Article ID: | iaor20141855 |
Volume: | 57 |
Start Page Number: | 406 |
End Page Number: | 416 |
Publication Date: | Jan 2014 |
Journal: | Decision Support Systems |
Authors: | Bai Xue, Gopal Ram, Zhdanov Dmitry, Nunez Manuel |
Keywords: | decision, decision: rules, management, risk |
This paper addresses two critical challenges faced by healthcare organizations: significant personnel shortages and mandates to safeguard patient safety and information security. We develop a two‐stage decision making methodology to optimize the healthcare workflow task assignments and mitigate information disclosure risks. While the first stage throughput optimization formulation maximizes operational efficiencies, it can expose organizations to information disclosure risks that can be exploited to violate patient safety and information security. To address the ensuing privacy and fraud concerns we define task‐based conflict sets to assess disclosure risks with optimal task assignments. In the second stage of the solution methodology, various security control strategies – task based and employee based – are incorporated into a decision support model to help decision makers to effectively manage and achieve workflow efficiency and meet information security requirements. For practical settings where certain parameters are not obtainable or the problem is computationally intractable, we provide a sequential‐decision approach that could yield approximate partial solutions. We conduct an extensive computational analysis of a clinical workflow process to illustrate the practical benefits of the proposed methodology.