International Journal of Information Management 43 (2018) 146–158

Contents lists available at ScienceDirect

International Journal of Information Management

journal homepage: www.elsevier.com/locate/ijinfomgt

Review

Cloud computing-enabled healthcare opportunities, issues, and applications: T

A systematic review
⁎
Omar Alia, Anup Shresthaa, , Jeffrey Soara, Samuel Fosso Wambab
a
University of Southern Queensland, West Street, Toowoomba, Queensland 4350 Australia
b
Toulouse Business School, Department of Information, Operations and Management Sciences, Toulouse France

A R T I C LE I N FO A B S T R A C T

Keywords: Cloud computing offers an innovative method of delivering IT services efficiently. Extant literature suggests that
Cloud computing cloud technology can enhance the level of services in various industries, including healthcare services. As with
Healthcare services any technological innovation, cloud computing should be rigorously evaluated before its widespread adoption.
Systematic review This research study presents a systematic review of scholarly articles of cloud computing in the healthcare sector.
Classification framework
We considered 316 articles and filtered down to 88 articles to present a classification framework that has three
dimensions: cloud computing-enabled healthcare opportunities, issues, and applications. Implications to future
research and practice are highlighted in the areas of value-added healthcare services towards medical decision-
making, data security & privacy obligations of cloud service providers, health monitoring features and in-
novative IT service delivery models using cloud computing.

1. Introduction computing: (1) powerful computing resources are accessible on de-

The healthcare sector is facing challenges that include financial
pressures, management of multiple stakeholders for services delivery,
and ageing populations (Kaur & Chana, 2014). Greater use of in-
formation and communications technology (ICT) can support in
meeting these challenges for the healthcare sector (Fichman, Kohli, &
Krishnan, 2011). Developments in ICT alongside the necessity to make
healthcare provision more efficient have led to growing health ICT
applications (Shiferaw & Zolfo, 2012). ICT has been used to support
healthcare to provide better access to patient records (Lu, Xiao, Sears, &
Jacko, 2005; Venkatesh, Rai, Sykes, & Aljafari, 2016) and for decision
making. There is further potential for ICT to help the healthcare sector
to reduce costs and improve service outcomes (Fichman et al., 2011;
Venkatesh et al., 2016; Romanow, Cho, & Straub, 2012).
Cloud computing promotes IT services that are available at all times
and from all locations (Ali, Soar, & Shrestha, 2018; Mell & Grance,
2010). It is a new mechanism of delivering computing resources, not a
new technology (Dwivedi & Mustafee, 2010; Senyo, Addae, & Boateng,
2018). Microsoft Office 365 and Google Docs are examples of non-
medical platforms in the cloud whereas Microsoft HealthVault and
Google Health platform are examples of applications in medical services
(Spil & Klein, 2014). There are three significant improvements offered
by the cloud computing model in comparison with conventional
mand, (2) service provision without any requirement of up-front com-
mitment by customers, and (3) availability for short-term use (Armbrust
et al., 2010; Bayramusta & Nasir, 2016). The cloud model has impacted
many industries and it is projected that almost 80% of today’s existing
companies will have adopted cloud computing by 2020 (Kuttikrishnan,
2011). Furthermore, cloud computing can be adopted by organizations
that lack resources and infrastructure to set up on-premises applications
(Ahuja, Mani, & Zambrano, 2012).
Research conducted by Rosenthal et al. (2010); Ozdemir, Barron,
and Bandyopadhyay, (2011) and Zhao, Ni, and Zhou, (2017) suggested
that medical informatics communities can embrace the advantages of
this new cloud model for data sharing and applications. Medical data
administration and analysis are expensive and there is a lack of relevant
application solutions (Harsha, Pussewalage, & Oleshchuk, 2016; Sultan,
2014a). Cloud computing may have the potential to overcome these
issues (Agarwal, Gao, DesRoches, & Jha, 2010; Anderson et al., 2007;
Kochan, Nowicki, Sauser, & Randall, 2018; Memon, Owen, Sanchez-
Graillet, Upton, & Harrison, 2010).
Cloud-based applications can offer solutions to current problems
within healthcare (Griebel et al., 2015; Harsha et al., 2016; Kuo, 2011).
However, despite the anticipated benefits, the rate of adoption and
effective use of cloud computing within the healthcare sector remains
significantly low (Bannerman, 2010; Rosenthal et al., 2010). The

⁎
Corresponding author at: School of Management & Enterprise, University of Southern Queensland, West Street, Toowoomba, Queensland 4350 Australia.
E-mail addresses: omar.ali@usq.edu.au (O. Ali), anup.shrestha@usq.edu.au (A. Shrestha), soar@usq.edu.au (J. Soar),
s.fosso-wamba@tbs-education.fr (S.F. Wamba).

https://doi.org/10.1016/j.ijinfomgt.2018.07.009
Received 13 April 2018; Received in revised form 19 July 2018; Accepted 19 July 2018
0268-4012/ Crown Copyright © 2018 Published by Elsevier Ltd. All rights reserved.
O. Ali et al.
Fig. 1. The current adoption of cloud computing (The Economist Intelligence
Unit, 2015).
highest adoption of cloud computing is within the retail industry at
57%, whereas the healthcare sector has been reported with 31%
adoption (The Economist Intelligence Unit, 2015). Fig. 1 portrays
adoption of cloud adoption across key industry sectors.
The main objective of this research study is to evaluate the extant
literature on the adoption and use of cloud computing in the healthcare
sector that have been published in IS and healthcare journals with the
aim of highlighting the contributions from current research and dis-
cussing future research directions.
An overview on the current cloud adoption in the healthcare sector
is presented next. This is followed by the research methodology ex-
plaining our systematic review mapping process and presenting re-
search results based on a classification framework. This is followed by a
discussion of current literature in terms of opportunities, issues and
applications of cloud computing for the healthcare industry. Finally,
implications to future research and practice are highlighted.
2. Adoption of cloud computing in the healthcare sector
Cloud computing is altering healthcare IT, particularly within the
Electronic Health Records (EHRs) domain (Chatman, 2010; Kuo, 2011).
Cost minimization in IT investments can have subsequent benefits to-
wards better healthcare services (Lian, Yen, & Wang, 2014; Lisa, 2011;
Ramachandran, 2016). Strukhoff, O’Gara, Moon, Romanski, and White,
(2009) reported that prescription expenses can be decreased by 80%
and billing for patients and insurance businesses can be completed
within 2 h as opposed to up to 7 days with an introduction of cloud-
enabled health information systems.
A cloud-based system has been proposed to automatically compile
patient data involving sensors that are linked to medical devices to
process data for storage, accessibility and sharing (Rolim et al., 2010).
This system can minimize typed mistakes or errors from gathering of
data manually, not only making the process simpler but also allowing
better access to quality data (Venkatesh et al., 2016). Nkosi and
Mekuria (2010) proposed a cloud computing system that supplies not
only multimedia sensor signal processing. Rao, Sundararaman, and
Parthasarathi, (2010) reported on a pervasive cloud initiative called
‘Dhatri’ which leveraged the power of cloud computing and wireless
technologies to enable physicians to access patient medical information
at any time. The Greek National Health Service trialed an emergency
medical system in the cloud by combining the emergency system with
patient data ensuring immediate access for doctors by being able to
utilize all devices yet maintain low expenses at the same time (Koufi,
Malamateniou, & Vassilacopoulos, 2010).
In Australia, an e-Health cloud has been proposed as a collaboration
between Telstra and the Royal Australian College of General
Practitioners (RACGP). This collaboration aims to produce applications
related to diagnosis and control, medical software, prescriptions,
147
International Journal of Information Management 43 (2018) 146–158
education and referral appliances (Korea IT Times, 2010). Bioinfor-
matics research in the medical field has been successfully powered by
the cloud computing technology (Arrais & Oliveira, 2010; Avila-Garcia,
Trefethen, Brady, Gleeson, & Goodman, 2008; Kudtarkar, Deluca,
Fusaro, & Tonellato, 2010; Memon et al., 2010). Although there are
several value propositions of cloud computing promoted by a unique IT
service delivery model over the Internet, business cost savings appear to
be the most critical factor for its popularity and wide adoption.
3. Research methodology
Given the large numbers and frequently updating healthcare pub-
lications, it is practically impossible for health practitioners to study
relevant articles for evidence-based practice (Bastian, Glasziou, &
Chalmers, 2010). Moreover, healthcare professionals should not depend
on the results of a single study to make decisions as such studies may
have certain biases and the results may be inconclusive (Abbas, Raza, &
Ejaz, 2008). In order to adopt evidence-based practice, healthcare
professionals must sought strong evidence of research that informs
practice. The hierarchy of evidence that ranks evidence for healthcare
interventions promote systematic reviews as one of the strongest evi-
dence for evidence-based health practice (Evans, 2003). Therefore,
studies from systematic reviews are relevant as they provide sum-
marised research implications to practice on a given topic that is con-
sidered rigorous and trustworthy in comparison to controlled trials or
case studies.
Systematic reviews promote a method of identifying, evaluating,
interpreting, and synthesising all the available research relevant to a
particular research topic area, or phenomenon of interest (Dikert,
Paasivaara, & Lassenius, 2016; Victor, 2008). A major aim of the sys-
tematic review is to provide evidence in a transparent and rigorous way
to enhance the validity and reliability of the research findings (Coren &
Fisher, 2006; Kitchenham & Charters, 2007). Systematic reviews are
undertaken through a staged process covering: definition of the review
scope, search questions and protocol; selection of evidence; quality
appraisal of evidence; data extraction and synthesis; and reporting and
dissemination (Petticrew & Roberts, 2008).
The guidelines for systematic literature reviews are very important
to support researchers while conducting systematic literature
(Kitchenham & Charters, 2007). The systematic review that is presented
in this research study follows the procedures and guidelines that are
described in Tranfield, Denyer, and Smart, (2003); Kitchenham (2004),
and Kitchenham and Charters (2007). Our research study has three
phases: planning, execution, and summarizing or reporting. The steps
followed during each phase are shown in Fig. 2 (each column of the
figure corresponds to the related phase).
3.1. Planning phase
The first step of the planning phase referred to the identification of
the need for a systematic review. As described in the previous section,
although there is active research towards the adoption of cloud com-
puting in the healthcare sector, there is no systematic review that
summarizes all research findings and offers a deeper insight into the
implications to research and practice in this research area.
The second step of the planning phase is the development of the re-
search review protocol. This systematic review protocol provides a base
to understand current cloud computing-enabled healthcare research. A
review protocol was developed to define a research classification fra-
mework originally developed by Ngai and Wat (2002) to conduct a
systematic review within the relevant journal articles dealing with
cloud computing technology in the healthcare sector. A similar classi-
fication framework on a literature review study on e-commerce adop-
tion conducted by Van Oranje et al. (2009) has been adapted in this
study. The classification framework has three dimensions: opportu-
nities, issues, and applications. We amend this framework by adding
O. Ali et al.
Fig. 2. Systematic review mapping process Adapted from (Kitchenham & Charters, 2007; Kitchenham, 2004; Tranfield et al., 2003).
Fig. 3. Classification framework Adapted from (Van Oranje et al., 2009).
specific categories within each dimension of the framework. As shown
in Fig. 3 our final research framework consists of cloud computing-
enabled healthcare opportunities (management and technology gains),
cloud computing-enabled healthcare issues (technological, security and
privacy, and legal issues), and cloud computing-enabled healthcare
applications (technology functionalities).
The classification framework, shown in Fig. 3, was based on the
literature review, the nature of cloud computing research, and the work
conducted by Barki, Rivard, and Talbot, (1993) and existing classifi-
cation schemes of IS (Alavi & Carlson, 1992; Barki et al., 1993; Ngai &
Wat, 2002). The classification framework dimensions and their cate-
gories are addressed next in more detail.
3.1.1. Opportunities dimension
This dimension is divided into two different categories, manage-
ment gains, and technology gains. The management gains category
covers literature on cloud computing benefits in terms of quality, effi-
ciency, and improvement in services. Some relevant examples are pa-
tient care quality, and better coordination between healthcare
148
International Journal of Information Management 43 (2018) 146–158
stakeholders (quality); capital expense saving, operating expense re-
duction, and lower labour cost (efficiency); and compliance with reg-
ulations, better operational processes, improved patient management,
accurate decision-making capacity (improvement of services).
Likewise, the technology gains category covers literature on benefits
delivered by cloud computing infrastructure as a service. Specific ex-
amples are increase in scalability, flexibility, and productivity of com-
puting infrastructure; and lower energy costs, reduction of emission of
harmful substances, decrease in electricity costs (green technology).
3.1.2. Issues dimension
This dimension is divided into three different categories, technolo-
gical issues; security and privacy issues; and legal issues. The techno-
logical issues category covers literature about technical issues related to
cloud computing. Examples include risks such as the lack of necessary
Internet connectivity infrastructure in healthcare institutions to support
cloud computing enabled healthcare projects, the possible interference
of cloud computing systems with medical equipment, the challenge to
clearly define the scalability of cloud computing-enabled healthcare
O. Ali et al.
projects, and the technical complexity of such projects.
Likewise, the security and privacy issues category cover literature
about security and privacy issues related to cloud computing. Relevant
examples include cloud computing data integrity, confidentiality of
data stored by cloud computing systems, and privacy risks associated
with trustworthiness & data sharing.
Finally, the legal issues category covers literature about policies and
regulation issues that related to cloud computing. For example, risks
associated with contract law, intellectual property rights, and in-
formation jurisdiction.
3.1.3. Applications dimension
This dimension has only one category, which is the technology
functionality of the cloud computing in the healthcare sector. This ca-
tegory covers literature on cloud computing impact that relates to in-
formation processing, availability, and as monitoring tools. Specific
examples include applications associated with more efficient employee
time utilization, effective mistake prevention, better labour pro-
ductivity, decreased processing time, and workflow optimization in
hospitals (information processing); applications that enable the system
to be accessible at all times (availability); and applications that monitor
improvements in patient management workflow such as critical data of
the patient, patient data flow supervision, and procedures carried out
on each patient (monitoring tools).
The third step in the planning phase is the definition of research
questions. It is a critical step in every systematic review. By answering
research questions, literature reviews essentially accomplish their ob-
jectives. The research questions for this systematic review are stated
below:
• What are the opportunities anticipated from adoption of cloud
computing in healthcare sector?
• What are the critical issues that influence the adoption of cloud
computing in healthcare sector?
• What are the current and common areas of cloud computing enabled
healthcare applications?
• What are the major findings from previous research and their sig-
nificance for future directions?
The fourth step in the planning phase is the definition of the strategies
for articles selection. In this step, a combined search method was adopted
that covers a broad automated search in online databases, manual re-
view, and the backward snowball technique.
The broad automated search method includes the selection of the
most appropriate online sources (Brettle & Long, 2001; Golder, Loke, &
Zorzela, 2014; Higgins & Green, 2011; Hu & Bai, 2014). The digital
sources that were selected in the presented literature review are the
following online databases: Science Direct, Medline, IEEE, PubMed,
Scopus, and AIS E-library. Also, relevant filtering tools were applied for
each database to limit the research results (Aleixandre-Benavent,
González Alcaide, González De Dios, & Alonso-Arroyo, 2011).
The broad manual review method includes reading the abstract and
the title of the research initially (Golder et al., 2014; Higgins & Green,
2011; Pucher, Boot, & De Vries, 2013). Then, reading the full articles
selected to filter out irrelevant articles was executed (Hu & Bai, 2014;
Pucher et al., 2013; Shea et al., 2007).
The backward snowball technique was used as a complement to the
broad automated search and manual review in order to find articles that
cannot be found from the first method. Backward snowballing means
using the reference list to identify new articles to include (Wohlin,
2014). The first step is to go through the reference list and exclude
articles that do not fulfil the basic criteria such as language, publication
year and type of publication. The next step is to remove articles from
the list that have already been examined based on being found earlier in
the previous iteration. Once these are removed, the remaining articles
are strong candidates for inclusion. These steps in the backward
149
International Journal of Information Management 43 (2018) 146–158
snowballing ensures that as much information as possible from the
article being examined is extracted without going to the new article
unless no more information is available in the article being examined
(Webster & Watson, 2002; Wohlin, 2014). The combination of the two
techniques increases the probability that the systematic review covers
significant articles in any area of research.
3.2. Execution phase
In the execution phase, the selection strategies are applied to help
filter the overall publication results down to select relevant articles.
This research followed the six techniques as outlined below. Firstly, the
determination of search terms is an iterative procedure starting with
trial searches using different search terms, considering an initial set of
articles that is already known to belong to the research field of the
systematic review (Golder et al., 2014; Higgins & Green, 2011; Hu &
Bai, 2014). The procedure of determining search terms ends when the
initial set of already known articles is found after the initial search. All
the aforementioned online databases offer the opportunity to perform a
search using sophisticated search strings in combination with relevant
Boolean operators. The search string that was used in the present lit-
erature review is (“Cloud Computing” AND “Healthcare”). Secondly, fil-
ters were applied by using all available tools for each database to limit
the research results (Aleixandre-Benavent et al., 2011). As we know
that the initial search by using specific keywords to any database pro-
duced a large number of articles, we narrowed the number of articles by
using filters based on selected year of publication, type of document,
and research area. Thirdly, all the search results were checked manually
to confirm that the title and the abstract of the articles are relevant in
order to remove irrelevant articles from search results (Golder et al.,
2014; Higgins & Green, 2011; Pucher et al., 2013). Fourthly, full arti-
cles were reviewed to identify relevant information on the topic of in-
terest (Hu & Bai, 2014; Pucher et al., 2013; Shea et al., 2007). Fifthly,
the backward snowball technique was used as a complement to the
broad automated search in order to find articles that was unidentified
from the first method (Hu & Bai, 2014; Spanos & Angelis, 2016). Fi-
nally, the quality assessment criteria were defined to ensure that all the
included studies in a systematic review attain an acceptable level of
quality (Hu & Bai, 2014; Spanos & Angelis, 2016). A high-quality
checklist was developed to assess whether an article is to be included in
the research study or not. The checklist consists of assessment questions
adopted from Kitchenham (2004); Petticrew and Roberts (2008);
Spanos and Angelis (2016). The checklist included criteria regarding
sufficient discussion about the research objective, clear statement of the
research question or problem, the availability and description of data,
description of the methodology adopted, presentation of the research
results and relevance of the research results to answer the research
question/ problem. Articles that address all these criteria were included
in the final review. Full details of the literature search results are
highlighted in Table 1.
This research review was conducted in September 2017 by fol-
lowing the protocol as discussed in the planning phase. The initial
keyword search resulted in 316 articles. After applying all the steps
reported earlier, there were 88 research articles that were finally
chosen for further investigation and reporting.
3.3. Summarizing phase
After the development of the review protocol, all the predefined
steps of the systematic review were executed. In Table 1, the steps
leading to the final number of the selected articles of the present review
are illustrated. Specifically, after the initial search process, 316 articles
were found. After the reading of titles and abstracts of the candidate
articles, aiming to find irrelevant articles or duplicates, 222 articles
were removed and the number of remaining articles was 94. Next, after
reading full articles, 21 irrelevant articles were removed. The final
O. Ali et al. International Journal of Information Management 43 (2018) 146–158

Table 1
Literature search results.
Databases Automated Search Method Manual Review Method Backward Snowball Final Results

nd rd th th
1 st Strategy Keywords 2 Strategy Apply 3 Strategy Reading Title 4 Strategy Reading 5 Strategy Backward 6th Strategy Quality
Results Filter and Abstract Full Articles Snowball Technique Assessment

Science Direct 1738 34 18 7 16 16

Medline 347 81 21 19 21 21
IEEE 948 68 22 17 19 19
PubMed 284 42 11 11 11 11
Scopus 1329 38 10 9 10 10
AIS 327 53 12 10 11 11
Total 316 94 73 88 88

number of selected articles resulting from the broad automated search

was 73.
The backward snowball technique was subsequently applied and
from the reading of the references, 15 more articles were added. Thus,
the final number of the articles after the entire study selection process
was 88. These 88 articles address the four quality assessment criteria
described previously.

3.3.1. Research results and classification

The findings of a detailed review of cloud computing and healthcare
related articles were put forward and examined. The categorization
framework was applied by considering three components: cloud com-
puting-enabled healthcare opportunities, issues, and applications. The
selected articles for this research study are outlined in Table 2 based on
the categorization framework.
Fig. 4 illustrates the overall number of selected articles across the
years that we scanned in this review. We find out that the highest
number of articles was published in 2011 with 18 articles, and the
Fig. 4. Publications by year.
lowest number of articles was published in 2018 with only 1 articles.
The majority of the articles are from 2010 to 2014, thus signifying a
recent interest in this area of research (See Fig. 4).
Fig. 5 demonstrates the distribution of the selected articles by da-
tabase sources. We find out that 21 articles have appeared from Medline
database, followed by 19 articles from IEEE database, other 16 articles

Table 2
Classification of accepted articles.
Dimension Category Type Reference

Opportunities Management Gains Quality Kuo (2011); Kabachinski (2011); Papakonstantinou et al. (2012); Low and Hsueh (2012); Poole et al.
(2012); Miras et al. (2013); Vilaplana et al. (2013); Kagadis et al. (2013); Hussain et al. (2014); Cubo
et al. (2014); Griebel et al. (2015); Mehraeen et al. (2016); Godinho et al. (2016); Vreeland et al. (2016);
Lian (2017); Mehraeen et al. (2017).
Efficiency Papakonstantinou et al. (2012); Muir (2011); Kabachinski (2011); Ahuja et al. (2012); Low and Hsueh
(2012); Shen et al. (2012); Poole et al. (2012); Bahga and Madisetti (2013); Miras et al. (2013); Kagadis
et al. (2013); Vilaplana et al. (2013); Yao et al. (2014); Hussain et al. (2014); Cubo et al. (2014);
Mehraeen et al. (2016); Godinho et al. (2016); Lian (2017); Mehraeen et al. (2017); Sadoughi and
Erfannia (2017).
Improvement of Services Muir (2011); Papakonstantinou et al. (2012); Poole et al. (2012); Low and Hsueh (2012); Bahga and
Madisetti (2013); Miras et al. (2013); Kagadis et al. (2013); Vilaplana et al. (2013); Hussain et al. (2014);
Cubo et al. (2014); Griebel et al. (2015); Mehraeen et al. (2016); Godinho et al. (2016); Vreeland et al.
(2016). Sadoughi and Erfannia (2017); Lian (2017); Mehraeen et al. (2017).
Technology Gains Green Technology Zhang et al. (2010); Baliga et al. (2011); Sasikala (2012); Pazowski (2015); Petri et al. (2017).
IT Infrastructure Zhang and Liu (2010); Kuo (2011); Lanman et al. (2011); Fernández-Cardeñosa et al. (2012); Harris
et al. (2015); Tomi et al. (2017); Sadoughi and Erfannia (2017); García et al. (2018)
Issues Technological Issues Technical Armbrust et al. (2009); Durkee (2010); Bisong and Rahman (2011); Kuo (2011); Hsieh and Hsu (2012);
He et al. (2013).
Security & Privacy Issues Security & Privacy Pearson (2009); Cisco (2015); Armbrust et al. (2009); Pearson and Benameur (2010); Mathur and
Nishchal (2010); Dillion et al. (2010); Cloud Security Alliance (2010); Forell et al. (2011); Hay et al.
(2011); Muir (2011); Ahuja et al. (2012); Regola and Chawla (2013); Hashizume et al. (2013); Rodrigues
et al. (2013); Seddon and Currie (2014); Abbas and Khan (2014); Lian et al. (2014); Sultan (2014b);
Siddiqui et al. (2014); Ermakova et al. (2014); Sun et al. (2014); Griebel et al. (2015); Hoang and Dat
(2015); Christoph et al. (2015); An et al. (2016); Jaatun et al. (2016); Ramachandran (2016); Mehraeen
et al. (2017).
Legal Issues Regulation Ward and Sipior (2010); Kuner (2010); Minister of Justice (2011); Kuo (2011); Javelin Strategy and
Research (2011); Hashizume et al. (2013); Seddon and Currie (2014); Currie and Seddon (2014); Hoang
and Dat (2015); An et al. (2016).
Application Technology Information Processing Zhang and Liu (2010); Kuo (2011); Lupse et al. (2012); Vida et al. (2012); Shen et al. (2012); Silva et al.
Functionalities (2012); Microsoft (2012); Kagadis et al. (2013); Regola and Chawla (2013); Kaur and Chana (2014); Yao
et al. (2014).
Availability Botts et al. (2011); Zhang and Liu (2010); Ahmed and Abdullah (2011); Endo et al. (2016).
Monitoring Tools Rack-space Hosting (2011); Pandora (2011); Logic-Monitor (2012); Mirza and El-Masri (2013); Bahga
and Madisetti (2013); HIMSS (2014).

150
O. Ali et al.
Fig. 5. Distribution of articles by database sources.
Fig. 6. Type of articles.
from Science Direct database, PubMed and AIS database each with 11
articles, finally 10 articles from Scopus database (See Fig. 5).
Fig. 6 demonstrates the type of articles that were selected to include
in this study. We find out that the highest number of articles were
journal articles with 56 articles whereas there were only two workshop
articles (See Fig. 6).
We classified the topics into three dimensions: cloud computing-
enabled healthcare opportunities, issues and applications. Fig. 7 illus-
trates the number of articles that were published each year related to
each dimension from the research classification framework. We find out
that the total number of articles published for cloud computing-enabled
healthcare opportunities (n = 37); cloud computing-enabled healthcare
issues (n = 37); and cloud computing-enabled healthcare applications
(n = 27). The distribution of the topics per year is shown in Fig. 7.
Studies on cloud computing issues surrounding the healthcare sector
have decreased since peaking in 2014 while studies about opportunities
in cloud computing appears to be steadily rising which a very positive
outlook with regards to the adoption of cloud computing in the
healthcare sector. We present research discussions stemming out from
our findings next.
4. Research discussion
4.1. Cloud computing-enabled healthcare opportunities
Many studies suggested that medical errors made in the healthcare
sector are largely attributed to poor communication and restricted ac-
cess to patient records (Doukas, Pliakas, & Maglogiannis, 2010). Cloud
Fig. 7. Research topics according to classification framework.
151
International Journal of Information Management 43 (2018) 146–158
Fig. 8. Cloud enabled healthcare opportunities articles distribution.
computing was seen as a potential means to improve the healthcare
performance and reduce the level of medical errors (Danek, 2009), as
well as enhance service provision, medical research, and improve in-
vestment (Bannerman, 2010; Rosenthal et al., 2010).
Fig. 8 illustrates the cloud enabled healthcare opportunities articles
distribution in relation to management gains and technology gains. The
figure showed that, the highest publication is actually within the
management gains (22 articles), thereby indicating that most oppor-
tunities from adopting cloud computing within the healthcare sector is
improving the management side of the healthcare organizations. The
in-depth discussion of the findings related to management and tech-
nology gains will be addressed next.
4.1.1. Management gains
The primary anticipated benefit of cloud computing from a man-
agerial perspective is the reduction in healthcare expenses, thus al-
lowing focus on other areas of healthcare needs (Muir, 2011;
Papakonstantinou, Poulymenopoulou, Malamateniou, &
Vassilacopoulos, 2012; Bahga & Madisetti, 2013; Godinho, Viana-
Ferreira, Silva, & Costa, 2016). Cloud computing can allow more af-
fordable IT reducing the need to buy or invest on physical IT infra-
structure. Internal employees are not required for maintenance of IT
problems owing to the cloud model’s support for IT solutions (Bahga &
Madisetti, 2013; Muir, 2011; Sadoughi & Erfannia, 2017), which also
decreases expenditure by reducing staff and removing the need for IT
training (Kuo, 2011). In addition to cost benefits, cloud computing al-
lows faster use, flexibility and access for all users from all locations
(Low & Hsueh, 2012; Miras, Jimenez, Miras, & Goma, 2013; Vilaplana,
Abella, Filgueira, & Rius, 2013). This removes the necessity for other
service providers to change infrastructures (Griebel et al., 2015), data
and services are more accessible in less time and as a result, the stan-
dard and speed of service provision is increased (Poole, Cornelius,
Trapp, & Langton, 2012; Papakonstantinou et al., 2012; Hussain et al.,
2014; Kagadis et al., 2013; Cubo, Nieto, & Pimentel, 2014; Mehraeen,
Ayatollahi, & Ahmadi, 2016; Mehraeen, Ghazisaeedi, Farzi, &
Mirshekari, 2017; Godinho et al., 2016; Lian, 2017).
Cloud computing can also allow data to be shared across multiple
systems, which is lacking in many current healthcare facilities. Doctor’s
references, prescriptions, EHR and diagnoses could all be shared over
various systems by cloud computing (Shen et al., 2012; Yao et al.,
2014). This is already happening across the radiological area, where
many facilities have moved to the cloud computing to share images and
reduce storage expenses (Vreeland et al., 2016). Medical practitioners,
hospitals and pharmaceutical companies have been enabled to colla-
borate to share patient data owing to cloud computing (Ahuja et al.,
2012; Kabachinski, 2011), which results in more efficient services and
of a higher standard. The anticipated benefit is that decisions are more
informed and in a timely manner, diagnoses are more accurate and
appointments are easier to schedule.
4.1.2. Technology gains
Internal IT employees are rarely found in smaller medical facilities
such as GP clinics for the servicing of in-house infrastructures like EHRs
so removing the need for such maintenance eliminates barriers to EHR
O. Ali et al.
adoption (Zhang & Liu, 2010). In larger institutions, cloud computing
moves the responsibility of IT storage and maintenance to a third-party
provider and reduces expenditure whilst enhancing scope and flex-
ibility (García, Tomás, Parra, & Lloret, 2018; Kuo, 2011). Current ICT
facilities can be improved and web browser-based applications can be
operated as interfaces for cloud-based applications (Harris, Wang, &
Wang, 2015; Tomi, Kivijarvi, & Saarinen, 2017). As the Internet is the
source of such data sharing, portability and constant access is ensured
across all locations (Fernández-Cardeñosa, de la Torre-Díez, López-
Coronado, & Rodrigues, 2012; Lanman, Horvath, & Linos, 2011;
Sadoughi & Erfannia, 2017). Using cloud services, e-health systems can
meet computing requirements of multimedia solutions that can store
and analyse big data and provide relevant information to public in-
stitutions (García et al., 2018).
Traditional ICT systems are not environmentally friendly due to
their carbon emissions (Petri, Kubicki, Rezgui, Guerriero, & Li, 2017).
Cloud computing supports lower energy consumption based on usage
and therefore data storage facilities are cheaper to operate (Sasikala,
2012; Zhang, Cheng, & Boutaba, 2010). Not only is there an energy
saving but less materials are necessary for cooling, which results in
decreasing harmful emissions into the environment (Baliga, Ayre,
Hinton, & Tucker, 2011; Pazowski, 2015). This is also considered a
huge incentive for the adoption of cloud computing within healthcare
as the environmental impact is minimized.
4.2. Cloud computing-enabled healthcare issues
Although there are numerous advantages of cloud computing, issues
still exist which need to be further investigated, particularly sur-
rounding aspects regarding technological issues, security and privacy
issues, and legal issues.
Fig. 9 shows the cloud enabled healthcare issues articles distribution
in relation to technological issues, security and privacy issues, and legal
issues. The figure showed that, the highest number of publication is
within the security and privacy issues (28 articles) followed by legal
issues and technological issues with (6 articles) each. The in-depth
discussion of the findings that are related to technological, security and
privacy, and legal issues is addressed next.
4.2.1. Technological issues
Lack of reliable service delivery models is one of the known draw-
backs with cloud computing (Bisong & Rahman, 2011; Durkee, 2010;
He, Fan, & Li, 2013; Hsieh & Hsu, 2012). Customers are attracted by
aspects such as storage capacity and applications yet with the ever-
growing demand, cloud service providers (CSPs) often experience
overcrowding and cannot meet customer needs, and as a result the
value is cut by such companies in the way of restricting access or not
updating infrastructure. As CSPs are not usually audited by a regulatory
body, poor service is a consequence leading to a shortfall in customer
expectation and service delivery (Durkee, 2010).
Another aspect for further investigation is data transfer. If a CSP
closes business, organizations may have to transfer services to a dif-
ferent CSP or move back to an in-house IT environment. For example,
when Google ceased to host its Google Health service on January 1,
Fig. 9. Cloud enabled healthcare issues articles distribution.
152
International Journal of Information Management 43 (2018) 146–158
2012, service users were given a year to download their personal data
for storage in a different location (Kuo, 2011). There would have been
significant data transfer challenges during these incidents. Similarly,
biomedical research laboratories have a great need for fast, regular
uploads, and downloads consisting of huge data files from the cloud,
however, this can create bottlenecks due to network congestion
(Armbrust et al., 2009).
4.2.2. Security and privacy issues
Security and privacy concerns within IT include threats from
hackers, user misuse and network breakdowns (Lian et al., 2014;
Mehraeen et al., 2017; Rodrigues, de la Torre, Fernández, & López-
Coronado, 2013). Cloud computing service delivery is prone to poor
encryption key management, public management interface and se-
paration failure (Dillion, Wu, & Chang, 2010; Forell, Milojicic, &
Talwar, 2011; Hay, Nance, & Bishop, 2011; Mathur & Nishchal, 2010).
Viruses, malwares and other security threats in cloud systems are more
challenging to solve than in conventional in-house IT systems, parti-
cularly when public cloud is used (Armbrust et al., 2009). Therefore,
security is being offered as a service to help cloud service providers
deliver cost-effective turnkey and hosted security services to their
customers (Cisco, 2015). Other research has found that the majority of
users named security and privacy as the most threatening barrier within
cloud computing (Cloud Security Alliance, 2010; Ermakova, Fabian, &
Zarnekow, 2014; Sultan, 2014b). Applications and highly confidential
information are great concerns when moved to a cloud-computing
model as the effectiveness of privacy controls are questionable and it is
still an area of active research (Sun, Zhang, Xiong, & Zhu, 2014).
As numerous customers now access data via cloud computing, it is
imperative that all appropriate data is managed to avoid privacy
breaches (Hashizume, Rosado, Fernández-Medina, & Fernandez, 2013).
The first security aspect is software security, this entails identification
of personnel (Ramachandran, 2016). The second aspect is platform
security, which involves interfaces and framework aspects. The notion
of accountability in the context of data practices is also applicable for
cloud computing that cater for services requiring stringent security and
privacy conditions, especially those involving sensitive health related or
medical data (Jaatun, Pearson, Gittler, Leenes, & Niezen, 2016). Lastly,
infrastructure security relates to online privacy and storage settings
(Pearson & Benameur, 2010; Pearson, 2009).
Multiple users share and access resources and environments within
the cloud computing environment. A lack of resources to separate sto-
rage, reputation and routing are all concerns of privacy in this en-
vironment (Hoang & Dat, 2015; Seddon & Currie, 2014). Users of cloud
computing are at a greater risk of privacy breaches from external par-
ties due to storage set up and space (An, Zaaba, & Samsudin, 2016;
Hashizume et al., 2013).
Healthcare has more stringent security requirements due to reg-
ulatory requirements and patient privacy rights on sensitive health and
medical data (Mehraeen et al., 2017; Muir, 2011; Rodrigues et al.,
2013). Data confidentiality is a commonly reoccurring theme (Griebel
et al., 2015), particularly from the perspective of an unauthorized in-
dividual accessing patient records (Abbas & Khan, 2014; Christoph
et al., 2015; Siddiqui, Abdullah, Khan, & Alghamdi, 2014). Transferring
such large and highly confidential files is particularly challenging and
greater security measures need to be undertaken (Rodrigues et al.,
2013). Additional requirements for security are related to access con-
trol, management of data, and secure storage (Ahuja et al., 2012;
Regola & Chawla, 2013).
4.2.3. Legal issues
Many legal issues can arise due to cloud computing such as property
and contract disputes, however, legal aspects regarding data security is
the most concerning issue (Currie & Seddon, 2014; Ward & Sipior,
2010). Disparate laws can relate to numerous aspects, namely usage,
property and privacy (Kuner, 2010; Ward & Sipior, 2010). Data can be
O. Ali et al. International Journal of Information Management 43 (2018) 146–158

bound by more than one laws at the same time and each law may information and process referrals. Health providers typically store
impose different requirements and consequences. In order to minimize EMRs in their own databases (Zhang & Liu, 2010). Relatively faster
such problems, the Canadian Personal Information Protection and collaboration can be achieved by moving data to a cloud so that all
Electronic Documents Act (CPIPEDA) restricts control of companies in parties can access required data (Kagadis et al., 2013; Regola & Chawla,
gathering, using or sharing of private data (Minister of Justice, 2011), 2013). Patient consent is required for their data, such as EHRs, EMRs,
yet a provider is within their rights to move data from one jurisdiction Personal Health Records (PHRs), and Payer Based Health Records
to another. (PBHRs), in order to be shared and stored into a cloud environment
As such the CPIPEDA put forward a new regulation for companies to (Kaur & Chana, 2014). This would enable the data to be accessed by all
declare data breaches to the Privacy Commissioner of Canada and to health stakeholders regionally and internationally (Lupse, Vida, &
inform customers when there is potential harm (Minister of Justice, Stoicu-Tivadar, 2012; Shen et al., 2012; Vida, Lupse, Stoicu-Tivadar, &
2011). Yet poor breach notification does not ensure security of one’s Bernad, 2012; Yao et al., 2014). Consequently, there will be fewer er-
data (Kuo, 2011). Javelin Strategy and Research (2011) found that rors as all health professionals would be able to view the same data,
users with recent data breach notifications were at the highest risk level while expanding service provision and keeping costs low (Silva, Costa,
for more fraudulent activities. Legal solutions surrounding these issues & Oliveira, 2012). For example, Microsoft’s HealthVault that typically
have not been addressed yet which is a major roadblock for wider cloud stores x-rays and doctors’ records can be extended to allow patients to
adoption in the healthcare sector, particularly for the government contribute data, for example, from heart rate monitors, thereby en-
healthcare services. abling all stakeholders to access the same and multi-faceted data for
decision-making (Microsoft, 2012).
4.3. Cloud computing-enabled healthcare applications
4.3.2. Availability
Approximately 31% of the healthcare sector is currently using cloud Greater availability of cloud computing is expected to produce less
computing and most of the other healthcare organizations are looking downtimes and a consistent service delivery (Botts, Horan, & Thoms,
into this as a viable option over the next five years (Griebel et al., 2011). The cloud can be managed to execute high availability service
2015). The majority of organizations intend to adopt the public cloud goals (Endo et al., 2016). Since applications can be scaled up or down
model first before moving towards the hybrid model, and finally adopt more easily according to demand (Ahmed & Abdullah, 2011). Security
a private cloud for business if feasible (Ahmed & Gutierrez, 2010). concerns must be fully understood prior to moving healthcare data to
Those who have moved forward with cloud models or those who intend cloud computing in order to realise maximum availability (Zhang & Liu,
to do so in the near future are deemed more advantageous in terms of 2010).
finance and efficiency than those who are slow to implement cloud
models (Wan, Greenway, Harris, & Alter, 2010). 4.3.3. Cloud monitoring tools
The healthcare system consists of pharmaceutical companies, in- Healthcare facilities can use cloud monitoring tools such as Cloud-
surance companies, laboratories and hospital facilities (Daemmrich, kick (Rack-space Hosting, 2011), Logic-Monitor (Logic-Monitor, 2012)
2011). All components need to abide by government regulations and and Pandora FMS (Pandora, 2011) in order to optimise cloud features
need to share data quickly, correctly and efficiently whilst upholding for their intended use. There are other general cloud monitoring tools
patient confidentiality (Raut, 2011). Patient data is highly sensitive and that are useful to specifically monitor the cloud infrastructure, such as
the risk of this being compromised is considered a reason behind slow Amazon Web Services (Bahga & Madisetti, 2013; Mirza & El-Masri,
adoption of cloud computing. Any innovative technology models in the 2013).
healthcare sector that manages critical health information must ensure Table 3 illustrates the current areas of cloud computing enabled
patient privacy (Cloud Security Alliance, 2010; Kaletsch & Sunyaev, healthcare applications (HIMSS, 2014).
2011). Based on Table 3, we discuss the top three areas of current usage,
Fig. 10 demonstrates the cloud enabled healthcare applications ar- planned use and lack of use of cloud applications next. A 2014 survey
ticles distribution in a related to information processing, availability, undertaken by Healthcare Information and Management Systems So-
and monitoring tools. The figure showed that the highest rate of pub- ciety (HIMSS) indicated that 43.6% of healthcare organizations used
lication is actually within the information processing area (11 articles). cloud services for hosting clinical applications and data followed by
This gives an indication that the most important applications of 38.7% for information exchange, and 35.1% for backups and data re-
adopting cloud computing within the healthcare sector are used to covery. 38.9% of the healthcare organizations planned to use cloud
process information across different healthcare actors or facilities. The services for hosting of archived data, 31.1% for backups and data re-
monitoring tools are discussed in five articles, and the availability of covery, and 28.4% for hosting operational applications and data. There
applications are discussed in four articles. The in-depth discussion of
the findings that related to information processing, availability, and Table 3
monitoring tools are presented next. The current areas of cloud applications.
Area Current Use Planned Use No Use
4.3.1. Information processing
Healthcare organizations must collaborate in order to request Hosting of Clinical Applications and Data 43.6% 14.1% 42.3%
Health Information Exchange 38.7% 20.0% 41.3%
Backups and Disaster Recovery 35.1% 31.1% 33.7%
Hosting of HR Applications and Data 34.9% 16.8% 48.3%
Hosting Financial Applications and Data 32.9% 18.8% 48.3%
Hosting Operational Applications and 27.7% 28.4% 43.9%
Data
Hosting of Archived Data 26.8% 38.9% 34.3%
Managed Services 22.1% 17.4% 60.5%
Hosting Communications Services 20.3% 20.3% 59.4%
Virtual Networks 6.1% 8.8% 85.1%
Identity Management 2.0% 8.1% 89.9%
Timely Provisioning or De-provisioning 2.0% 6.1% 91.9%
Accounts
Fig. 10. Cloud enabled healthcare applications articles distribution.

153
O. Ali et al.
appears to be a strong interest in data-driven usage of cloud services in
the areas of storage and sharing, as per the current use and future de-
mands. In terms of the lack of use of cloud applications, 91.1% of the
healthcare organizations were least likely to use cloud service for ac-
count management, 89.9% for identify management, and 85.1% for
virtual networks. Network-specific services and access management
applications, while critical application areas of cloud computing in
general, appears to be the areas that are of less interest to the stake-
holders in the healthcare sector.
5. Implications to research and practice
We draw out several key implications from the findings of our
systematic literature review for future research surrounding cloud
computing in the healthcare sector.
5.1. Implications to research
The key implications to research from our findings in this systematic
literature review include information sharing and collaboration; data
security and privacy; and decision support. Current research in cloud
computing in the healthcare sector is concentrated in the area of data
storage and associated services to make relevant information accessible
in less time (Cubo et al., 2014; Hussain et al., 2014; Lian, 2017;
Mehraeen et al., 2016, 2017). This has the potential to reduce opera-
tional costs while expanding the scope and flexibility of IT services to
the healthcare sector (Miras et al., 2013; Vilaplana et al., 2013).
Moreover, another huge incentive for the adoption of cloud computing
within the healthcare sector is to minimize the environmental impact.
While cloud computing has allowed data to be shared across multiple
systems, these features have not been broadly incorporated in the
current healthcare facilities.
Data security and privacy are two of the most discussed challenges
in cloud computing not just in the healthcare sector but across all in-
dustries (Ermakova et al., 2014; Sultan, 2014b). A number of data se-
curity models for cloud computing have been developed to combat
performance issues related to data security (Ramachandran & Chang,
2016). However, data confidentiality requirements are stringent in the
healthcare sector and the current effectiveness of privacy controls of
sensitive data, such as patient health information, are insufficient
(Griebel et al., 2015). Besides other factors, risks of sensitive patient
data being compromised is considered a reason behind slow adoption of
cloud applications (Kaletsch & Sunyaev, 2011). An integrated model to
manage risks in cloud services has been proposed by Ali, Warren, and
Mathiassen, (2017), this model outlines three types of risks (services,
technology and process-related risks) and four types of resolution
(stakeholder engagement, technology development, innovation plan-
ning and control. Using this model, managers can profile their risk
scenarios and possible responses to take advantage of innovation de-
rived from cloud services. This research by Ali et al. (2017) provides an
excellent foundation based on risk management for further research in
cloud computing opportunities, issues and applications for healthcare
services. These research considerations imply some specific guidance
for future research directions as discussed next.
5.2. Future research directions
As a research area, application of cloud computing in the healthcare
sector is an emerging topic. Although the research on adoption of cloud
computing in the healthcare sector is growing, this is the first attempt
towards a synthesis of the existing research findings based on a sys-
tematic literature review. According to our review strategy, only 85
academic articles have been selected in our study, among which the
significant number of publications occur in 2010–2014 and fewer in
recent times, i.e. 2015–2017 (see Fig. 4). The overall theme of the
publications in 2010–2014 represented realization of benefits and
154
International Journal of Information Management 43 (2018) 146–158
issues with specific cloud applications in the healthcare sector. There is
a lack of theoretical orientation and longitudinal study on the overall
value of cloud services to the healthcare sector, demonstrating the lack
of maturity in this research area. Nevertheless, a positive finding is the
uniform distribution of research articles that are published in IS as well
as medical journals (see Fig. 5).
An analysis of the research topics according to the classification
framework as illustrated in Fig. 7 showcases the expanding research
interest in the area of opportunities presented by cloud computing in
the healthcare sector. Likewise, there is a reduced interest in the study
surrounding cloud related issues and healthcare applications. This
might imply that the key technological and management issues have
been addressed as the cloud technology evolved. Therefore, studies
associated with the opportunities from using cloud computing might
seek more generic benefits rather than specific cloud applications and
their features. This is a promising development that provides a positive
roadmap for future research work.
Current cloud applications are centred around medical data ad-
ministration (Harsha et al., 2016) and EHRs (Chatman, 2010; Kuo,
2011). However, cloud computing has potential to offer value-added
healthcare services in more decision-making areas such as diagnosis &
control, prescriptions, education and referrals & recommendations
(Korea IT Times, 2010). Therefore, we can argue that effective use of
cloud computing within the healthcare sector has not reached its po-
tential (Rosenthal et al., 2010). Currently, there is more data driven
usage of cloud rather than network-related utilities. Cloud applications
can enable access to multi-faceted data for decision making, however
the use of cloud computing for decision support in the healthcare sector
is an area that is not well researched and deserve attention for future
research. These value-added healthcare services are potentially dis-
ruptive to the medical industry but it can be considered as an enabler
towards decision support for medical practitioners including doctors
and nurses. Future researchers might want to investigate these value-
added cloud services within the healthcare sector, particularly in the
area of medical decision-making.
Current study of cloud computing in the healthcare sector takes a
very narrow view of the IT service delivery model with an emphasis on
process improvement and cost saving. Major opportunities of cloud
within the healthcare sector are studies with the lens of quality, effi-
ciency and technology benefits, e.g. infrastructure as a service.
However contemporary definitions of “service” highlights innovative
ways of delivering value to customers. The current areas of cloud ap-
plications demonstrate limited use towards network management and
optimization (HIMSS, 2014). Consequently, cloud applications suffer
challenges associated with service reliability (He et al., 2013) and
availability (Endo et al., 2016). Therefore, we suggest future research
should look at a wider view of IT service delivery that encompasses
service value elements such as scalability, reliability, technical com-
plexity, data integrity, security and privacy risks that are associated
with cloud computing.
Furthermore, current cloud applications are primarily studied based
on their capacity of information processing and availability.
Applications associated with health monitoring in general, e.g. fitness
tracking, are heavily researched and adopted in practice. However,
monitoring activities associated with chronic patients and their treat-
ment/ care are not as well facilitated using cloud computing. Future
research can emphasize health monitoring features enabled by cloud
applications rather than information processing features.
We have found that the adoption of cloud computing is higher in
comparatively larger health organizations that have mature operational
processes and limited budgetary constraints (Wan et al., 2010). This is
ironic given the cost saving benefits of cloud services that suits smaller
companies. Future research must investigate adoption issues of cloud
computing for smaller health organizations like clinics, community
health centres and health facilities in developing countries.
Cloud computing, by its very nature, enables data sharing across
O. Ali et al.
multiple systems, however such features are not utilized in current
healthcare facilities (Yao et al., 2014). Future research should look into
benefits and challenges associated with data sharing and investigate the
regulatory compliance of CSPs in offering these services. For example,
current research highlighted the need for effective privacy controls in
cloud computing for the healthcare sector as a very important future
research consideration (Sun et al., 2014). As it currently stands, CSPs
are not required to be audited by a regulatory body. Therefore, a CSP is
within their own right to move data from one jurisdiction to another.
Moreover, CSPs currently do not offer assured data capabilities, as these
are promoted as shared responsibilities of service providers and
healthcare facilities. Research surrounding patient privacy controls,
service levels and responsibilities of CSPs is an important area of future
research.
5.3. Implications to practice
Likewise, we present the following implications to practice in order
to enable effective implementation of cloud-based healthcare solutions.
5.3.1. Cloud deployment and service models
In determining the cloud’s given workload, many aspects need to be
considered so that the most conducive model is used whether it be
public, private or a combination of both. Public cloud services are run
on data centre resources owned by a CSP where data is accessible to
numerous cloud service customers; this is referred to as multi-tenant.
Whereas cloud services within private cloud distribution run on data
centre resources owned by cloud service customers, these are usually
controlled and executed by customers on site. Combined cloud models
use numerous deployment models at the same time and frequently with
resources not associated with cloud services. Using relevant cloud ser-
vice models, organizations must align their IT capabilities since re-
search has confirmed that IT capability positively affects cloud success
and ultimately performance of the organization (Garrison, Wakefield, &
Kim, 2015).
Secure cloud service models have started to be implemented within
healthcare facilities, such as healthcare insurance to small-scale clinics.
Healthcare standards have been renewed to reflect the adoption of
cloud computing (Cloud Standards Customer Council, 2017). In re-
sponse to this trend, numerous CSPs have HIPAA enabled offerings as
an addition, which adheres to the HITECH Act of 2009. As the digital
world expands, healthcare providers are becoming more aware of cloud
computing advantages (HITECH, 2009). These encompass managing
virtual capital, safeguarding against hacking and emergencies, internet
of things augmented patient care, versatile methods of payment and
providing assistance to medical staff. However, aspects such as security
(Mehraeen et al., 2017), data classification (Griebel et al., 2015),
business model (Yao et al., 2014), target operating model (Bobsguide,
2015), application architecture (Cloud Standards Customer Council,
2016), cost (Godinho et al., 2016), and performance (Vilaplana et al.,
2013) must be considered in practice to determine appropriate cloud
service models.
5.3.2. Security and privacy requirements
With any adoption of healthcare solutions regarding IT, security and
the privacy of information is of the upmost importance (Mehraeen
et al., 2017). The cloud solution needs to have privacy settings, which
must also be incorporated into the authorisation and monitoring sys-
tems. Shared responsibility is a major disparity between cloud services
and conventional IT. The latter saw the IT Company having full ac-
countability for all aspects of IT, whereas with cloud services this is
disbursed amongst the healthcare institutions, which includes the cus-
tomers, and the CSP. Similar to future research suggestions, security
and privacy concerns continue to be an important area for practitioners
to ascertain while setting up cloud service level agreements with the
CSPs.
155
International Journal of Information Management 43 (2018) 146–158
5.3.3. Management of the cloud environment
Cloud computing contexts are not dissimilar to conventional IT
contexts apart from cloud customer and CSP boundaries (Kupferman,
Silverman, Jara, & Browne, 2009). Conventional IT supervision en-
compassed expense, supervision, backing, privacy and appropriate
work personnel. Yet some components of cloud computing entail dif-
ficulties such as devices, which are automatically connected to the In-
ternet, intelligent cognitive assistants and authorisation of EHRs.
Business advantages are often the result of good practice in the
management of cloud environment that results in financial rewards,
although this can be a slow process owing to the initial costs involved.
Healthcare organizations are advised to initially implement strategies,
which assist the business objectives and deadlines taking into con-
sideration the IT structure and cloud solution components (Cloud
Standards Customer Council, 2017). The cloud management strategies
should also consider future outlook, comprehend existing technologies,
and ensure proof of concept and scale to production in order to max-
imize benefits from the cloud environment in practice.
6. Conclusion
The state-of-the-art of the research related to cloud computing in the
healthcare sector has been reviewed and discussed. A number of articles
were comprehensively chosen from the online database and further
classified into three key areas: opportunities, issues, and applications.
This research study offers an understanding of the current cloud com-
puting research and its real-world implementation in the healthcare
sector.
This research study presented implications to research and practice
as a guidance for future study and for healthcare decision makers. It is
essential to discover whether the opportunities of cloud computing
outweigh the issues that related with its use in the healthcare sector.
According to the literature analysed in this research study, there is
sufficient evidence to suggest that cloud computing can bring sig-
nificant opportunities to the healthcare sector. However, the issues that
related to the security and privacy of patient data and loss of control of
data management to CSPs must be carefully evaluated, especially due to
the strict regulations that govern the healthcare sector. As a result of
that, many companies are working to improve and adapt policies to
secure patient data in order to promote confidentiality. Cloud appli-
cations can enable access to multi-faceted data for decision making,
however using cloud computing for decision support in the healthcare
sector is a significant opportunity for researchers and practitioners.
Conflicts of interest
None
References
Abbas, A., & Khan, S. U. (2014). A review on the state-of-the-art privacy-preserving ap-
proaches in the e-health clouds. IEEE Journal of Biomedical of Health Information,
18(4), 1431–1441.
Abbas, Z., Raza, S., & Ejaz, K. (2008). Systematic reviews and their role in evidence -
informed health care. Journal of the Pakistan Medical Association, 58(10), 461–467.
Agarwal, R., Gao, G., DesRoches, C., & Jha, A. K. (2010). The digital transformation of
healthcare: Current status and the road ahead. Information Systems Research, 21(4),
796–809.
Ahmed, S., & Abdullah, A. (2011). E-healthcare and data management services in a cloud.
International IEEE Conference on High Capacity Optical Networks and Enabling
Technologies248–252.
Ahmed, R., & Gutierrez, J. A. (2010). 1P. A cloud computing encapsulated layer for security
and availability. International Conference on Information Resources1–15.
Ahuja, P. S., Mani, S., & Zambrano, J. (2012). A survey of the state of cloud computing in
healthcare. Network and Communication Technologies, 1(2), 12–19.
Alavi, M., & Carlson, P. (1992). A review of MIS research and disciplinary development.
Journal of Management Information Systems, 8(4), 45–62.
Aleixandre-Benavent, R., González Alcaide, G., González De Dios, G., & Alonso-Arroyo, A.
(2011). Sources of bibliographic information rationale for conducting a literature
search. ACTA Paediatric, 69(3), 131–136.
O. Ali et al.
Ali, O., Soar, J., & Shrestha, A. (2018). Perceived potential for value creation from cloud
computing: A study of the Australian regional government sector. Behaviour &
Information Technology. https://doi.org/10.1080/0144929X.2018.1488991.
Ali, A., Warren, D., & Mathiassen, L. (2017). Cloud-based business services innovation: A
risk management model. International Journal of Information Management, 37(6),
639–649.
An, Y. Z., Zaaba, Z. F., & Samsudin, N. F. (2016). Reviews on security issues and challenges in
cloud computing. IOP Conference Series: Materials Science and Engineering1–10.
Anderson, N. R., Lee, E. S., Brockenbrough, J. S., Minie, M. E., Fuller, S., & Brinkley, J.
(2007). Issues in biomedical research data management and analysis: Needs and
barriers. Journal of American Medical Information Association, 14(4), 478–488.
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R. H., & Konwinski, A. (2009).
Above the clouds: A Berkeley view of cloud computingAccessed on 18 September 2017,
available at:. Technical Reporthttp://www.eecs.berkeley.edu/Pubs/TechRpts/2009/
EECS-2009-28.pdf.
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., & Konwinski, A. (2010). A view
of cloud computing. IEEE/ACM Transactions on Networking : A Joint Publication of the
IEEE Communications Society, the IEEE Computer Society, and the ACM With Its Special
Interest Group on Data Communication, 53(4), 50–58.
Arrais, J. P., & Oliveira, J. L. (2010). On the exploitation of cloud computing in bioinfor-
matics. The 10th IEEE International Conference on Information Technology and
Applications in Biomedicine1–4.
Avila-Garcia, M. S., Trefethen, A. E., Brady, M., Gleeson, F., & Goodman, D. (2008).
Lowering the barriers to cancer imaging. IEEE 4th International Conference on Escience
(pp. 1–8).
Bahga, A., & Madisetti, V. K. (2013). A cloud-based approach for interoperable electronic
health records (EHRs). IEEE Journal of Biomedical of Health Information, 17(5),
894–906.
Baliga, J., Ayre, R. W. A., Hinton, K., & Tucker, R. S. (2011). Green cloud computing:
Balancing energy in processing, storage, and transport. Proceedings of the IEEE, 99(1),
149–167.
Bannerman, P. L. (2010). Cloud computing adoption risks: State of play. The 17th Asia
Pacific Software Engineering Conference Cloud Workshop (pp. 10–16).
Barki, H., Rivard, S., & Talbot, J. (1993). A keyword classification scheme for IS research
literature: an update. MIS Quarterly, 17(2), 226–309.
Bastian, H., Glasziou, P., & Chalmers, I. (2010). Seventy-five trials and eleven systematic
reviews a day: How will we ever keep up? PLoS Medicine, 7(9), Accessed on 23 May
2018, available at: http://journals.plos.org/plosmedicine/article?id=10.1371/
journal.pmed.1000326.
Bayramusta, M., & Nasir, V. A. (2016). A fad or future of IT?: A comprehensive literature
review on the cloud computing research. International Journal of Information
Management, 36(4), 635–644.
Bisong, A., & Rahman, S. M. (2011). An overview of the security concerns in enterprise
cloud computing. International Journal of Network Security & Its Applications, 3(1),
30–45.
Bobsguide (2015). Cloud target operating model: Revolution, evolution or a bit of both?
Accessed on 10 October 2017, available at:http://www.bobsguide.com/guide/news/
2015/Sep/25/cloud-target-operating-model-tom-revolutionevolution-or-a-bit-of-
both/.
Botts, N. E., Horan, T. A., & Thoms, B. P. (2011). Health ATM: personal health cyberin-
frastructure for underserved populations. American Journal Preventive Medical, 40,
115–122.
Brettle, A. J., & Long, A. F. (2001). Comparison of bibliographic databases for information
on the rehabilitation of people with severe mental illnesses. Bulletin of the Medical
Library Association, 89(4), 353–362.
Chatman, C. (2010). How cloud computing is changing the face of healthcare information
technology. Journal of Health Care Compliance, 12(3), 37–70.
Christoph, J., Griebel, L., Leb, I., Engel, I., Kopcke, F., & Toddenroth, D. (2015). Secure
secondary use of clinical data with cloud-based NLP services: Towards a highly
scalable research infrastructure. Methods of Information Medical, 53(6), 276–282.
Cisco, & Cisco Security as a Service Solutions (2015). White Paper. Accessed on 1 July
2018, available at: https://www.cisco.com/c/dam/en/us/solutions/collateral/
enterprise/design-zone-security/hss-aag.pdf.
Cloud Security Alliance (2010). Top threats to cloud computing V1.0. Accessed on 13
September 2017, available at:https://cloudsecurityalliance.org/topthreats/
csathreats.v1.0.pdf.
Cloud Standards Customer Council (2016). Practical guide to hybrid cloud computing.
Accessed on 11 October 2017, available at:http://www.cloud-council.org/
deliverables/practical-guide-to-hybrid-cloud-computing.htm.
Cloud Standards Customer Council (2017). Impact of cloud computing on healthcare version
2.0. Accessed on 14 October 2017, available at:http://www.cloud-council.org/
deliverables/CSCC-Impact-of-Cloud-Computing-on-Healthcare.pdf.
Coren, E., & Fisher, M. (2006). The conduct of systematic reviews for SCIE knowledge reviews.
London: Social Care Institute for Excellence.
Cubo, J., Nieto, A., & Pimentel, E. (2014). A cloud-based Internet of Things platform for
ambient assisted living. Sensors, 14(8), 14070–14105.
Currie, W., & Seddon, J. (2014). A cross-country study of cloud computing policy and reg-
ulation in healthcare. The European Conference on Information Systems1–16.
Daemmrich, A. (2011). U.S. Healthcare reform and the pharmaceutical industry. Boston,
Massachusetts, USA: Harvard Business School1–37.
Danek, J. (2009). Public works government services Canada. Accessed on 25 August 2017,
available at:Cloud Computing and the Canadian Environmenthttp://www.scribd.
com/doc/20818613/Cloud-Computing-and-the-Canadian-Environment.
Dikert, K., Paasivaara, M., & Lassenius, C. (2016). Challenges and success factors for
large-scale agile transformations: a systematic literature review. The Journal of
Systems and Software, 119, 87–108.
156
International Journal of Information Management 43 (2018) 146–158
Dillion, T., Wu, C., & Chang, E. (2010). Cloud computing: Issues and challenges. The 24th
IEEE International Conference on Advanced Information Networking and
Applications27–33.
Doukas, C., Pliakas, T., & Maglogiannis, I. (2010). Mobile healthcare information manage-
ment utilizing cloud computing and android OS. The 32nd Annual International
Conference of the IEEE EMBS1037–1040.
Durkee, D. (2010). Why cloud computing will never be free. IEEE/ACM Transactions on
Networking: A Joint Publication of the IEEE Communications Society, the IEEE Computer
Society, and the ACM With Its Special Interest Group on Data Communication, 53(5),
69–70.
Dwivedi, Y. K., & Mustafee, N. (2010). It’s unwritten in the cloud: the technology enablers
for realising the promise of cloud computing. Journal of Enterprise Information
Management, 23(6), 673–679.
Endo, P. T., Rodrigues, M., Gonçalves, G. E., Kelner, J., Sadok, D. H., & Curescu, C.
(2016). High availability in clouds: Systematic review and research challenges.
Journal of Cloud Computing Advances Systems and Applications, 5(16), 1–15.
Ermakova, T., Fabian, B., & Zarnekow, R. (2014). Acceptance of health clouds – a privacy
calculus perspective. The European Conference on Information Systems1–14.
Evans, D. (2003). Hierarchy of evidence: A framework for ranking evidence evaluating
healthcare interventions. Journal of Clinical Nursing, 12(1), 77–84.
Fernández-Cardeñosa, G., de la Torre-Díez, I., López-Coronado, M., & Rodrigues, J. J.
(2012). Analysis of cloud-based solutions on EHRs systems in different scenarios.
Journal of Medical Systems, 36, 3777–3782.
Fichman, R. G., Kohli, K., & Krishnan, R. (2011). The Role of information systems in
healthcare: Current research and future trends. Information Systems Research, 22(3),
419–428.
Forell, T., Milojicic, D., & Talwar, V. (2011). Cloud management: Challenges and opportu-
nities. The IEEE International Symposium on Parallel and Distributed Processing881–889.
García, L., Tomás, J., Parra, L., & Lloret, J. (2018). An m-health application for cerebral
stroke detection and monitoring using cloud services. International Journal of
Information Management. https://doi.org/10.1016/j.ijinfomgt.2018.06.004.
Garrison, G., Wakefield, R. L., & Kim, S. (2015). The effects of IT capabilities and delivery
model on cloud computing success and firm performance for cloud supported pro-
cesses and operations. International Journal of Information Management, 35(4),
377–393.
Godinho, T. M., Viana-Ferreira, C., Silva, L. B., & Costa, C. (2016). A routing mechanism
for cloud outsourcing of medical imaging repositories. IEEE Journal of Biomedical and
Health Informatics, 20(1), 367–375.
Golder, S., Loke, Y. K., & Zorzela, L. (2014). Comparison of search strategies in systematic
reviews of adverse effects to other systematic reviews. Health Information and Libraries
Journal, 31, 92–105.
Griebel, L., Prokosch, H., Köpcke, F., Toddenroth, D., Christoph, J., Leb, I., et al. (2015). A
scoping review of cloud computing in healthcare. BMC Medical Informatics and
Decision Making, 15(17), 1–16.
Harris, I., Wang, Y., & Wang, H. (2015). ICT in multimodal transport and technological
trends: Unleashing potential for the future. International Journal of Production
Economics, 159, 88–103.
Harsha, S., Pussewalage, G., & Oleshchuk, V. A. (2016). Privacy preserving mechanisms
for enforcing security and privacy requirements in E-health solutions. International
Journal of Information Management, 36, 1161–1173.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of Internet Services and
Applications, 4(5), 1–13.
Hay, B., Nance, K., & Bishop, M. (2011). Storm clouds rising: Security challenges for IaaS
cloud computing. The 44th Hawaii International Conference on System Sciences1–7.
He, C., Fan, X., & Li, Y. (2013). Toward ubiquitous healthcare services with a novel ef-
ficient cloud platform. IEEE Transaction of Biomedical Engineering, 60(1), 230–234.
Higgins, J. P. T., & Green, S. (2011). Cochrane handbook for systematic reviews of inter-
ventions 5.1.0. Accessed on 12 September 2014, available at:The Cochrane
Collaborationhttp://www.cochrane-handbook.org.
Healthcare Information and Management Systems Society (2014). HIMSS analytics cloud
surveyAccessed on 3 August 2017, available at:http://s3.amazonaws.com/rdcms-
himss/files/production/public/FileDownloads/Final%20Report%20061214.pdf.
Hoang, D., & Dat, D. T. (2015). Healthcare data in cloud environments. Pacific Asia
Conference on Information Systems1–15.
Hsieh, J. C., & Hsu, M. W. (2012). A cloud computing based 12-lead ECG telemedicine
service. BMC Medical Information Decision Making, 12(77), 1–12.
Hu, Y., & Bai, G. (2014). A systematic literature review of cloud computing in eHealth.
Health Informatics - an International Journal, 3(4), 11–20.
Hussain, S., Bang, J. H., Han, M., Ahmed, M. I., Amin, M. B., & Lee, S. (2014). Behaviour
life style analysis for mobile sensory data in cloud computing through MapReduce.
Sensors, 14(11), 22001–22020.
Jaatun, M. G., Pearson, S., Gittler, F., Leenes, R., & Niezen, M. (2016). Enhancing ac-
countability in the cloud. International Journal of Information Management. https://
doi.org/10.1016/j.ijinfomgt.2016.03.004.
Javelin Strategy and Research (2011). Data breach notifications: Victims face four times
higher risk of fraud. Accessed on 10 October 2017, available at:https://www.
javelinstrategy.com/brochure-158.
Kabachinski, J. (2011). What’s the forecast for cloud computing in healthcare? Biomedical
Instrument Technology, 45(2), 146–150.
Kagadis, G. C., Kloukinas, C., Moore, K., Philbin, J., Papadimitroulas, P., & Alexakos, C.
(2013). Cloud computing in medical imaging. The International Journal of Medical
Physics Research and Practice, 40(7), 1–13.
Kaletsch, A., & Sunyaev, A. (2011). Privacy engineering: Personal health records in cloud
computing environments. The 32nd International Conference on Information Systems1–11.
Kaur, P. D., & Chana, I. (2014). Cloud based intelligent system for delivering health care
O. Ali et al.
as a service. Computer Methods and Programs in Biomedicine, 113, 346–359.
Kitchenham, B. (2004). Procedures for performing systematic reviews. Keele
University, UK..
Kitchenham, B., & Charters, S. (2007). Guidelines for performing systematic literature reviews
in software engineering. UK: Keele University.
Kochan, C. G., Nowicki, D. R., Sauser, B., & Randall, W. S. (2018). Impact of cloud-based
information sharing on hospital supply chain performance: A system dynamics fra-
mework. International Journal of Production Economics, 195, 168–185.
Korea IT Times (2010). Telstra plans launch of e-health cloud services, tip of the iceberg for
opportunity. Accessed on 1 September 2017, available at:http://www.koreaittimes.
com/story/9826/telstra-plans-launch-e-health-cloud-services-tip-iceberg-
opportunity.
Koufi, V., Malamateniou, F., & Vassilacopoulos, G. (2010). Ubiquitous access to cloud
emergency medical services. The 10th IEEE International Conference on Information
Technology and Applications in Biomedicine1–4.
Kudtarkar, P., Deluca, T. F., Fusaro, V. A., & Tonellato, P. J. (2010). Cost-effective cloud
computing: a case study using the comparative genomics tool, roundup. Evolutionary
Bioinformatics Online, 6, 197–203.
Kuner, C. (2010). Data protection law and international jurisdiction on the Internet.
International Journal of Law and Information Technology, 18(2), 176–201.
Kuo, A. M. H. (2011). Opportunities and challenges of cloud computing to improve health
care services. Journal of Medical Internet Research, 13(3), 67.
Kupferman, J., Silverman, J., Jara, P., & Browne, J. (2009). Scaling into the cloud. Accessed
on 12 September 2017, available at:http://cs.ucsb.edu/∼jkupferman/docs/
ScalingIntoTheClouds.pdf.
Kuttikrishnan, D. (2011). Cloud computing: The road ahead. Accessed on 15 September
2017, available at:http://www.datamation.com/cloud-computing/cloud-computing-
the-road-ahead-1.html.
Lanman, J. T., Horvath, S. D., & Linos, P. K. (2011). Next generation of distributed training
utilizing SOA, cloud computing, and virtualization. The Inter-service/Industry Training,
Simulation and Education Conference1–12.
Lian, J. W. (2017). Establishing a cloud computing success model for hospitals in Taiwan.
The Journal of Health Care Organization, Provision, and Financing, 54(1/6), 1–6.
Lian, J., Yen, D. C., & Wang, Y. (2014). An exploratory study to understand the critical
factors affecting the decision to adopt cloud computing in Taiwan hospital.
International Journal of Information Management, 34, 28–36.
Lisa, B. A. (2011). Hospital uses cloud computing to improve patient care and reduce costs.
Accessed on 16 August 2017, available at:http://www.microsoft.eu/cloud-
computing/case-studies/hospital-uses-cloud-computing-to-improve-patient-care-
and-reduce-costs.aspx.
Logic-Monitor (2012). LogicMonitor. Accessed on 10 September 2017, available
at:Architecture White Paperhttp://www.logicmonitor.com/downloads/Architecture.
pdf?84cd58.
Low, C., & Hsueh, C. Y. (2012). Criteria for the evaluation of a cloud-based hospital
information system outsourcing provider. Journal of Medical Systems, 36(6),
3543–3553.
Lu, Y. C., Xiao, Y., Sears, A., & Jacko, J. A. (2005). A review and a framework of handheld
computer adoption in healthcare. International Journal of Medical Informatics, 74(5),
409–422.
Lupse, O. S., Vida, M., & Stoicu-Tivadar, L. (2012). Cloud computing technology applied
in healthcare for developing large scale flexible solutions. Study of Health and
Technology Information, 174, 94–99.
Mathur, P., & Nishchal, N. (2010). Cloud computing: New challenge to the entire computer
industry. The 1st International Conference on Parallel, Distributed and Grid
Computing223–228.
Mehraeen, E., Ayatollahi, H., & Ahmadi, M. (2016). Health information security in hos-
pitals: The application of security safeguards. Act Information Medical, 24(1), 47–50.
Mehraeen, E., Ghazisaeedi, M., Farzi, J., & Mirshekari, S. (2017). Security challenges in
healthcare cloud computing: A systematic review. Global Journal of Health Science,
9(3), 157–166.
Mell, P., & Grance, T. (2010). The NIST definition of cloud computing. IEEE/ACM
Transactions on Networking: A Joint Publication of the IEEE Communications Society, the
IEEE Computer Society, and the ACM With Its Special Interest Group on Data
Communication, 53(6), 50.
Memon, F. N., Owen, A. M., Sanchez-Graillet, O., Upton, G. J., & Harrison, A. P. (2010).
Identifying the impact of G-quadruplexes on Affymetrix 3 arrays using cloud com-
puting. Journal of Integration Bioinformatics, 7(2), 111.
Microsoft (2012). Microsoft HealthVault. Accessed on 23 September 2017, available
at:http://www.microsoft.com/en-us/healthvault/organize/medical-records.aspx.
Minister of Justice (2011). Personal information protection and electronic documents act
(PIPEDA). Accessed on September 23, 2017, available at:http://laws.justice.gc.ca/
PDF/Readability/P-8.6.pdf.
Miras, H., Jimenez, R., Miras, C., & Goma, C. (2013). Cloud MC: a cloud computing ap-
plication for Monte Carlo simulation. Physical Medical Biology, 58(8), 125–133.
Mirza, H., & El-Masri, S. (2013). National electronic medical records integration on cloud
computing system. Studies in Health Technology and Informatics, 192, 1219.
Muir, E. (2011). Challenges of cloud computing in healthcare integration. Accessed on 13
September 2017, available at:http://www.zdnet.com/news/challenges-of-cloud-
computing-in-healthcare-integration/6266971.
Ngai, E. W. T., & Wat, F. K. T. (2002). A literature review and classification of electronic
commerce research. Information & Management, 39(5), 415–429.
Nkosi, M. T., & Mekuria, F. (2010). Cloud computing for enhanced mobile health appli-
cations. The IEEE 2nd International Conference on Cloud Computing Technology and
Science (pp. 1–5).
Ozdemir, Z., Barron, J., & Bandyopadhyay, S. (2011). An analysis of the adoption of
digital health records under switching costs. Information Systems Research, 22(2),
157
International Journal of Information Management 43 (2018) 146–158
491–503.
Pandora (2011). FMS-virtualization and Cloud computing monitoring. Accessed on
September 23, 2017, available at: http://pandorafms.com/downloads/PandoraFMS_
Virtual_Enviroment_Monitoring.pdf.
Papakonstantinou, D., Poulymenopoulou, M., Malamateniou, F., & Vassilacopoulos, G.
(2012). A cloud-based semantic wiki for user training in healthcare process man-
agement. Study of Health and Technology Information, 169, 3–7.
Pazowski, P. (2015). Green computing: Latest practices and technologies for ICT sustainability.
International Conference of Technology, Innovation and Industrial
Management1853–1860.
Pearson, S. (2009). Taking account of privacy when designing cloud computing services.
The IEEE 1st International Workshop on Software Engineering Challenges for Cloud
Computing (pp. 1–10).
Pearson, S., & Benameur, A. (2010). Privacy, security and trust issues arising from cloud
computing. The 2nd IEEE International Conference on Cloud Computing Technology and
Science693–702.
Petri, I., Kubicki, S., Rezgui, Y., Guerriero, A., & Li, H. (2017). Optimizing energy effi-
ciency in operating built environment assets through building information modeling:
a case study. Energies, 10(1167), 1–17.
Petticrew, M., & Roberts, H. (2008). Systematic review in the social sciences: A practical
guide. John Wiley & Sons.
Poole, C. M., Cornelius, I., Trapp, J. V., & Langton, C. M. (2012). Radiotherapy Monte
Carlo simulation using cloud computing technology. Australasian Physical Engineering
Science of Medical, 35(4), 497–502.
Pucher, K. K., Boot, N. M. W. M., & De Vries, N. K. (2013). Systematic review. Health
Education, 113(5), 372–391.
Rack-space Hosting (2011). High availability cloud environments. Accessed on 12
September 2017, available at:http://www.codeproject.com/Articles/157992/High-
Availability-Cloud-Environments.
Ramachandran, M. (2016). Software security requirements management as an emerging
cloud computing service. International Journal of Information Management, 36(4),
580–590.
Ramachandran, M., & Chang, V. (2016). Towards performance evaluation of cloud service
providers for cloud data security. International Journal of Information Management,
36(4), 618–625.
Rao, G. S. V. R. K., Sundararaman, K., & Parthasarathi, J. (2010). Dhatri: A pervasive
cloud initiative for primary healthcare services. The 14th International Conference on
Intelligence in Next Generation Networks (pp. 1–6).
Raut, V. (2011). Cloud computing and healthcare. Cloud-Expo Journal. Accessed on
September 09, 2017, available at: http://cloudcomputing.sys-con.com/node/
2026409.
Regola, N., & Chawla, N. V. (2013). Storing and using health data in a virtual private
cloud. Journal of Medical Internet Research, 15(3), e63.
Rodrigues, J. J., de la Torre, I., Fernández, G., & López-Coronado, M. (2013). Analysis of
the security and privacy requirements of cloud-based electronic health records sys-
tems. Journal of Medical Internet Research, 15(8), e186.
Rolim, C. O., Koch, F. L., Westphall, C. B., Werner, J., Fracalossi, A., & Salvador, G. S.
(2010). A cloud computing solution for patient’s data collection in health care institutions.
The 2nd International Conference on eHealth, Telemedicine, and Social Medicine95–99.
Romanow, D., Cho, S., & Straub, D. (2012). Riding the wave: Past trends and future
directions for health IT research. MIS Quarterly, 36(3), 1–26.
Rosenthal, A., Mork, P., Li, M. H., Stanford, J., Koester, D., & Reynolds, P. (2010). Cloud
computing: a new business paradigm for biomedical information sharing. Journal of
Biomedical Information, 43(2), 342–353.
Sadoughi, F., & Erfannia, L. (2017). Health information system in a cloud computing
context. Health Informatics Meets eHealth, 290–297.
Sasikala, P. (2012). Cloud computing and e-governance: Advances, opportunities and
challenge. International Journal of Cloud Applications and Computing, 2(4), 32–52.
HITECH (2009). The Health Information Technology for Economic and Clinical Health Act
(HITECH Act). Accessed on 25 July 2018, available at: https://www.hhs.gov/hipaa/
for-professionals/special-topics/hitech-act-enforcement-interim-final-rule/index.
html.
Seddon, J., & Currie, W. (2014). Institutional effects of comparative government regulation for
the protection and privacy of health data in the cloud. The 8th Mediterranean Conference
on Information Systems1–14.
Senyo, P. K., Addae, E., & Boateng, R. (2018). Cloud computing research: A review of
research themes, frameworks, methods and future research directions. International
Journal of Information Management, 38(1), 128–139.
Shea, B. J., Grimshaw, J. M., Wells, G. A., Boers, M., Andersson, N., Hamel, C., et al.
(2007). Development of AMSTAR: a measurement tool to assess the methodological
quality of systematic reviews. BMC Medical Research Methodology, 7(10), 1–7.
Shen, C. P., Jigjidsuren, C., Dorjgochoo, S., Chen, C. H., Chen, W. H., & Hsu, C. K. (2012).
A data mining framework for transnational healthcare system. Journal of Medical
Systems, 36(4), 2565–2575.
Shiferaw, F., & Zolfo, M. (2012). The role of information communication technology (ICT)
towards universal health coverage: The first steps of a telemedicine project in
Ethiopia. Global Health Action, 5, 1–8.
Siddiqui, Z., Abdullah, A. H., Khan, M. K., & Alghamdi, A. S. (2014). Smart environment
as a service: three factor cloud based user authentication for telecare medical in-
formation system. Journal of Medical Systems, 38(1), 9997.
Silva, L. A., Costa, C., & Oliveira, J. L. (2012). A PACS archive architecture supported on
cloud services. International Journal Computer Assistance Radiology Surgery, 7(3),
349–358.
Spanos, G., & Angelis, L. (2016). The impact of information security events to the stock
market: a systematic literature review. Computer and Security, 58, 216–229.
Spil, T., & Klein, R. (2014). Personal health records success; Why google health failed and
O. Ali et al.
what does that mean for microsoft HealthVault? The 47th Hawaii International Conference
on System Science2818–2827.
Strukhoff, R., O’Gara, M., Moon, N., Romanski, P., & White, E. (2009). Healthcare clients
adopt electronic health records with cloud-based services. Cloud Expo. Accessed on 18
October 2017, available at: http://cloudcomputing.sys-con.com/node/886530.
Sultan, N. (2014a). Discovering the potential of cloud computing in accelerating the
search for curing serious illnesses. International Journal of Information Management,
34(2), 221–225.
Sultan, N. (2014b). Making use of cloud computing for healthcare provision:
Opportunities and challenges. International Journal of Information Management, 34,
177–184.
Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud
computing. International Journal of Distributed Sensor Networks, 1–9.
The Economist Intelligence Unit (2015). The adoption of cloud computing in five industry.
The Economist Intelligence Unit (EIU)1–18.
Tomi, D., Kivijarvi, H., & Saarinen, T. (2017). Longitudinal study on the expectations of
cloud computing benefits and an integrative multilevel model for understanding cloud
computing performance. The 50th Hawaii International Conference on System
Sciences4251–4260.
Tranfield, D., Denyer, D., & Smart, P. (2003). Towards a methodology for developing
evidence informed management knowledge by means of systematic review. British
Journal of Management, 14, 207–222.
Van Oranje, C., Schindler, R., Valeri, L., Vilamovska, A. M., Hatziandreu, E., & Conklin, A.
(2009). Study on the requirements and options for Radio Frequency Identification
(RFID) application in healthcare. RAND Corporation Technical Report Series, 1–148.
Venkatesh, V., Rai, A., Sykes, T. A., & Aljafari, R. (2016). Combating infant mortality in
rural India: evidence from a field study of e-health kiosk implementations. MIS
Quarterly, 40(2), 353–380.
Victor, L. (2008). Social research update: Systematic review. Department of Sociology,
University of Surrey1–4.
158
International Journal of Information Management 43 (2018) 146–158
Vida, M. M., Lupse, O. S., Stoicu-Tivadar, L., & Bernad, E. (2012). Flexible solution for
interoperable cloud healthcare systems. Study of Health and Technology Information,
180, 280–284.
Vilaplana, J., Abella, S. F., Filgueira, R., & Rius, J. (2013). The cloud paradigm applied to
e-Health. BMC Medical of Information Decision Making, 13(35), 1–10.
Vreeland, A., Persons, K. R., Primo, H., Bishop, M., Garriott, K. M., Doyle, M. K., et al.
(2016). Considerations for exchanging and sharing medical images for improved
collaboration and patient care: HIMSS-SIIM collaborative. Journal of Digital Imaging,
29(5), 547–558.
Wan, D., Greenway, A., Harris, J. G., & Alter, A. E. (2010). Six questions every health
industry executive should ask about cloud computing. Accessed on 10 September 2017,
available at:http://www.accenture.com/SiteCollectionDocuments/PDF/Accenture_
Cloud_Healthcare_PoV.pdf.
Ward, B. T., & Sipior, J. C. (2010). The Internet jurisdiction risk of cloud computing.
Information System in Management, 27(4), 334–339.
Webster, J., & Watson, R. T. (2002). Analyzing the past to prepare for the future: Writing
a literature review. MIS Quarterly, 26(2), xiii–xxiii.
Wohlin, C. (2014). Guidelines for snowballing in systematic literature studies and a replication
in software engineering. The 18th International Conference on Evaluation and Assessment
in Software Engineering1–10.
Yao, Q., Han, X., Ma, X. K., Xue, Y. F., Chen, Y. J., & Li, J. S. (2014). Cloud-based hospital
information system as a service for grassroots healthcare institutions. The Scientific
World Journal, 38(9), 104.
Zhang, R., & Liu, L. (2010). Security models and requirements for healthcare application
clouds. The IEEE 3rd International Conference on Cloud Computing (pp. 268–275).
Zhang, Q., Cheng, L., & Boutaba, R. (2010). Cloud computing: State-of-the-art and re-
search challenges. Journal of Internet Services and Applications, 1(1), 7–18.
Zhao, Y., Ni, Q., & Zhou, R. (2017). What factors influence the mobile health service
adoption? A meta-analysis and the moderating role of age. International Journal of
Information Management, 1–9. https://doi.org/10.1016/j.ijinfomgt.2017.08.006.