of Trento). He is involved in several activities at APSS, including business continuity and disaster recovery, risk analysis, privacy compliance, awareness, internal / external audits, incident management, optimization and quality control of IT processes. Previous work experiences include project management, analysis and programming for several financial institutions. He has also been a consultant for the University of Trento, working in a project aimed to define organizational and security aspects related to the introduction of integrated models of digital teaching in school. Dr. Franco continues to pursue research, education and awareness activities related to information security for the Public Administration with remarkable passion and leadership. He is a member of the ISACA VENICE Chapter, Oracle Community for Security and contributor of Europrivacy. In 2016 he's the winner of the European Institute of Innovation & Technology - EIT Digital pre-incubation programme with a project on Art&Technology.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.