Detalhes bibliográficos
Ano de defesa: |
2016 |
Autor(a) principal: |
Furlanetto, Tiago Murer
 |
Orientador(a): |
Luciano, Edimara Mezzomo
 |
Banca de defesa: |
Não Informado pela instituição |
Tipo de documento: |
Dissertação
|
Tipo de acesso: |
Acesso aberto |
Idioma: |
por |
Instituição de defesa: |
Pontifícia Universidade Católica do Rio Grande do Sul
|
Programa de Pós-Graduação: |
Programa de Pós-Graduação em Administração e Negócios
|
Departamento: |
Faculdade de Administração, Contabilidade e Economia
|
País: |
Brasil
|
Palavras-chave em Português: |
|
Área do conhecimento CNPq: |
|
Link de acesso: |
http://tede2.pucrs.br/tede2/handle/tede/6781
|
Resumo: |
The organizations' information are always important, they can be the basis for decision-making, related to customers' confidential information or information to a simple request to a supplier about the correct amount of products needed for its operation. Thus, to protect this information becomes a necessity for all organizations, regardless of size or area of operation. But while organizations need to invest to protect their information, they are constantly charged by their financial performance, having to seek better results with revenue growth and cost reduction. Searching for these better results, organizations improved their relationships with partners’ organizations in supply chains. Healthcare Supply Chain is one of the chains that have received attention, both by the need for improvements in their performance and in the Information Security issues, since they are dealing with very sensitive patient information. So, the research objective seeks to analyze the practices on Information Security in order to protect critical organizational information that is part of the Healthcare Supply Chain. To achieve this goal, there were 11 semi-structured interviews with professionals of Administration and Information Technology areas from 10 different organizations participating in the Healthcare Supply Chain, including Laboratories, Clinics, Hospitals and Healthcare Plans in Southern Brazil. The interview script was developed after a literature review, which resulted in four dimensions and 14 variables that help getting information needed to achieve the goal. For the analysis of the data obtained from the interviews, was used the content analysis technique and categorical data analysis for each dimension and variables identifying the categories as they were presenting themselves in the interview transcription. Among the finding results were the knowledge of the critical information, mostly related to the patients and its internal process related to their suppliers, which did not repeated outside the organization’s boundaries. The research presented that the organizations surveyed do not work integrated and collaboratively within the supply chain, they can't see the other organizations in the supply chain as partners so that they can help each other to achieve better results, so they don’t share information nor activities. Furthermore, they have no metrics to control the impacts of possible attacks to their information in order to plan, invest and mitigate preventively the occurrence of these attacks accordingly to the value of the information to be protected. The organizations perform investments to mitigate issues, both in systems and human, but the investment is done in a generic way to all organization disregarding the importance of the information to their operations. This work can be seen as a warning to organizations of healthcare area, to the Information Security and the possible financial impact to the organizations and the supply chain of which they are part. |