In recent years healthcare industry has been rapidly changing towards digital solutions and migrating from paper-based systems to electronic health records (EHR) systems. Digitalisation within healthcare and EHR systems has brought many improvements in healthcare. However, digitalisation has also brought a lot of challenges and security risks. In 2017, the Region of Västra Götaland in Sweden decided to reorganise healthcare with an integrated healthcare record system, Millennium. As a result, patient information will be managed and communicated between various healthcare actors and organisations. Therefore, it is crucial to investigate the security challenges and opportunities with integrated patient record systems. To get insight into the security challenges and opportunities of an integrated patient record system, the following research question was formulated for the study: What information security challenges and opportunities are there with an integrated electronic health record system on a regional level?
To answer the research question and achieve the purpose of the study, a qualitative method with semi-structured interviews as a collection technique was chosen. The interviews were conducted with people responsible for the implementation of Millennium, a program owner, and a Data Protection Officer. As a result, the empirical data identified new opportunities and challenges. The conclusion drawn from the result is several security challenges and opportunities within integrated EHR. For example, some identified opportunities are easy to access medical data, equal healthcare, and improved healthcare patient safety. Finally, some identified challenges are a compromise of confidentiality, integrity, availability, and security breaches like hacking and unauthorised access.