Professional Documents
Culture Documents
International Journal of Information Management: Review
International Journal of Information Management: Review
Review
A R T I C LE I N FO A B S T R A C T
Keywords: Cloud computing offers an innovative method of delivering IT services efficiently. Extant literature suggests that
Cloud computing cloud technology can enhance the level of services in various industries, including healthcare services. As with
Healthcare services any technological innovation, cloud computing should be rigorously evaluated before its widespread adoption.
Systematic review This research study presents a systematic review of scholarly articles of cloud computing in the healthcare sector.
Classification framework
We considered 316 articles and filtered down to 88 articles to present a classification framework that has three
dimensions: cloud computing-enabled healthcare opportunities, issues, and applications. Implications to future
research and practice are highlighted in the areas of value-added healthcare services towards medical decision-
making, data security & privacy obligations of cloud service providers, health monitoring features and in-
novative IT service delivery models using cloud computing.
⁎
Corresponding author at: School of Management & Enterprise, University of Southern Queensland, West Street, Toowoomba, Queensland 4350 Australia.
E-mail addresses: omar.ali@usq.edu.au (O. Ali), anup.shrestha@usq.edu.au (A. Shrestha), soar@usq.edu.au (J. Soar),
s.fosso-wamba@tbs-education.fr (S.F. Wamba).
https://doi.org/10.1016/j.ijinfomgt.2018.07.009
Received 13 April 2018; Received in revised form 19 July 2018; Accepted 19 July 2018
0268-4012/ Crown Copyright © 2018 Published by Elsevier Ltd. All rights reserved.
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
3. Research methodology
147
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
Fig. 2. Systematic review mapping process Adapted from (Kitchenham & Charters, 2007; Kitchenham, 2004; Tranfield et al., 2003).
specific categories within each dimension of the framework. As shown stakeholders (quality); capital expense saving, operating expense re-
in Fig. 3 our final research framework consists of cloud computing- duction, and lower labour cost (efficiency); and compliance with reg-
enabled healthcare opportunities (management and technology gains), ulations, better operational processes, improved patient management,
cloud computing-enabled healthcare issues (technological, security and accurate decision-making capacity (improvement of services).
privacy, and legal issues), and cloud computing-enabled healthcare Likewise, the technology gains category covers literature on benefits
applications (technology functionalities). delivered by cloud computing infrastructure as a service. Specific ex-
The classification framework, shown in Fig. 3, was based on the amples are increase in scalability, flexibility, and productivity of com-
literature review, the nature of cloud computing research, and the work puting infrastructure; and lower energy costs, reduction of emission of
conducted by Barki, Rivard, and Talbot, (1993) and existing classifi- harmful substances, decrease in electricity costs (green technology).
cation schemes of IS (Alavi & Carlson, 1992; Barki et al., 1993; Ngai &
Wat, 2002). The classification framework dimensions and their cate-
gories are addressed next in more detail. 3.1.2. Issues dimension
This dimension is divided into three different categories, technolo-
gical issues; security and privacy issues; and legal issues. The techno-
3.1.1. Opportunities dimension logical issues category covers literature about technical issues related to
This dimension is divided into two different categories, manage- cloud computing. Examples include risks such as the lack of necessary
ment gains, and technology gains. The management gains category Internet connectivity infrastructure in healthcare institutions to support
covers literature on cloud computing benefits in terms of quality, effi- cloud computing enabled healthcare projects, the possible interference
ciency, and improvement in services. Some relevant examples are pa- of cloud computing systems with medical equipment, the challenge to
tient care quality, and better coordination between healthcare clearly define the scalability of cloud computing-enabled healthcare
148
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
projects, and the technical complexity of such projects. snowballing ensures that as much information as possible from the
Likewise, the security and privacy issues category cover literature article being examined is extracted without going to the new article
about security and privacy issues related to cloud computing. Relevant unless no more information is available in the article being examined
examples include cloud computing data integrity, confidentiality of (Webster & Watson, 2002; Wohlin, 2014). The combination of the two
data stored by cloud computing systems, and privacy risks associated techniques increases the probability that the systematic review covers
with trustworthiness & data sharing. significant articles in any area of research.
Finally, the legal issues category covers literature about policies and
regulation issues that related to cloud computing. For example, risks 3.2. Execution phase
associated with contract law, intellectual property rights, and in-
formation jurisdiction. In the execution phase, the selection strategies are applied to help
filter the overall publication results down to select relevant articles.
3.1.3. Applications dimension This research followed the six techniques as outlined below. Firstly, the
This dimension has only one category, which is the technology determination of search terms is an iterative procedure starting with
functionality of the cloud computing in the healthcare sector. This ca- trial searches using different search terms, considering an initial set of
tegory covers literature on cloud computing impact that relates to in- articles that is already known to belong to the research field of the
formation processing, availability, and as monitoring tools. Specific systematic review (Golder et al., 2014; Higgins & Green, 2011; Hu &
examples include applications associated with more efficient employee Bai, 2014). The procedure of determining search terms ends when the
time utilization, effective mistake prevention, better labour pro- initial set of already known articles is found after the initial search. All
ductivity, decreased processing time, and workflow optimization in the aforementioned online databases offer the opportunity to perform a
hospitals (information processing); applications that enable the system search using sophisticated search strings in combination with relevant
to be accessible at all times (availability); and applications that monitor Boolean operators. The search string that was used in the present lit-
improvements in patient management workflow such as critical data of erature review is (“Cloud Computing” AND “Healthcare”). Secondly, fil-
the patient, patient data flow supervision, and procedures carried out ters were applied by using all available tools for each database to limit
on each patient (monitoring tools). the research results (Aleixandre-Benavent et al., 2011). As we know
The third step in the planning phase is the definition of research that the initial search by using specific keywords to any database pro-
questions. It is a critical step in every systematic review. By answering duced a large number of articles, we narrowed the number of articles by
research questions, literature reviews essentially accomplish their ob- using filters based on selected year of publication, type of document,
jectives. The research questions for this systematic review are stated and research area. Thirdly, all the search results were checked manually
below: to confirm that the title and the abstract of the articles are relevant in
order to remove irrelevant articles from search results (Golder et al.,
• What are the opportunities anticipated from adoption of cloud 2014; Higgins & Green, 2011; Pucher et al., 2013). Fourthly, full arti-
computing in healthcare sector? cles were reviewed to identify relevant information on the topic of in-
• What are the critical issues that influence the adoption of cloud terest (Hu & Bai, 2014; Pucher et al., 2013; Shea et al., 2007). Fifthly,
computing in healthcare sector? the backward snowball technique was used as a complement to the
• What are the current and common areas of cloud computing enabled broad automated search in order to find articles that was unidentified
healthcare applications? from the first method (Hu & Bai, 2014; Spanos & Angelis, 2016). Fi-
• What are the major findings from previous research and their sig- nally, the quality assessment criteria were defined to ensure that all the
nificance for future directions? included studies in a systematic review attain an acceptable level of
quality (Hu & Bai, 2014; Spanos & Angelis, 2016). A high-quality
The fourth step in the planning phase is the definition of the strategies checklist was developed to assess whether an article is to be included in
for articles selection. In this step, a combined search method was adopted the research study or not. The checklist consists of assessment questions
that covers a broad automated search in online databases, manual re- adopted from Kitchenham (2004); Petticrew and Roberts (2008);
view, and the backward snowball technique. Spanos and Angelis (2016). The checklist included criteria regarding
The broad automated search method includes the selection of the sufficient discussion about the research objective, clear statement of the
most appropriate online sources (Brettle & Long, 2001; Golder, Loke, & research question or problem, the availability and description of data,
Zorzela, 2014; Higgins & Green, 2011; Hu & Bai, 2014). The digital description of the methodology adopted, presentation of the research
sources that were selected in the presented literature review are the results and relevance of the research results to answer the research
following online databases: Science Direct, Medline, IEEE, PubMed, question/ problem. Articles that address all these criteria were included
Scopus, and AIS E-library. Also, relevant filtering tools were applied for in the final review. Full details of the literature search results are
each database to limit the research results (Aleixandre-Benavent, highlighted in Table 1.
González Alcaide, González De Dios, & Alonso-Arroyo, 2011). This research review was conducted in September 2017 by fol-
The broad manual review method includes reading the abstract and lowing the protocol as discussed in the planning phase. The initial
the title of the research initially (Golder et al., 2014; Higgins & Green, keyword search resulted in 316 articles. After applying all the steps
2011; Pucher, Boot, & De Vries, 2013). Then, reading the full articles reported earlier, there were 88 research articles that were finally
selected to filter out irrelevant articles was executed (Hu & Bai, 2014; chosen for further investigation and reporting.
Pucher et al., 2013; Shea et al., 2007).
The backward snowball technique was used as a complement to the 3.3. Summarizing phase
broad automated search and manual review in order to find articles that
cannot be found from the first method. Backward snowballing means After the development of the review protocol, all the predefined
using the reference list to identify new articles to include (Wohlin, steps of the systematic review were executed. In Table 1, the steps
2014). The first step is to go through the reference list and exclude leading to the final number of the selected articles of the present review
articles that do not fulfil the basic criteria such as language, publication are illustrated. Specifically, after the initial search process, 316 articles
year and type of publication. The next step is to remove articles from were found. After the reading of titles and abstracts of the candidate
the list that have already been examined based on being found earlier in articles, aiming to find irrelevant articles or duplicates, 222 articles
the previous iteration. Once these are removed, the remaining articles were removed and the number of remaining articles was 94. Next, after
are strong candidates for inclusion. These steps in the backward reading full articles, 21 irrelevant articles were removed. The final
149
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
Table 1
Literature search results.
Databases Automated Search Method Manual Review Method Backward Snowball Final Results
nd rd th th
1 st Strategy Keywords 2 Strategy Apply 3 Strategy Reading Title 4 Strategy Reading 5 Strategy Backward 6th Strategy Quality
Results Filter and Abstract Full Articles Snowball Technique Assessment
Table 2
Classification of accepted articles.
Dimension Category Type Reference
Opportunities Management Gains Quality Kuo (2011); Kabachinski (2011); Papakonstantinou et al. (2012); Low and Hsueh (2012); Poole et al.
(2012); Miras et al. (2013); Vilaplana et al. (2013); Kagadis et al. (2013); Hussain et al. (2014); Cubo
et al. (2014); Griebel et al. (2015); Mehraeen et al. (2016); Godinho et al. (2016); Vreeland et al. (2016);
Lian (2017); Mehraeen et al. (2017).
Efficiency Papakonstantinou et al. (2012); Muir (2011); Kabachinski (2011); Ahuja et al. (2012); Low and Hsueh
(2012); Shen et al. (2012); Poole et al. (2012); Bahga and Madisetti (2013); Miras et al. (2013); Kagadis
et al. (2013); Vilaplana et al. (2013); Yao et al. (2014); Hussain et al. (2014); Cubo et al. (2014);
Mehraeen et al. (2016); Godinho et al. (2016); Lian (2017); Mehraeen et al. (2017); Sadoughi and
Erfannia (2017).
Improvement of Services Muir (2011); Papakonstantinou et al. (2012); Poole et al. (2012); Low and Hsueh (2012); Bahga and
Madisetti (2013); Miras et al. (2013); Kagadis et al. (2013); Vilaplana et al. (2013); Hussain et al. (2014);
Cubo et al. (2014); Griebel et al. (2015); Mehraeen et al. (2016); Godinho et al. (2016); Vreeland et al.
(2016). Sadoughi and Erfannia (2017); Lian (2017); Mehraeen et al. (2017).
Technology Gains Green Technology Zhang et al. (2010); Baliga et al. (2011); Sasikala (2012); Pazowski (2015); Petri et al. (2017).
IT Infrastructure Zhang and Liu (2010); Kuo (2011); Lanman et al. (2011); Fernández-Cardeñosa et al. (2012); Harris
et al. (2015); Tomi et al. (2017); Sadoughi and Erfannia (2017); García et al. (2018)
Issues Technological Issues Technical Armbrust et al. (2009); Durkee (2010); Bisong and Rahman (2011); Kuo (2011); Hsieh and Hsu (2012);
He et al. (2013).
Security & Privacy Issues Security & Privacy Pearson (2009); Cisco (2015); Armbrust et al. (2009); Pearson and Benameur (2010); Mathur and
Nishchal (2010); Dillion et al. (2010); Cloud Security Alliance (2010); Forell et al. (2011); Hay et al.
(2011); Muir (2011); Ahuja et al. (2012); Regola and Chawla (2013); Hashizume et al. (2013); Rodrigues
et al. (2013); Seddon and Currie (2014); Abbas and Khan (2014); Lian et al. (2014); Sultan (2014b);
Siddiqui et al. (2014); Ermakova et al. (2014); Sun et al. (2014); Griebel et al. (2015); Hoang and Dat
(2015); Christoph et al. (2015); An et al. (2016); Jaatun et al. (2016); Ramachandran (2016); Mehraeen
et al. (2017).
Legal Issues Regulation Ward and Sipior (2010); Kuner (2010); Minister of Justice (2011); Kuo (2011); Javelin Strategy and
Research (2011); Hashizume et al. (2013); Seddon and Currie (2014); Currie and Seddon (2014); Hoang
and Dat (2015); An et al. (2016).
Application Technology Information Processing Zhang and Liu (2010); Kuo (2011); Lupse et al. (2012); Vida et al. (2012); Shen et al. (2012); Silva et al.
Functionalities (2012); Microsoft (2012); Kagadis et al. (2013); Regola and Chawla (2013); Kaur and Chana (2014); Yao
et al. (2014).
Availability Botts et al. (2011); Zhang and Liu (2010); Ahmed and Abdullah (2011); Endo et al. (2016).
Monitoring Tools Rack-space Hosting (2011); Pandora (2011); Logic-Monitor (2012); Mirza and El-Masri (2013); Bahga
and Madisetti (2013); HIMSS (2014).
150
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
151
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
adoption (Zhang & Liu, 2010). In larger institutions, cloud computing 2012, service users were given a year to download their personal data
moves the responsibility of IT storage and maintenance to a third-party for storage in a different location (Kuo, 2011). There would have been
provider and reduces expenditure whilst enhancing scope and flex- significant data transfer challenges during these incidents. Similarly,
ibility (García, Tomás, Parra, & Lloret, 2018; Kuo, 2011). Current ICT biomedical research laboratories have a great need for fast, regular
facilities can be improved and web browser-based applications can be uploads, and downloads consisting of huge data files from the cloud,
operated as interfaces for cloud-based applications (Harris, Wang, & however, this can create bottlenecks due to network congestion
Wang, 2015; Tomi, Kivijarvi, & Saarinen, 2017). As the Internet is the (Armbrust et al., 2009).
source of such data sharing, portability and constant access is ensured
across all locations (Fernández-Cardeñosa, de la Torre-Díez, López- 4.2.2. Security and privacy issues
Coronado, & Rodrigues, 2012; Lanman, Horvath, & Linos, 2011; Security and privacy concerns within IT include threats from
Sadoughi & Erfannia, 2017). Using cloud services, e-health systems can hackers, user misuse and network breakdowns (Lian et al., 2014;
meet computing requirements of multimedia solutions that can store Mehraeen et al., 2017; Rodrigues, de la Torre, Fernández, & López-
and analyse big data and provide relevant information to public in- Coronado, 2013). Cloud computing service delivery is prone to poor
stitutions (García et al., 2018). encryption key management, public management interface and se-
Traditional ICT systems are not environmentally friendly due to paration failure (Dillion, Wu, & Chang, 2010; Forell, Milojicic, &
their carbon emissions (Petri, Kubicki, Rezgui, Guerriero, & Li, 2017). Talwar, 2011; Hay, Nance, & Bishop, 2011; Mathur & Nishchal, 2010).
Cloud computing supports lower energy consumption based on usage Viruses, malwares and other security threats in cloud systems are more
and therefore data storage facilities are cheaper to operate (Sasikala, challenging to solve than in conventional in-house IT systems, parti-
2012; Zhang, Cheng, & Boutaba, 2010). Not only is there an energy cularly when public cloud is used (Armbrust et al., 2009). Therefore,
saving but less materials are necessary for cooling, which results in security is being offered as a service to help cloud service providers
decreasing harmful emissions into the environment (Baliga, Ayre, deliver cost-effective turnkey and hosted security services to their
Hinton, & Tucker, 2011; Pazowski, 2015). This is also considered a customers (Cisco, 2015). Other research has found that the majority of
huge incentive for the adoption of cloud computing within healthcare users named security and privacy as the most threatening barrier within
as the environmental impact is minimized. cloud computing (Cloud Security Alliance, 2010; Ermakova, Fabian, &
Zarnekow, 2014; Sultan, 2014b). Applications and highly confidential
4.2. Cloud computing-enabled healthcare issues information are great concerns when moved to a cloud-computing
model as the effectiveness of privacy controls are questionable and it is
Although there are numerous advantages of cloud computing, issues still an area of active research (Sun, Zhang, Xiong, & Zhu, 2014).
still exist which need to be further investigated, particularly sur- As numerous customers now access data via cloud computing, it is
rounding aspects regarding technological issues, security and privacy imperative that all appropriate data is managed to avoid privacy
issues, and legal issues. breaches (Hashizume, Rosado, Fernández-Medina, & Fernandez, 2013).
Fig. 9 shows the cloud enabled healthcare issues articles distribution The first security aspect is software security, this entails identification
in relation to technological issues, security and privacy issues, and legal of personnel (Ramachandran, 2016). The second aspect is platform
issues. The figure showed that, the highest number of publication is security, which involves interfaces and framework aspects. The notion
within the security and privacy issues (28 articles) followed by legal of accountability in the context of data practices is also applicable for
issues and technological issues with (6 articles) each. The in-depth cloud computing that cater for services requiring stringent security and
discussion of the findings that are related to technological, security and privacy conditions, especially those involving sensitive health related or
privacy, and legal issues is addressed next. medical data (Jaatun, Pearson, Gittler, Leenes, & Niezen, 2016). Lastly,
infrastructure security relates to online privacy and storage settings
4.2.1. Technological issues (Pearson & Benameur, 2010; Pearson, 2009).
Lack of reliable service delivery models is one of the known draw- Multiple users share and access resources and environments within
backs with cloud computing (Bisong & Rahman, 2011; Durkee, 2010; the cloud computing environment. A lack of resources to separate sto-
He, Fan, & Li, 2013; Hsieh & Hsu, 2012). Customers are attracted by rage, reputation and routing are all concerns of privacy in this en-
aspects such as storage capacity and applications yet with the ever- vironment (Hoang & Dat, 2015; Seddon & Currie, 2014). Users of cloud
growing demand, cloud service providers (CSPs) often experience computing are at a greater risk of privacy breaches from external par-
overcrowding and cannot meet customer needs, and as a result the ties due to storage set up and space (An, Zaaba, & Samsudin, 2016;
value is cut by such companies in the way of restricting access or not Hashizume et al., 2013).
updating infrastructure. As CSPs are not usually audited by a regulatory Healthcare has more stringent security requirements due to reg-
body, poor service is a consequence leading to a shortfall in customer ulatory requirements and patient privacy rights on sensitive health and
expectation and service delivery (Durkee, 2010). medical data (Mehraeen et al., 2017; Muir, 2011; Rodrigues et al.,
Another aspect for further investigation is data transfer. If a CSP 2013). Data confidentiality is a commonly reoccurring theme (Griebel
closes business, organizations may have to transfer services to a dif- et al., 2015), particularly from the perspective of an unauthorized in-
ferent CSP or move back to an in-house IT environment. For example, dividual accessing patient records (Abbas & Khan, 2014; Christoph
when Google ceased to host its Google Health service on January 1, et al., 2015; Siddiqui, Abdullah, Khan, & Alghamdi, 2014). Transferring
such large and highly confidential files is particularly challenging and
greater security measures need to be undertaken (Rodrigues et al.,
2013). Additional requirements for security are related to access con-
trol, management of data, and secure storage (Ahuja et al., 2012;
Regola & Chawla, 2013).
152
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
bound by more than one laws at the same time and each law may information and process referrals. Health providers typically store
impose different requirements and consequences. In order to minimize EMRs in their own databases (Zhang & Liu, 2010). Relatively faster
such problems, the Canadian Personal Information Protection and collaboration can be achieved by moving data to a cloud so that all
Electronic Documents Act (CPIPEDA) restricts control of companies in parties can access required data (Kagadis et al., 2013; Regola & Chawla,
gathering, using or sharing of private data (Minister of Justice, 2011), 2013). Patient consent is required for their data, such as EHRs, EMRs,
yet a provider is within their rights to move data from one jurisdiction Personal Health Records (PHRs), and Payer Based Health Records
to another. (PBHRs), in order to be shared and stored into a cloud environment
As such the CPIPEDA put forward a new regulation for companies to (Kaur & Chana, 2014). This would enable the data to be accessed by all
declare data breaches to the Privacy Commissioner of Canada and to health stakeholders regionally and internationally (Lupse, Vida, &
inform customers when there is potential harm (Minister of Justice, Stoicu-Tivadar, 2012; Shen et al., 2012; Vida, Lupse, Stoicu-Tivadar, &
2011). Yet poor breach notification does not ensure security of one’s Bernad, 2012; Yao et al., 2014). Consequently, there will be fewer er-
data (Kuo, 2011). Javelin Strategy and Research (2011) found that rors as all health professionals would be able to view the same data,
users with recent data breach notifications were at the highest risk level while expanding service provision and keeping costs low (Silva, Costa,
for more fraudulent activities. Legal solutions surrounding these issues & Oliveira, 2012). For example, Microsoft’s HealthVault that typically
have not been addressed yet which is a major roadblock for wider cloud stores x-rays and doctors’ records can be extended to allow patients to
adoption in the healthcare sector, particularly for the government contribute data, for example, from heart rate monitors, thereby en-
healthcare services. abling all stakeholders to access the same and multi-faceted data for
decision-making (Microsoft, 2012).
4.3. Cloud computing-enabled healthcare applications
4.3.2. Availability
Approximately 31% of the healthcare sector is currently using cloud Greater availability of cloud computing is expected to produce less
computing and most of the other healthcare organizations are looking downtimes and a consistent service delivery (Botts, Horan, & Thoms,
into this as a viable option over the next five years (Griebel et al., 2011). The cloud can be managed to execute high availability service
2015). The majority of organizations intend to adopt the public cloud goals (Endo et al., 2016). Since applications can be scaled up or down
model first before moving towards the hybrid model, and finally adopt more easily according to demand (Ahmed & Abdullah, 2011). Security
a private cloud for business if feasible (Ahmed & Gutierrez, 2010). concerns must be fully understood prior to moving healthcare data to
Those who have moved forward with cloud models or those who intend cloud computing in order to realise maximum availability (Zhang & Liu,
to do so in the near future are deemed more advantageous in terms of 2010).
finance and efficiency than those who are slow to implement cloud
models (Wan, Greenway, Harris, & Alter, 2010). 4.3.3. Cloud monitoring tools
The healthcare system consists of pharmaceutical companies, in- Healthcare facilities can use cloud monitoring tools such as Cloud-
surance companies, laboratories and hospital facilities (Daemmrich, kick (Rack-space Hosting, 2011), Logic-Monitor (Logic-Monitor, 2012)
2011). All components need to abide by government regulations and and Pandora FMS (Pandora, 2011) in order to optimise cloud features
need to share data quickly, correctly and efficiently whilst upholding for their intended use. There are other general cloud monitoring tools
patient confidentiality (Raut, 2011). Patient data is highly sensitive and that are useful to specifically monitor the cloud infrastructure, such as
the risk of this being compromised is considered a reason behind slow Amazon Web Services (Bahga & Madisetti, 2013; Mirza & El-Masri,
adoption of cloud computing. Any innovative technology models in the 2013).
healthcare sector that manages critical health information must ensure Table 3 illustrates the current areas of cloud computing enabled
patient privacy (Cloud Security Alliance, 2010; Kaletsch & Sunyaev, healthcare applications (HIMSS, 2014).
2011). Based on Table 3, we discuss the top three areas of current usage,
Fig. 10 demonstrates the cloud enabled healthcare applications ar- planned use and lack of use of cloud applications next. A 2014 survey
ticles distribution in a related to information processing, availability, undertaken by Healthcare Information and Management Systems So-
and monitoring tools. The figure showed that the highest rate of pub- ciety (HIMSS) indicated that 43.6% of healthcare organizations used
lication is actually within the information processing area (11 articles). cloud services for hosting clinical applications and data followed by
This gives an indication that the most important applications of 38.7% for information exchange, and 35.1% for backups and data re-
adopting cloud computing within the healthcare sector are used to covery. 38.9% of the healthcare organizations planned to use cloud
process information across different healthcare actors or facilities. The services for hosting of archived data, 31.1% for backups and data re-
monitoring tools are discussed in five articles, and the availability of covery, and 28.4% for hosting operational applications and data. There
applications are discussed in four articles. The in-depth discussion of
the findings that related to information processing, availability, and Table 3
monitoring tools are presented next. The current areas of cloud applications.
Area Current Use Planned Use No Use
4.3.1. Information processing
Healthcare organizations must collaborate in order to request Hosting of Clinical Applications and Data 43.6% 14.1% 42.3%
Health Information Exchange 38.7% 20.0% 41.3%
Backups and Disaster Recovery 35.1% 31.1% 33.7%
Hosting of HR Applications and Data 34.9% 16.8% 48.3%
Hosting Financial Applications and Data 32.9% 18.8% 48.3%
Hosting Operational Applications and 27.7% 28.4% 43.9%
Data
Hosting of Archived Data 26.8% 38.9% 34.3%
Managed Services 22.1% 17.4% 60.5%
Hosting Communications Services 20.3% 20.3% 59.4%
Virtual Networks 6.1% 8.8% 85.1%
Identity Management 2.0% 8.1% 89.9%
Timely Provisioning or De-provisioning 2.0% 6.1% 91.9%
Accounts
Fig. 10. Cloud enabled healthcare applications articles distribution.
153
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
appears to be a strong interest in data-driven usage of cloud services in issues with specific cloud applications in the healthcare sector. There is
the areas of storage and sharing, as per the current use and future de- a lack of theoretical orientation and longitudinal study on the overall
mands. In terms of the lack of use of cloud applications, 91.1% of the value of cloud services to the healthcare sector, demonstrating the lack
healthcare organizations were least likely to use cloud service for ac- of maturity in this research area. Nevertheless, a positive finding is the
count management, 89.9% for identify management, and 85.1% for uniform distribution of research articles that are published in IS as well
virtual networks. Network-specific services and access management as medical journals (see Fig. 5).
applications, while critical application areas of cloud computing in An analysis of the research topics according to the classification
general, appears to be the areas that are of less interest to the stake- framework as illustrated in Fig. 7 showcases the expanding research
holders in the healthcare sector. interest in the area of opportunities presented by cloud computing in
the healthcare sector. Likewise, there is a reduced interest in the study
5. Implications to research and practice surrounding cloud related issues and healthcare applications. This
might imply that the key technological and management issues have
We draw out several key implications from the findings of our been addressed as the cloud technology evolved. Therefore, studies
systematic literature review for future research surrounding cloud associated with the opportunities from using cloud computing might
computing in the healthcare sector. seek more generic benefits rather than specific cloud applications and
their features. This is a promising development that provides a positive
5.1. Implications to research roadmap for future research work.
Current cloud applications are centred around medical data ad-
The key implications to research from our findings in this systematic ministration (Harsha et al., 2016) and EHRs (Chatman, 2010; Kuo,
literature review include information sharing and collaboration; data 2011). However, cloud computing has potential to offer value-added
security and privacy; and decision support. Current research in cloud healthcare services in more decision-making areas such as diagnosis &
computing in the healthcare sector is concentrated in the area of data control, prescriptions, education and referrals & recommendations
storage and associated services to make relevant information accessible (Korea IT Times, 2010). Therefore, we can argue that effective use of
in less time (Cubo et al., 2014; Hussain et al., 2014; Lian, 2017; cloud computing within the healthcare sector has not reached its po-
Mehraeen et al., 2016, 2017). This has the potential to reduce opera- tential (Rosenthal et al., 2010). Currently, there is more data driven
tional costs while expanding the scope and flexibility of IT services to usage of cloud rather than network-related utilities. Cloud applications
the healthcare sector (Miras et al., 2013; Vilaplana et al., 2013). can enable access to multi-faceted data for decision making, however
Moreover, another huge incentive for the adoption of cloud computing the use of cloud computing for decision support in the healthcare sector
within the healthcare sector is to minimize the environmental impact. is an area that is not well researched and deserve attention for future
While cloud computing has allowed data to be shared across multiple research. These value-added healthcare services are potentially dis-
systems, these features have not been broadly incorporated in the ruptive to the medical industry but it can be considered as an enabler
current healthcare facilities. towards decision support for medical practitioners including doctors
Data security and privacy are two of the most discussed challenges and nurses. Future researchers might want to investigate these value-
in cloud computing not just in the healthcare sector but across all in- added cloud services within the healthcare sector, particularly in the
dustries (Ermakova et al., 2014; Sultan, 2014b). A number of data se- area of medical decision-making.
curity models for cloud computing have been developed to combat Current study of cloud computing in the healthcare sector takes a
performance issues related to data security (Ramachandran & Chang, very narrow view of the IT service delivery model with an emphasis on
2016). However, data confidentiality requirements are stringent in the process improvement and cost saving. Major opportunities of cloud
healthcare sector and the current effectiveness of privacy controls of within the healthcare sector are studies with the lens of quality, effi-
sensitive data, such as patient health information, are insufficient ciency and technology benefits, e.g. infrastructure as a service.
(Griebel et al., 2015). Besides other factors, risks of sensitive patient However contemporary definitions of “service” highlights innovative
data being compromised is considered a reason behind slow adoption of ways of delivering value to customers. The current areas of cloud ap-
cloud applications (Kaletsch & Sunyaev, 2011). An integrated model to plications demonstrate limited use towards network management and
manage risks in cloud services has been proposed by Ali, Warren, and optimization (HIMSS, 2014). Consequently, cloud applications suffer
Mathiassen, (2017), this model outlines three types of risks (services, challenges associated with service reliability (He et al., 2013) and
technology and process-related risks) and four types of resolution availability (Endo et al., 2016). Therefore, we suggest future research
(stakeholder engagement, technology development, innovation plan- should look at a wider view of IT service delivery that encompasses
ning and control. Using this model, managers can profile their risk service value elements such as scalability, reliability, technical com-
scenarios and possible responses to take advantage of innovation de- plexity, data integrity, security and privacy risks that are associated
rived from cloud services. This research by Ali et al. (2017) provides an with cloud computing.
excellent foundation based on risk management for further research in Furthermore, current cloud applications are primarily studied based
cloud computing opportunities, issues and applications for healthcare on their capacity of information processing and availability.
services. These research considerations imply some specific guidance Applications associated with health monitoring in general, e.g. fitness
for future research directions as discussed next. tracking, are heavily researched and adopted in practice. However,
monitoring activities associated with chronic patients and their treat-
5.2. Future research directions ment/ care are not as well facilitated using cloud computing. Future
research can emphasize health monitoring features enabled by cloud
As a research area, application of cloud computing in the healthcare applications rather than information processing features.
sector is an emerging topic. Although the research on adoption of cloud We have found that the adoption of cloud computing is higher in
computing in the healthcare sector is growing, this is the first attempt comparatively larger health organizations that have mature operational
towards a synthesis of the existing research findings based on a sys- processes and limited budgetary constraints (Wan et al., 2010). This is
tematic literature review. According to our review strategy, only 85 ironic given the cost saving benefits of cloud services that suits smaller
academic articles have been selected in our study, among which the companies. Future research must investigate adoption issues of cloud
significant number of publications occur in 2010–2014 and fewer in computing for smaller health organizations like clinics, community
recent times, i.e. 2015–2017 (see Fig. 4). The overall theme of the health centres and health facilities in developing countries.
publications in 2010–2014 represented realization of benefits and Cloud computing, by its very nature, enables data sharing across
154
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
multiple systems, however such features are not utilized in current 5.3.3. Management of the cloud environment
healthcare facilities (Yao et al., 2014). Future research should look into Cloud computing contexts are not dissimilar to conventional IT
benefits and challenges associated with data sharing and investigate the contexts apart from cloud customer and CSP boundaries (Kupferman,
regulatory compliance of CSPs in offering these services. For example, Silverman, Jara, & Browne, 2009). Conventional IT supervision en-
current research highlighted the need for effective privacy controls in compassed expense, supervision, backing, privacy and appropriate
cloud computing for the healthcare sector as a very important future work personnel. Yet some components of cloud computing entail dif-
research consideration (Sun et al., 2014). As it currently stands, CSPs ficulties such as devices, which are automatically connected to the In-
are not required to be audited by a regulatory body. Therefore, a CSP is ternet, intelligent cognitive assistants and authorisation of EHRs.
within their own right to move data from one jurisdiction to another. Business advantages are often the result of good practice in the
Moreover, CSPs currently do not offer assured data capabilities, as these management of cloud environment that results in financial rewards,
are promoted as shared responsibilities of service providers and although this can be a slow process owing to the initial costs involved.
healthcare facilities. Research surrounding patient privacy controls, Healthcare organizations are advised to initially implement strategies,
service levels and responsibilities of CSPs is an important area of future which assist the business objectives and deadlines taking into con-
research. sideration the IT structure and cloud solution components (Cloud
Standards Customer Council, 2017). The cloud management strategies
5.3. Implications to practice should also consider future outlook, comprehend existing technologies,
and ensure proof of concept and scale to production in order to max-
Likewise, we present the following implications to practice in order imize benefits from the cloud environment in practice.
to enable effective implementation of cloud-based healthcare solutions.
6. Conclusion
5.3.1. Cloud deployment and service models
In determining the cloud’s given workload, many aspects need to be The state-of-the-art of the research related to cloud computing in the
considered so that the most conducive model is used whether it be healthcare sector has been reviewed and discussed. A number of articles
public, private or a combination of both. Public cloud services are run were comprehensively chosen from the online database and further
on data centre resources owned by a CSP where data is accessible to classified into three key areas: opportunities, issues, and applications.
numerous cloud service customers; this is referred to as multi-tenant. This research study offers an understanding of the current cloud com-
Whereas cloud services within private cloud distribution run on data puting research and its real-world implementation in the healthcare
centre resources owned by cloud service customers, these are usually sector.
controlled and executed by customers on site. Combined cloud models This research study presented implications to research and practice
use numerous deployment models at the same time and frequently with as a guidance for future study and for healthcare decision makers. It is
resources not associated with cloud services. Using relevant cloud ser- essential to discover whether the opportunities of cloud computing
vice models, organizations must align their IT capabilities since re- outweigh the issues that related with its use in the healthcare sector.
search has confirmed that IT capability positively affects cloud success According to the literature analysed in this research study, there is
and ultimately performance of the organization (Garrison, Wakefield, & sufficient evidence to suggest that cloud computing can bring sig-
Kim, 2015). nificant opportunities to the healthcare sector. However, the issues that
Secure cloud service models have started to be implemented within related to the security and privacy of patient data and loss of control of
healthcare facilities, such as healthcare insurance to small-scale clinics. data management to CSPs must be carefully evaluated, especially due to
Healthcare standards have been renewed to reflect the adoption of the strict regulations that govern the healthcare sector. As a result of
cloud computing (Cloud Standards Customer Council, 2017). In re- that, many companies are working to improve and adapt policies to
sponse to this trend, numerous CSPs have HIPAA enabled offerings as secure patient data in order to promote confidentiality. Cloud appli-
an addition, which adheres to the HITECH Act of 2009. As the digital cations can enable access to multi-faceted data for decision making,
world expands, healthcare providers are becoming more aware of cloud however using cloud computing for decision support in the healthcare
computing advantages (HITECH, 2009). These encompass managing sector is a significant opportunity for researchers and practitioners.
virtual capital, safeguarding against hacking and emergencies, internet
of things augmented patient care, versatile methods of payment and Conflicts of interest
providing assistance to medical staff. However, aspects such as security
(Mehraeen et al., 2017), data classification (Griebel et al., 2015), None
business model (Yao et al., 2014), target operating model (Bobsguide,
2015), application architecture (Cloud Standards Customer Council, References
2016), cost (Godinho et al., 2016), and performance (Vilaplana et al.,
2013) must be considered in practice to determine appropriate cloud Abbas, A., & Khan, S. U. (2014). A review on the state-of-the-art privacy-preserving ap-
service models. proaches in the e-health clouds. IEEE Journal of Biomedical of Health Information,
18(4), 1431–1441.
Abbas, Z., Raza, S., & Ejaz, K. (2008). Systematic reviews and their role in evidence -
5.3.2. Security and privacy requirements informed health care. Journal of the Pakistan Medical Association, 58(10), 461–467.
With any adoption of healthcare solutions regarding IT, security and Agarwal, R., Gao, G., DesRoches, C., & Jha, A. K. (2010). The digital transformation of
healthcare: Current status and the road ahead. Information Systems Research, 21(4),
the privacy of information is of the upmost importance (Mehraeen 796–809.
et al., 2017). The cloud solution needs to have privacy settings, which Ahmed, S., & Abdullah, A. (2011). E-healthcare and data management services in a cloud.
must also be incorporated into the authorisation and monitoring sys- International IEEE Conference on High Capacity Optical Networks and Enabling
Technologies248–252.
tems. Shared responsibility is a major disparity between cloud services
Ahmed, R., & Gutierrez, J. A. (2010). 1P. A cloud computing encapsulated layer for security
and conventional IT. The latter saw the IT Company having full ac- and availability. International Conference on Information Resources1–15.
countability for all aspects of IT, whereas with cloud services this is Ahuja, P. S., Mani, S., & Zambrano, J. (2012). A survey of the state of cloud computing in
healthcare. Network and Communication Technologies, 1(2), 12–19.
disbursed amongst the healthcare institutions, which includes the cus-
Alavi, M., & Carlson, P. (1992). A review of MIS research and disciplinary development.
tomers, and the CSP. Similar to future research suggestions, security Journal of Management Information Systems, 8(4), 45–62.
and privacy concerns continue to be an important area for practitioners Aleixandre-Benavent, R., González Alcaide, G., González De Dios, G., & Alonso-Arroyo, A.
to ascertain while setting up cloud service level agreements with the (2011). Sources of bibliographic information rationale for conducting a literature
search. ACTA Paediatric, 69(3), 131–136.
CSPs.
155
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
Ali, O., Soar, J., & Shrestha, A. (2018). Perceived potential for value creation from cloud Dillion, T., Wu, C., & Chang, E. (2010). Cloud computing: Issues and challenges. The 24th
computing: A study of the Australian regional government sector. Behaviour & IEEE International Conference on Advanced Information Networking and
Information Technology. https://doi.org/10.1080/0144929X.2018.1488991. Applications27–33.
Ali, A., Warren, D., & Mathiassen, L. (2017). Cloud-based business services innovation: A Doukas, C., Pliakas, T., & Maglogiannis, I. (2010). Mobile healthcare information manage-
risk management model. International Journal of Information Management, 37(6), ment utilizing cloud computing and android OS. The 32nd Annual International
639–649. Conference of the IEEE EMBS1037–1040.
An, Y. Z., Zaaba, Z. F., & Samsudin, N. F. (2016). Reviews on security issues and challenges in Durkee, D. (2010). Why cloud computing will never be free. IEEE/ACM Transactions on
cloud computing. IOP Conference Series: Materials Science and Engineering1–10. Networking: A Joint Publication of the IEEE Communications Society, the IEEE Computer
Anderson, N. R., Lee, E. S., Brockenbrough, J. S., Minie, M. E., Fuller, S., & Brinkley, J. Society, and the ACM With Its Special Interest Group on Data Communication, 53(5),
(2007). Issues in biomedical research data management and analysis: Needs and 69–70.
barriers. Journal of American Medical Information Association, 14(4), 478–488. Dwivedi, Y. K., & Mustafee, N. (2010). It’s unwritten in the cloud: the technology enablers
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R. H., & Konwinski, A. (2009). for realising the promise of cloud computing. Journal of Enterprise Information
Above the clouds: A Berkeley view of cloud computingAccessed on 18 September 2017, Management, 23(6), 673–679.
available at:. Technical Reporthttp://www.eecs.berkeley.edu/Pubs/TechRpts/2009/ Endo, P. T., Rodrigues, M., Gonçalves, G. E., Kelner, J., Sadok, D. H., & Curescu, C.
EECS-2009-28.pdf. (2016). High availability in clouds: Systematic review and research challenges.
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., & Konwinski, A. (2010). A view Journal of Cloud Computing Advances Systems and Applications, 5(16), 1–15.
of cloud computing. IEEE/ACM Transactions on Networking : A Joint Publication of the Ermakova, T., Fabian, B., & Zarnekow, R. (2014). Acceptance of health clouds – a privacy
IEEE Communications Society, the IEEE Computer Society, and the ACM With Its Special calculus perspective. The European Conference on Information Systems1–14.
Interest Group on Data Communication, 53(4), 50–58. Evans, D. (2003). Hierarchy of evidence: A framework for ranking evidence evaluating
Arrais, J. P., & Oliveira, J. L. (2010). On the exploitation of cloud computing in bioinfor- healthcare interventions. Journal of Clinical Nursing, 12(1), 77–84.
matics. The 10th IEEE International Conference on Information Technology and Fernández-Cardeñosa, G., de la Torre-Díez, I., López-Coronado, M., & Rodrigues, J. J.
Applications in Biomedicine1–4. (2012). Analysis of cloud-based solutions on EHRs systems in different scenarios.
Avila-Garcia, M. S., Trefethen, A. E., Brady, M., Gleeson, F., & Goodman, D. (2008). Journal of Medical Systems, 36, 3777–3782.
Lowering the barriers to cancer imaging. IEEE 4th International Conference on Escience Fichman, R. G., Kohli, K., & Krishnan, R. (2011). The Role of information systems in
(pp. 1–8). healthcare: Current research and future trends. Information Systems Research, 22(3),
Bahga, A., & Madisetti, V. K. (2013). A cloud-based approach for interoperable electronic 419–428.
health records (EHRs). IEEE Journal of Biomedical of Health Information, 17(5), Forell, T., Milojicic, D., & Talwar, V. (2011). Cloud management: Challenges and opportu-
894–906. nities. The IEEE International Symposium on Parallel and Distributed Processing881–889.
Baliga, J., Ayre, R. W. A., Hinton, K., & Tucker, R. S. (2011). Green cloud computing: García, L., Tomás, J., Parra, L., & Lloret, J. (2018). An m-health application for cerebral
Balancing energy in processing, storage, and transport. Proceedings of the IEEE, 99(1), stroke detection and monitoring using cloud services. International Journal of
149–167. Information Management. https://doi.org/10.1016/j.ijinfomgt.2018.06.004.
Bannerman, P. L. (2010). Cloud computing adoption risks: State of play. The 17th Asia Garrison, G., Wakefield, R. L., & Kim, S. (2015). The effects of IT capabilities and delivery
Pacific Software Engineering Conference Cloud Workshop (pp. 10–16). model on cloud computing success and firm performance for cloud supported pro-
Barki, H., Rivard, S., & Talbot, J. (1993). A keyword classification scheme for IS research cesses and operations. International Journal of Information Management, 35(4),
literature: an update. MIS Quarterly, 17(2), 226–309. 377–393.
Bastian, H., Glasziou, P., & Chalmers, I. (2010). Seventy-five trials and eleven systematic Godinho, T. M., Viana-Ferreira, C., Silva, L. B., & Costa, C. (2016). A routing mechanism
reviews a day: How will we ever keep up? PLoS Medicine, 7(9), Accessed on 23 May for cloud outsourcing of medical imaging repositories. IEEE Journal of Biomedical and
2018, available at: http://journals.plos.org/plosmedicine/article?id=10.1371/ Health Informatics, 20(1), 367–375.
journal.pmed.1000326. Golder, S., Loke, Y. K., & Zorzela, L. (2014). Comparison of search strategies in systematic
Bayramusta, M., & Nasir, V. A. (2016). A fad or future of IT?: A comprehensive literature reviews of adverse effects to other systematic reviews. Health Information and Libraries
review on the cloud computing research. International Journal of Information Journal, 31, 92–105.
Management, 36(4), 635–644. Griebel, L., Prokosch, H., Köpcke, F., Toddenroth, D., Christoph, J., Leb, I., et al. (2015). A
Bisong, A., & Rahman, S. M. (2011). An overview of the security concerns in enterprise scoping review of cloud computing in healthcare. BMC Medical Informatics and
cloud computing. International Journal of Network Security & Its Applications, 3(1), Decision Making, 15(17), 1–16.
30–45. Harris, I., Wang, Y., & Wang, H. (2015). ICT in multimodal transport and technological
Bobsguide (2015). Cloud target operating model: Revolution, evolution or a bit of both? trends: Unleashing potential for the future. International Journal of Production
Accessed on 10 October 2017, available at:http://www.bobsguide.com/guide/news/ Economics, 159, 88–103.
2015/Sep/25/cloud-target-operating-model-tom-revolutionevolution-or-a-bit-of- Harsha, S., Pussewalage, G., & Oleshchuk, V. A. (2016). Privacy preserving mechanisms
both/. for enforcing security and privacy requirements in E-health solutions. International
Botts, N. E., Horan, T. A., & Thoms, B. P. (2011). Health ATM: personal health cyberin- Journal of Information Management, 36, 1161–1173.
frastructure for underserved populations. American Journal Preventive Medical, 40, Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
115–122. analysis of security issues for cloud computing. Journal of Internet Services and
Brettle, A. J., & Long, A. F. (2001). Comparison of bibliographic databases for information Applications, 4(5), 1–13.
on the rehabilitation of people with severe mental illnesses. Bulletin of the Medical Hay, B., Nance, K., & Bishop, M. (2011). Storm clouds rising: Security challenges for IaaS
Library Association, 89(4), 353–362. cloud computing. The 44th Hawaii International Conference on System Sciences1–7.
Chatman, C. (2010). How cloud computing is changing the face of healthcare information He, C., Fan, X., & Li, Y. (2013). Toward ubiquitous healthcare services with a novel ef-
technology. Journal of Health Care Compliance, 12(3), 37–70. ficient cloud platform. IEEE Transaction of Biomedical Engineering, 60(1), 230–234.
Christoph, J., Griebel, L., Leb, I., Engel, I., Kopcke, F., & Toddenroth, D. (2015). Secure Higgins, J. P. T., & Green, S. (2011). Cochrane handbook for systematic reviews of inter-
secondary use of clinical data with cloud-based NLP services: Towards a highly ventions 5.1.0. Accessed on 12 September 2014, available at:The Cochrane
scalable research infrastructure. Methods of Information Medical, 53(6), 276–282. Collaborationhttp://www.cochrane-handbook.org.
Cisco, & Cisco Security as a Service Solutions (2015). White Paper. Accessed on 1 July Healthcare Information and Management Systems Society (2014). HIMSS analytics cloud
2018, available at: https://www.cisco.com/c/dam/en/us/solutions/collateral/ surveyAccessed on 3 August 2017, available at:http://s3.amazonaws.com/rdcms-
enterprise/design-zone-security/hss-aag.pdf. himss/files/production/public/FileDownloads/Final%20Report%20061214.pdf.
Cloud Security Alliance (2010). Top threats to cloud computing V1.0. Accessed on 13 Hoang, D., & Dat, D. T. (2015). Healthcare data in cloud environments. Pacific Asia
September 2017, available at:https://cloudsecurityalliance.org/topthreats/ Conference on Information Systems1–15.
csathreats.v1.0.pdf. Hsieh, J. C., & Hsu, M. W. (2012). A cloud computing based 12-lead ECG telemedicine
Cloud Standards Customer Council (2016). Practical guide to hybrid cloud computing. service. BMC Medical Information Decision Making, 12(77), 1–12.
Accessed on 11 October 2017, available at:http://www.cloud-council.org/ Hu, Y., & Bai, G. (2014). A systematic literature review of cloud computing in eHealth.
deliverables/practical-guide-to-hybrid-cloud-computing.htm. Health Informatics - an International Journal, 3(4), 11–20.
Cloud Standards Customer Council (2017). Impact of cloud computing on healthcare version Hussain, S., Bang, J. H., Han, M., Ahmed, M. I., Amin, M. B., & Lee, S. (2014). Behaviour
2.0. Accessed on 14 October 2017, available at:http://www.cloud-council.org/ life style analysis for mobile sensory data in cloud computing through MapReduce.
deliverables/CSCC-Impact-of-Cloud-Computing-on-Healthcare.pdf. Sensors, 14(11), 22001–22020.
Coren, E., & Fisher, M. (2006). The conduct of systematic reviews for SCIE knowledge reviews. Jaatun, M. G., Pearson, S., Gittler, F., Leenes, R., & Niezen, M. (2016). Enhancing ac-
London: Social Care Institute for Excellence. countability in the cloud. International Journal of Information Management. https://
Cubo, J., Nieto, A., & Pimentel, E. (2014). A cloud-based Internet of Things platform for doi.org/10.1016/j.ijinfomgt.2016.03.004.
ambient assisted living. Sensors, 14(8), 14070–14105. Javelin Strategy and Research (2011). Data breach notifications: Victims face four times
Currie, W., & Seddon, J. (2014). A cross-country study of cloud computing policy and reg- higher risk of fraud. Accessed on 10 October 2017, available at:https://www.
ulation in healthcare. The European Conference on Information Systems1–16. javelinstrategy.com/brochure-158.
Daemmrich, A. (2011). U.S. Healthcare reform and the pharmaceutical industry. Boston, Kabachinski, J. (2011). What’s the forecast for cloud computing in healthcare? Biomedical
Massachusetts, USA: Harvard Business School1–37. Instrument Technology, 45(2), 146–150.
Danek, J. (2009). Public works government services Canada. Accessed on 25 August 2017, Kagadis, G. C., Kloukinas, C., Moore, K., Philbin, J., Papadimitroulas, P., & Alexakos, C.
available at:Cloud Computing and the Canadian Environmenthttp://www.scribd. (2013). Cloud computing in medical imaging. The International Journal of Medical
com/doc/20818613/Cloud-Computing-and-the-Canadian-Environment. Physics Research and Practice, 40(7), 1–13.
Dikert, K., Paasivaara, M., & Lassenius, C. (2016). Challenges and success factors for Kaletsch, A., & Sunyaev, A. (2011). Privacy engineering: Personal health records in cloud
large-scale agile transformations: a systematic literature review. The Journal of computing environments. The 32nd International Conference on Information Systems1–11.
Systems and Software, 119, 87–108. Kaur, P. D., & Chana, I. (2014). Cloud based intelligent system for delivering health care
156
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
157
O. Ali et al. International Journal of Information Management 43 (2018) 146–158
what does that mean for microsoft HealthVault? The 47th Hawaii International Conference Vida, M. M., Lupse, O. S., Stoicu-Tivadar, L., & Bernad, E. (2012). Flexible solution for
on System Science2818–2827. interoperable cloud healthcare systems. Study of Health and Technology Information,
Strukhoff, R., O’Gara, M., Moon, N., Romanski, P., & White, E. (2009). Healthcare clients 180, 280–284.
adopt electronic health records with cloud-based services. Cloud Expo. Accessed on 18 Vilaplana, J., Abella, S. F., Filgueira, R., & Rius, J. (2013). The cloud paradigm applied to
October 2017, available at: http://cloudcomputing.sys-con.com/node/886530. e-Health. BMC Medical of Information Decision Making, 13(35), 1–10.
Sultan, N. (2014a). Discovering the potential of cloud computing in accelerating the Vreeland, A., Persons, K. R., Primo, H., Bishop, M., Garriott, K. M., Doyle, M. K., et al.
search for curing serious illnesses. International Journal of Information Management, (2016). Considerations for exchanging and sharing medical images for improved
34(2), 221–225. collaboration and patient care: HIMSS-SIIM collaborative. Journal of Digital Imaging,
Sultan, N. (2014b). Making use of cloud computing for healthcare provision: 29(5), 547–558.
Opportunities and challenges. International Journal of Information Management, 34, Wan, D., Greenway, A., Harris, J. G., & Alter, A. E. (2010). Six questions every health
177–184. industry executive should ask about cloud computing. Accessed on 10 September 2017,
Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud available at:http://www.accenture.com/SiteCollectionDocuments/PDF/Accenture_
computing. International Journal of Distributed Sensor Networks, 1–9. Cloud_Healthcare_PoV.pdf.
The Economist Intelligence Unit (2015). The adoption of cloud computing in five industry. Ward, B. T., & Sipior, J. C. (2010). The Internet jurisdiction risk of cloud computing.
The Economist Intelligence Unit (EIU)1–18. Information System in Management, 27(4), 334–339.
Tomi, D., Kivijarvi, H., & Saarinen, T. (2017). Longitudinal study on the expectations of Webster, J., & Watson, R. T. (2002). Analyzing the past to prepare for the future: Writing
cloud computing benefits and an integrative multilevel model for understanding cloud a literature review. MIS Quarterly, 26(2), xiii–xxiii.
computing performance. The 50th Hawaii International Conference on System Wohlin, C. (2014). Guidelines for snowballing in systematic literature studies and a replication
Sciences4251–4260. in software engineering. The 18th International Conference on Evaluation and Assessment
Tranfield, D., Denyer, D., & Smart, P. (2003). Towards a methodology for developing in Software Engineering1–10.
evidence informed management knowledge by means of systematic review. British Yao, Q., Han, X., Ma, X. K., Xue, Y. F., Chen, Y. J., & Li, J. S. (2014). Cloud-based hospital
Journal of Management, 14, 207–222. information system as a service for grassroots healthcare institutions. The Scientific
Van Oranje, C., Schindler, R., Valeri, L., Vilamovska, A. M., Hatziandreu, E., & Conklin, A. World Journal, 38(9), 104.
(2009). Study on the requirements and options for Radio Frequency Identification Zhang, R., & Liu, L. (2010). Security models and requirements for healthcare application
(RFID) application in healthcare. RAND Corporation Technical Report Series, 1–148. clouds. The IEEE 3rd International Conference on Cloud Computing (pp. 268–275).
Venkatesh, V., Rai, A., Sykes, T. A., & Aljafari, R. (2016). Combating infant mortality in Zhang, Q., Cheng, L., & Boutaba, R. (2010). Cloud computing: State-of-the-art and re-
rural India: evidence from a field study of e-health kiosk implementations. MIS search challenges. Journal of Internet Services and Applications, 1(1), 7–18.
Quarterly, 40(2), 353–380. Zhao, Y., Ni, Q., & Zhou, R. (2017). What factors influence the mobile health service
Victor, L. (2008). Social research update: Systematic review. Department of Sociology, adoption? A meta-analysis and the moderating role of age. International Journal of
University of Surrey1–4. Information Management, 1–9. https://doi.org/10.1016/j.ijinfomgt.2017.08.006.
158