Information management in health care : a model for connecting information culture and patient safety

uef.fi

PUBLICATIONS OF

THE UNIVERSITY OF EASTERN FINLAND Dissertations in Social Sciences and Business Studies

Dissertations in Social Sciences and Business Studies

PUBLICATIONS OF

THE UNIVERSITY OF EASTERN FINLAND

Effective information management is crucial for hospitals in terms of patient safety. This dissertation developed a model for connecting

information culture and patient safety.

It showed that information management incidents are associated with medication administration errors, complaints from patients and their families, and information- related adverse events. Further, the dimensions

of information culture seem to create working conditions that might weaken patient safety.

VIRPI JYLHÄ

DISSERTATIONS | VIRPI JYLHÄ | INFORMATION MANAGEMENT IN HEALTH CARE | No 140

VIRPI JYLHÄ

INFORMATION MANAGEMENT IN HEALTH CARE

A Model for Connecting Information Culture and Patient Safety

INFORMATION MANAGEMENT

IN HEALTH CARE

Virpi Jylhä

INFORMATION MANAGEMENT IN HEALTH CARE

A MODEL FOR CONNECTING INFORMATION CULTURE AND PATIENT SAFETY

Publications of the University of Eastern Finland Dissertations in Social Sciences and Business Studies

No 140

University of Eastern Finland Kuopio

2017

Grano Oy Jyväskylä, 2017

Sarjan vastaava toimittaja: Kimmo Katajala Sarjan toimittaja: Eija Fabritius Myynti: Itä-Suomen yliopiston kirjasto

ISBN: 978-952-61-2383-7 (nid.) ISBN: 978-952-61-2384-4 (PDF)

ISSNL: 1798-5749 ISSN: 1798-5749 ISSN: 1798-5757 (PDF)

Jylhä, Virpi

Information Management in Health Care: A Model for Connecting Information Culture and Patient Safety

Itä-Suomen yliopisto, 2017, 83 pages

Publications of the University of Eastern Finland

Dissertations in Social Sciences and Business Studies; 140 ISBN: 978-952-61-2383-7 (print)

ISBN: 978-952-61-2384-4 (PDF) ISSNL: 1798-5749

ISSN: 1798-5749 ISSN: 1798-5757 (PDF)

ABSTRACT

Organizational culture has been connected to patient outcomes and adverse events in hospitals. In part, information culture defines the practices that organizations use to manage data, information, and knowledge. Accordingly, more information is needed about the association between information culture and patient safety as well as the factors that contribute to information-related adverse events.

This study aims to develop and test a model connecting information culture and patient safety. Further, this study develops an understanding of information manage- ment incidents that contribute to adverse events, and it offers recommendations for the development of safe information management practices in hospitals.

For this mixed-methods study, two datasets were collected: (1) official statements from Valvira (N = 824) and register data concerning adverse events in one hospital (HaiPro) (N = 57); and (2) nurse survey data (N = 1080). The data were interpreted using inductive and deductive content analyses, descriptive statistics, and multivar- iate data analyses.

This dissertation found a connection between information culture and patient safe- ty. Further, the dimensions of information culture seem to create working conditions that contribute to information management incidents. These incidents might weaken patient safety and lead to adverse events in hospitals. In conclusion, the development of information management is essential regarding safety in hospitals.

Keywords: information culture, information management, patient safety, adverse event

Jylhä, Virpi

Tiedonhallinta terveydenhuollossa: Malli tietokulttuurin ja potilasturvallisuuden yhteydestä

Itä-Suomen yliopisto, 2017, 83 sivua

Publications of the University of Eastern Finland

Dissertations in Social Sciences and Business Studies; 140 ISBN: 978-952-61-2383-7 (nid.)

ISBN: 978-952-61-2384-4 (PDF) ISSNL: 1798-5749

ISSN: 1798-5749 ISSN: 1798-5757 (PDF)

TIIVISTELMÄ

Organisaatiokulttuuri vaikuttaa hoidon tuloksiin ja haittatapahtumien esiintymiseen sairaaloissa. Sen yhtenä osana, tietokulttuuri määrittää organisaation käytännöt tie- don ja tietämyksen hallintaan. Lisää tutkimusta kuitenkin tarvitaan tietokulttuurin ja potilasturvallisuuden välisestä yhteydestä sekä siitä mitkä tekijät myötävaikuttavat tiedonhallintaan liittyviin haittatapahtumiin.

Tämän tutkimuksen tarkoituksena oli kehittää ja testata malli, joka yhdistää tie- tokulttuurin, tiedonhallintaan liittyvät vaaratilanteet sekä haittatapahtumat. Lisäksi tämä tutkimus tuotti ymmärrystä tiedonhallinnan vaaratilanteista sekä tietoa turval- lisen tiedonhallinnan kehittämiseen sairaaloissa.

Tässä monimenetelmäisessä tutkimuksessa hyödynnettiin kahta erilaista aineis- toa: 1) rekisteritietoja Valviran virallisista lausunnoista (N = 57) ja sairaalan vaarata- pahtumien raportointijärjestelmästä (HaiPro) (N = 824), 2) sairaanhoitajille kohden- nettua kyselytutkimusta (N = 1080). Aineisto analysoitiin käyttämällä induktiivista ja deduktiivista sisällönanalyysia, kuvailevia tilastomenetelmiä sekä soveltuvia moni- muuttujamenetelmiä.

Tämän tutkimuksen perusteella tiedonhallinnan vaaratapahtumat myötävaikut- tavat haittatapahtumien kehittymiseen. Tietokulttuuri osaltaan vaikuttaa työn käy- täntöihin luoden olosuhteet, jotka voivat heikentää potilasturvallisuutta ja johtaa haittatapahtumiin sairaalassa. Siten, tiedonhallinnan kehittäminen on keskeistä poti- lasturvallisuutta parannettaessa.

Asiasanat: tietokulttuuri, tiedonhallinta potilasturvallisuus, haittatapahtuma

“Where is the wisdom we have lost in knowledge?

Where is the knowledge we have lost in information?”

T.S. Eliot

ACKNOWLEDGEMENTS

Information is a key element in health care. Today, we have access to more different kinds of data than ever, but the question is whether we are able to process it appro- priately, and whether it is available when needed? This suggests that the T.S. Eliot quote on the preceding page should be complemented with the question “Where is the information we have lost in data?” This was my starting point when I began studying the significance of information management for safe patient care.

When I put the last full stop at the end of this chapter, I will also be closing a chapter in my life. The PhD project has been a wonderful journey and learning experience, with moments of great joy as well as doubt. Now that the writing process is behind me, the time has come to thank all those who have given me their support during this project and contributed to the completion of my thesis.

My greatest thanks are due to my supervisor, professor Kaija Saranto, who has sup- ported me through all the years of this project. It is entirely thanks to Kaija’s teaching and guidance that I started to work on the PhD thesis after completing my Master’s degree. Thank you for believing that I would complete my PhD thesis, even during the many challenging moments, and for encouraging and helping me to focus on what was relevant. I also wish to extend my warmest thanks to my other supervisor, Dr David W. Bates, professor at the Harvard Medical School and at the Harvard School of Public Health (USA), for your support and expertise. Your encouraging feedback gave me faith to carry on with my research. Dr Santtu Mikkonen from the University of Eastern Finland is gratefully acknowledged for guidance on the statistical analysis of the survey data and the development of the model. I have learned a lot from you.

I also owe thanks to the official reviewers of this thesis, professor Tarja Suominen from the University of Tampere and professor Christian Nøhr from Aalborg Univer- sity, Denmark, for their careful and conscientious review of my work. I especially want to thank professor Tarja Suominen for her constructive feedback and suggestions for corrections - as a result, this thesis is now more logical and robust. I am also very grateful to docent Pertti Mustajoki from the University of Helsinki for agreeing to act as opponent. His articles inspired me to focus on Finnish research on patient safety.

I want to thank my present place of work, the Nursing Research Foundation (NRF), for the encouraging and flexible attitude shown towards my research. Director Arja Holopainen, researcher Anne Korhonen and administrative secretary Elina Lagus are gratefully acknowledged. It is a pleasure and a source of inspiration to work with you.

I also want to thank Hannele Siltanen, a doctoral student who previously worked at NRF for the many interesting discussions and all the help with my thesis. Working with you has been a real joy.

When I started on my thesis I was working as project researcher at the Department of Social and Health Management in the University of Eastern Finland. I want to thank all the colleagues I worked with at the time, as well as the current director Johanna Lammintakanen for their support. In particular, I want to extend my thanks to the Health and human services informatics team - working as part of the team has had a major impact on the way I perceive information management today. Ulla-Mari Kin- nunen, Senior Lecturer in Health and human services informatics, was a great support to me during this project - thank you! I also wish to thank all the fellow postgraduate students for the inspiring seminars and for the valuable feedback, particularly with

the model development. Thanks are also due to Eija Fabritius, publicist, for all the help with putting the final touches to my thesis and getting it ready for publication.

During the years 2009–2011, I worked as researcher in the Finnish team of the international RN4CAST project at the Department of Social and Health Management in the University of Eastern Finland. I used the extensive material collected within the project to test the model developed as part of my thesis work. I want to thank the leader of the Finnish research team, professor Juha Kinnunen, and research director Anneli Ensio for the opportunity to collect survey data as part of the Finnish branch of the RN4CAST project. I also want to extend my thanks to the director of the RN4CAST consortium, professor Linda Aiken from the University Pennsylvania, USA, for giving me the permission to draw up an additional section on information management for the nurse survey conducted in Finland.

During my thesis work I had the opportunity to take part in a researcher exchange at the Joanna Briggs Institute (JBI) in Adelaide, Australia. I want to thank the staff at the JBI for the warm reception given to me and for teaching me how to draw up a systematic review, which I have made use of when writing the literature review.

This research would not have been possible without financial support. A grant from the Finnish Foundation of Nursing Education made it possible to start the project and to analyze adverse events. A place at the National Post-Graduate School in Social and Health Policy, Management and Economics at the University of Eastern Finland enabled me to proceed with my thesis work, and a grant from the Jenny and Antti Wihuri Foundation made it possible for me to take part in the researcher exchange at the JBI. Towards the end of my thesis work, I also received grants from Taja ry and from the Emil Aaltonen Foundation. Thanks to the grant from the Education Fund, I was able to take leave from work to focus on the completion of my thesis. All the financial help to my thesis work is gratefully acknowledged.

I owe my heartfelt thanks to my near and dear: my family and friends. It is a joy and a privilege to live among people who care. I want to thank my parents Tarja and Osmo for all their support, help and caring along the way, and my brother Risto for his invaluable help with IT problems. I also thank my partner’s parents Eija and Tuomo for all the practical help and support they have given. My friends have provided welcome distraction from research when necessary, but they have also given me support and encouragement when I most needed it. Thank you!

I especially want to thank my partner Timo for all the support and help he has given me. During this thesis work, our family has grown - we are now three. Special thanks to my son Eemeli for all the joy he has brought into my life, and for forcing me back from the theoretical world of research to marvel at the wonders of the real world.

Kuopio, 21 December 2016

Virpi Jylhä

TABLE OF CONTENTS

ABSTRACT ... 5

TIIVISTELMÄ ... 7

ACKNOWLEDGEMENTS ... 11

1 INTRODUCTION ... 17

2 MANAGING INFORMATION SAFELY IN HOSPITALS ... 20

2.1 From data to knowledge ... 20

2.2 Information management ... 24

2.3 Adverse events and near-misses ... 28

2.4 Information culture and contributing factors for adverse events ... 30

2.5 Summary of theoretical framework of the study ... 36

3 PURPOSE OF THE STUDY ... 38

4 METHODOLOGY ... 39

4.1 Methodological approach ... 39

4.2 Study design ... 41

4.3 Data collection ... 43

4.4 Data analysis ... 48

4.5 Ethical considerations ... 49

5 RESULTS ... 51

5.1 Description of the study data ... 51

5.2 Factors relating to adverse events and near-misses during the information management process ... 52

5.3 Nurses’ perceptions of information culture, information management incidents, and patient safety outcomes ... 53

5.4 The model for connecting information culture and patient safety ... 58

6 DISCUSSION ... 60

6.1 Reflection of the results ... 60

6.2 Methodological considerations ... 63

6.3 Implications for research and practice ... 65

7 CONCLUSIONS ... 67

REFERENCES ... 68

APPPENDICES ... 77

ARTICLES ... 83

LIST OF TABLES

Table 1. Attributes of good data, information, and knowledge ... 23

Table 2. Dimensions of information management... 27

Table 3. Information culture as values, norms and practices ... 31

Table 4. The construction of the survey items used in this study. ... 46

Table 5. The main categories for cause of incidents... 48

Table 6. Description of data used in this dissertation... 51

Table 7. Contributing factors and causes for information-related ADEs (n=26) ... 52

Table 8. Causes of incidents (n=205) related to the information management process... 53

LIST OF FIGURES

Figure 2. A process model for information management in clinical practice ... 24

Figure 3. The model for stages in the development of an organizational accidents ... 30

Figure 4. Spiral of effective information use ... 32

Figure 5. The Yorkshire Contributory Factors Framework... 35

Figure 6. A modified model for stages in the development of organizational accidents ... 37

Figure 7. Location of patient safety research ... 39

Figure 8. Health and human services informatics research paradigm and the focus of this study. ... 40

Figure 9. The study process and theoretical foundations of the study. ... 42

Figure 10. Data collection process for statements of Valvira. ... 43

Figure 11. Data collection process for patient safety incident reports (HaiPro) in one university hospital. ... 44

Figure 12. Information management practices. ... 54

Figure 13. Safety management and reporting. ... 55

Figure 14. Information behaviors... 56

Figure 15. Potential failures in information transfer. ... 56

Figure 16. Documentation errors... 57

Figure 17. Patient safety outcomes. ... 57

Figure 18. The model for connecting information culture and patient safety. ... 59

ABBREVIATIONS

AE Adverse Event

ADE Adverse Drug Event

AHRQ Agency for Healthcare Research and Quality (USA) AI Artificial Intelligence

DIKW Data, Information, Knowledge, Wisdom framework EPR Electronic patient record

EU European Union

EXPH Expert Panel on Effective Ways of Investing in Health (European Commission)

HAIPRO Reporting System for Safety Incidents in Health Care Organizations (Finland)

HIT Health Information Technology

IM Information Management

IOM Institute of Medicine (USA) IT Information Technology

MAE Medication Administration Error

RN Registered Nurse

RN4CAST Nurse Forecasting: Human Resources Planning in Nursing Study SEIPS Systems Engineering Initiative for Patient Safety

VALVIRA National Supervisory Authority for Welfare and Health (Finland) USA United States of America

WHO World Health Organization

YCFF Yorkshire Contributory Factors Framework

1 INTRODUCTION

Patient safety has been defined as the absence of preventable harm to a patient during the process of health care (WHO Patient Safety 2016) and it is understood as a part of care quality in a hospital (Agency for Healthcare Research and Quality 2014). Safe care is a fundamental right of the patient, and it is an obligation of health profession- als and health care organizations. Preventable (i.e. potentially avoidable in relevant circumstances) adverse events relating to hospital care, however, are presently com- mon causes of death and serious harm for patients worldwide. The need for safety improvements has been a challenge for health care systems ever since the adverse event studies published over two decades ago (Brennan et al. 1991, Leape et al. 1991, Webb et al. 1993, Wilson et al. 1995). The Harvard Medical Practice Study concluded that adverse events in health care are common, and that they cause serious harm to patients (Leape et al. 1991, Brennan et al. 1991). Studies from a number of other coun- tries followed, and have showed that this is a global issue. For example, the Quality in Australian Health Care Study summarized that 16.6% of admissions (n = 14,000) were associated with adverse events, and over half of them were preventable in na- ture (Wilson et al. 1995). Further, the Australian Incident Monitoring Study (AIMS) concluded that over 80% of errors involved human factors (Williamson et al. 1993), and system factors directly contributed to 25% of incidents, rising to over 90% if minor implications of system factors are included (Runciman et al. 1993).

However, not until the Institute of Medicine (IOM) published their report “To Err is Human” 15 years ago (Kohn et al. 2000), which called for an effort to make health care safer, were patient safety issues identified as a major priority for quality improve- ment initiatives in health care. The release of the IOM report produced an increase in the number of published patient safety studies and stimulated patient safety efforts and research activities in the field (Stelfox et al. 2006, Hofoss & Deilkås 2008). Now, 15 years after the IOM report, the global importance of safety problems has been recognized, and the complexity of patient safety issues has been identified (Hofoss

& Deilkås 2008, Pronovost et al. 2015). We do not, however, have reliable evidence of the current prevalence of adverse events in routine practice. The challenge of safe care remains active; the lack of mechanisms to routinely measure patient outcomes and inconsistent definitions of outcomes used in the measurements make the prevention of patient harm difficult. Improvements in patient safety require routinely collected, reliable measurements of adverse events, and the implementation evidence-based practices to prevent those adverse events (Pronovost et al. 2015).

In addition to raising the patient safety issues to the public discussion, the IOM report has also changed the way in which patient safety issues are discussed. The report focused on system improvement instead of blaming individuals (Stelfox et al.

2006). Although the decisions and actions of health professionals may cause adverse events, the contributing factors involve multiple issues, which often include system weaknesses and processes that fail to prevent errors (Runciman et al. 1993, Reason 1995, 1997, 2001). Person-centered analyses focusing on human factors and individual responsibility have had only a minor impact on patient safety outcomes (van Beuze- kom et al. 2010); however, the understanding of the role of organizational factors has resulted in a paradigm shift in the analysis of adverse events, moving attention from individuals to systems necessary for preventing adverse outcomes in care. A sys-

tem-centered approach focuses on working conditions and processes rather than on the possibility of human error. It follows that the system needs to be designed to pre- vent such errors (Reason 1995, 1997, 2001, van Beuzekom et al. 2010). Thus, the main priorities of hospitals should be learning from the errors that do occur, and building blame-free reporting systems that involve health care professionals, organizations, and patients. An Expert Panel on effective ways of investing in Health (EXPH) set up by the European Commission proposed such systems in its future agenda of quality of health care in the European Union (EXPH 2014).

In Finland, the first patient safety strategy was published in 2009; it aimed to promote the implementation of a uniform patient safety culture and to embed pa- tient safety in the structures and methods of clinical practice (Steering group for the promotion of patient safety set up by the Ministry of Social Affairs and Health 2009).

The Health Care Act (1326/2010) obliges healthcare organizations to offer high quality care that is safe and appropriate. To fulfill the requirements of the law, organizations need accurate and reliable information about patient safety issues. A recently pub- lished national strategy to support well-being and service renewal by 2020 emphasizes the availability and utilization of health-related data in the promotion of well-being.

The information should be used in effective ways by offering smart tools for health professionals, electronic access for patients to their own health data, and reliable in- formation and infrastructure for organizations (Ministry of Social Affairs and Health, Association of Finnish Local and Regional Authorities, 2014).

Effective information management is crucial for hospitals in terms of safe care.

Health information management represents a process that involves all health pro- fessionals at all phases of care (e.g., in transitions of care). That process includes the acquisition, organization, retrieval, and dissemination of health information (Medical Subject Headings, 2013). The common principle is that good quality data produces good outcomes, assuming that the system has effective procedures to process the data (Nelson 2002). Thus, both the process and the data input into the system need to be secure in terms of safety. However, communication issues—especially poor quality documentation and failures in information transfer—are generally understood to be frequent contributing factors or causes of adverse events (Joint Commission on Ac- creditation of Healthcare Organizations 2005, Hohenstein et al. 2016). Based on senti- nel event statistics of Joint Commission (USA) from 2014, communication was the third most common contributing factor, right after leadership (i.e., organizational issues) and human factors (Department of Communications, Schumacher 2015). Good infor- mation management requires efficient and effective policies, structures, and practices implemented to ensure the confidentiality, usability, and meaningful use of the health data. As a result, the right information is delivered to the right professional or patient in the right place, time, and format to be used when caring for a patient (Choo 2002).

Patient safety is one of the emerging research themes in health informatics fields, and more information is needed on safe information management practices (Bakken 2006, Kuziemsky et al. 2015), especially in situations involving lack of communication (Bates et al. 2009). Topics in patient safety research can be divided by (1) structure, (2) process, and (3) outcome domains (Jha et al. 2010). Organizational culture and a breakdown of complex systems represent major structure factors (Hofoss & Deilkås 2008). The complexity refers to a wide variety of factors originating from the system that create latent failures affecting care (Jha et al. 2010). Several studies have linked organizational cultures (e.g., information culture) to many aspects of organizational behavior, including health care performance and safety (Scott et al. 2003, Westrum

2004, Choo 2013). Process factors are related to system-driven weaknesses. Poorly designed systems and processes might create conditions which may lie dormant for a long time, then activate in certain situations, causing an adverse event (Reason 2000).

These are errors in the process of care, for example, through misdiagnosis, poor infor- mation transfer, and unsafe documentation practices that are threats to safe care (Jha et al. 2010). Outcomes of unsafe care are adverse events that occur, for example, due to medications, medical devices, health care-associated infections, and falls in hos- pitals (Runciman et al. 2009). Although these factors are widely studied in different countries, there is an identified gap in knowledge about association of structure and process factors with care outcomes (Jha et al. 2010). The global research priorities of patient safety include lack of communication and latent organizational factors (Bates et al. 2009). It seems obvious that more information is needed about information management incidents tied to patient safety outcomes occurring in hospitals, and how these incidents are associated with structural and process factors. In particular, a pragmatic approach, using a mixture of quantitative and qualitative methods and a combination of different data sources, is needed in patient safety research (Runciman et al. 2008). Further, well-designed, high quality research about effective solutions to problems caused by preventable harm in health care is warranted (Jha et al. 2010).

This dissertation, in the field of health and human services informatics (Kuusis- to-Niemi & Saranto 2009, Saranto & Kuusisto-Niemi 2012, Kuusisto-Niemi et al. 2014), summarizes the results of five sub-studies (Publications I-V) and describes a model for connecting information culture and patient safety focusing on preventable adverse events in hospital environments. First, a theoretical framework building on Reason’s model for stages in the development of an organizational accidents and on previous research regarding the topic is presented in chapter two, followed by the objects of the research in chapter three. Second, chapter four describes the methodology used in this study. Third, chapter five presents the results of this dissertation, and describes a model for connecting information culture and patient safety. Finally, the results are discussed in chapter six, followed by recommendations for research and practice.

2 MANAGING INFORMATION SAFELY IN HOSPITALS

2.1 FROM DATA TO KNOWLEDGE

Hospitals are information-intensive organizations where data is processed into mean- ingful information and knowledge at multiple levels for administrative and clinical purposes to guarantee safety of care (Graves & Corcoran 1989, Nelson 2002). The value chain of information consists of data, information, knowledge, and wisdom (DIKW), in that order, evolving in scope and meaning from simple data items to ab- stract thinking of human beings (Matney et al. 2011). It presents a hierarchy of how raw data is transformed into wisdom in practice. The DIKW framework serves as the overarching concept for informatics and information management in hospitals (Nelson 2002, Matney et al. 2011). The pyramidal structure of the DIKW framework presents a causal hierarchy that indicates the levels of each element; there are quanti- ties of data, but hardly any wisdom (Bernstein 2011). However, Choo (2006) suggests that the transformation of data into knowledge and further wisdom should actually start from signals: sensory phenomena that humans can explore, such as sounds and sights (Choo 2006). A very small number of signals are accepted and selected from vast numbers of signals occurring in practice. The selection process depends on the observer´s past experiences and beliefs about what to expect (Choo 2006).

The foundational element of the original DIKW framework is data. Data are defined as factual information (e.g., the result of measurement) used as a basis for reasoning, discussion, or calculation (Merriam-Webster n.d.a). Data can be presented in various forms; they can be numbers, words, sentences, pictures, or other formats (Matney et al. 2011). Blum (1986) defined data as “discrete entities that are described objective- ly without interpretation” (Graves & Corcoran 1989). The European Committee for Standardization (2004, p.9) excluded context in their definition of data: “Discrete, objective facts (numbers, symbols, figures) without context and interpretation.” Data are the results of patients’ examinations, vital physiological signs of the body, and other clinical information, most often processed, collected, and stored using informa- tion technology to be later used as information in clinical decision-making (Graves &

Corcoran 1989, Goossen et al. 1997, Moen & Mæland Knudsen 2013).

When the data is processed and put into a context, it is transformed into meaning- ful information (Graves & Corcoran 1989, European Committee for Standardization 2004, Matney et al. 2011). In other words, information represents the data, such as facts and numbers, in a certain context, which creates meaning for the information (Matney et al. 2011, Choo 2006). Thus, information is based on data processed through cognitive structuring which assigns meaning and significance to the identified facts, such as heart rate (Choo et al. 2006). On the other hand, information is considered to be the collection of linkages that connects different data objects and forms a col- lection of data (Nelson 2002). The processing of information focuses on efficiency of organization, storage, retrieval, and communication, instead of purely computational processing (Graves & Corcoran 1989).

Information becomes knowledge through belief structuring (Choo 2006). Likewise, while information is processed data, knowledge is synthesized information with iden- tified and formalized relationships between data and information (Graves & Corcor- an 1989, Matney et al. 2011). Knowledge in organizations is heterogeneously gained through experience, practice, and reflection that makes it unique to each individual (Choo 2006). A classical definition of knowledge is “justified true belief,” but knowl- edge-creating theory defines it as a “dynamic process of justifying personal belief towards the truth” where the knowledge is accepted to be truth because it works at a certain time and place (Nonaka 2005, pp.376-377).

Multiple types of knowledge are identified (Choo 2006, Matney et al. 2011), and organizational knowledge is categorized as explicit, tacit or cultural knowledge (Choo 2006). Explicit knowledge is easily communicated and distributed because it is codified (i.e., made tangible). The codification defines whether knowledge is rule-based or object-based; the former applies when knowledge is codified into rules or specifica- tions, and the latter when it is codified in symbolic expressions or in tangible assets.

Tacit knowledge is personal and implicit, and is hard to formalize and communicate to others (Choo 2006, Matney et al. 2011). Cultural knowledge is defined as shared assumptions and beliefs about an organization’s targets and situation that is used to assign value and significance to new information (Choo 2006). Knowledge can be collective or individual, and knowledge management is defined as “planned and on- going management of activities and processes for leveraging knowledge to enhance competitiveness through better use and creation of individual and collective knowl- edge resources” (European Committee for Standardization 2004, p.10). As knowl- edge is a multidimensional concept, individuals mainly conduct the processing, but decision-support systems and automated expert systems may process knowledge in order to assist in decision-making (Graves & Corcoran 1989). Moreover, information systems enable effective knowledge creation in health care organizations (Kivinen &

Lammintakanen 2013).

When knowledge is used appropriately in managing human problems, it is called wisdom (Nelson 2002). In the DIKW framework, the level of critical thinking and rea- soning increases at each level (Matney et al. 2011). The broader definition of wisdom is stated as “forms of deliberation which combine knowledge, reflection and life ex- perience with social, emotional and ethical capabilities” (Edmondson & Pearce 2007, p.233). Further, wisdom involves good intentions with the aim to improve well-being of people (Edmondson & Pearce 2007, p.238). Clinical wisdom takes place in the judi- cious and appropriate implementation of knowledge in practice (McKie, Baguley et al. 2012). In the processing of wisdom, expert systems utilizing artificial intelligence are utilized. Figure 1 shows the DIKW framework as presented in Nelson (2002, p.13) combined with the levels and types of automated systems (Nelson 2002, p.12), and the signals and definitions used by Choo (2006, p.132). The elements of the framework are connected to the types of information systems used in information management in hospitals, and form a basis for the practice.

Figure 1. From signals to wisdom continuum adapted from Nelson (2002, pp. 13-14) and Choo (2006, p.132).

The level of information systems used to process signals, data, and information, or to apply knowledge or wisdom, is connected with the DIKW framework (Nelson 2002).

The Figure 1 demonstrates the relationships of information, decision support, and expert systems with the data, information, and knowledge as presented by Nelson (2002). Information systems are used to process data and information, whereas deci- sion support uses a knowledge base and a rule set to formulate recommendations for users. Sophisticated expert systems, that utilize artificial intelligence (AI) techniques, are the computer applications developed to solve complex problems using human-lev- el performance in cognitive tasks (Nelson 2002, Ramesh et al. 2004). Clinicians need to acquire, analyze, and apply the large amount of data, information, and knowledge to improve patients’ health. Decision support and expert systems utilizing AI assist in processing all necessary subjective and objective data and enable the effective appli- cation of scientific research in clinical decision-making (Ramesh et al. 2004). However, these systems are dependent on the quality of input (e.g., data) stored in the system.

The attributes of good data, information, and knowledge presented in Table 1 provide a framework for critical evaluation of data quality (Graves & Corcoran 1989, Nelson 2002). Technology enables the transformation of various types of data into knowledge through more automated processes. Further, the access to accurate information and knowledge are core requisites for safe patient care (Moen & Mæland Knudsen 2013).

Table 1. Attributes of good data, information, and knowledge adapted from Graves & Corco- ran (1989) and Nelson (2002, p.15).

Data Information Knowledge

Descriptive* Accurate* Accurate*

Measurable* Timely* Relevant*

Relevant* Quality*

Quality*

Accessible Free from bias Comprehensive Clear

Appropriate Precise Quantifiable Verifiable

* Graves and Corcoran (1989)

Information technology is used to process and to store the data, whereas humans communicate with information. Communication between humans involves the inter- action among individuals using symbolic actions or language (Shin et al. 2011), and is the transfer of messages such as information and understanding from sender to receiver by any channel (Chandler & Munday 2016). Communication also refers to a verbal or written message that is exchanged between individuals through a common system of symbols, signs, or behaviors (Merriam-Webster n.d.b). Human communi- cation is progressively affected by information, but emotions and attitudes also have a meaningful effect on it. Health communication concerns health-related issues and the factors that impact them. It might occur at different levels; for example, at the na- tional level, health communication concerns health promotion campaigns and public health plans (Shin et al. 2011). Clinical communication refers to health communication taking place in a clinical setting. It might be professional-to-professional or between professional and client/patient. In health care, communication is widely based on the clinical data (i.e., all data related to the patient episode, including but not limited to medication data, allergy data, referral or invitation to care, summary of care for the discharge, and patient-related guidelines or care instructions). Several systematic re- views have shown that failures in clinical communication (e.g., delayed, misplaced, or forgotten information) can result in adverse patient outcomes (Nagpal et al. 2010a, Braaf et al. 2011, Vermeir et al. 2015, Hohenstein et al. 2016, Kattel et al. 2016). Thus, managing information in a safe way is a prerequisite for effective communication in patient care; in particular, timeliness and content of written communication need to be improved (Vermeir et al. 2015). The understanding of differences between elements of the DIKW framework is needed when developing information management pro- cesses, as organizations should be able to transform signals and data into knowledge and to use it wisely in the practice.

2.2 INFORMATION MANAGEMENT

Information management (IM) is a broad concept connecting the processes, resources, and technologies (Choo 2002), but it is also a way to manage the life cycle of informa- tion, including processing of the data (Detlor 2010). Various meanings and interpre- tations of information management have been used in different contexts. Sometimes, the term is used interchangeably with the management of information resources, the management of information technology (IT), or the management of information policies or standards (Choo 2002, Detlor 2010). Although information technology and information standards are important parts of IM, the latter concept is much wider and more complex. It can be defined as “management of the processes and systems that create, acquire, organize, store, distribute, and use information” (Detlor 2010, p.103). Further, health information management represents a process, including the acquisition, organization, retrieval, and dissemination of health information (Medical Subject Headings, 2016), to be used in clinical or administrative decision-making in health care. The content of the concepts, however, might differ in terms of the contexts where they are used. When concerning clinical patient data, IM involves all health professionals at all phases of care.

In hospitals, health professionals process information using organizational and personal approaches (Choo 2002). The personal information management perspec- tive differs from the organizational perspective of IM in that personal information management concerns items of interest to the individual, not the organization (Choo 2002, Detlor 2010). From an organizational perspective, the goal of IM is to achieve the strategic objectives focusing on the items of interest to the organization (Detlor 2010).

When clinical data is managed for professional purposes, it is assumed to be organi- zational information management. This assumption is adopted in this study. Choo (2002) has defined information management process in an organization as a continuous cycle of six closely related activities (Figure 2): (1) identification of information needs, (2) information acquisition, (3) information organization and storage, (4) development of information products and services, (5) information distribution, and (6) information use. These phases are repeated during the care process multiple times (Choo 2002).

This definition of information management process is adopted in this study.

Figure 2. A process model for information management in clinical practice modified from Choo (2002).

Information needs arise when a person tries to make a sense of situation in order to solve problems. The information can be subject-matter requirements or situation-de- termined contingencies (Choo 2002). The need may be information at an individual level when making clinical decisions and at the organizational level when using ag- gregated clinical data for administrative decision-making (Goossen 1996). The di- mensions of problems define the types of information needed; for example, in simple problems, the needed information focuses on the path for solutions, and in complex issues, more information is needed about how to reduce problems than in simple tasks (Choo 2002). In clinical situations, information needs arise from patient status and problems in which the health professional recognizes information deficits when caring for the patient. Information needed in order to make proper decisions includes not only clinical patient data, but also research evidence, the knowledge arising from clinical expertise, and patient preferences (Thompson et al. 2004, DiCenso et al. 2005).

Thus, information from different sources is needed, and multiple methods are used to acquire information that is needed.

Not only health care professionals but also designers of information systems need to specify user´s information requirements in the organization in order to develop technological tools to help health care practice (Graves & Corcoran 1989). One type of safety concern relating to electronic patient record (EPR) system is a mismatch between information needs and displayed information (Meeks et al. 2014). However, deficits in information needs of individuals are not necessarily easy to recognize; for that reason, health professionals may not see some problems, and may have uniden- tified information needs (e.g., a need for evidence-based updates of the most effec- tive treatment options) (MacIntosh-Murray & Choo 2005). Misidentified information needs of different personnel groups challenge an organization’s information man- agement, and a systematic way to identify information needs is needed (Choo 2002, Kivinen & Lammintakanen 2013). In clinical situations, a patient’s status is a trigger for identifying needed data, but the information needs also rely on the ability of health care professionals to identify relevant needs for information (MacIntosh-Murray &

Choo 2005).

Identified information needs to lead to information acquisition in order to assess the patient’s situation by, for example, looking for medical history in the EPRs or the results of clinical examinations and clinical practice guidelines. Motivation and inter- ests of information-seekers, as well as quality and accessibility of sources, affect infor- mation-seeking (Faibisoff & Ely 1976, Choo 2006). Fragmented information has also challenged information-seeking in hospitals (Bowman 2013, ECRI Institute, Health Technology Assessment Information Service 2015), although EPRs have made infor- mation searches easier (Häyrinen et al. 2008). Once acquired, the information must be organized and stored systematically—for example, in the EPRs or other records—in order to facilitate information distribution and use (Choo 2002). In other words, the stored data should be reused and available to health professionals when they need it (Choo 2002, Rudin & Bates 2014). Electronic documentation of patient data ensures effective data storage in hospitals. Health professionals are required to document all necessary patient data using uniform documentation practices (Decree of the Minis- try of Social Affairs and Health on the Patient Records 298/2009) in accordance with hospital guidance. In addition, part of the information is preserved in the memories of individuals as tacit knowledge gained through experience or transmitted via training (Kothari et al. 2012).

As a result of acquisition, information should be transformed into a usable form as information products and services, which formulate part of the knowledge base of the organization and assist health professionals to make better decisions in patient care (Choo 2002). Information products are written work products published for distribution via various channels; they can be prints, software, audiovisual material, or online materials, and may include content from procedures, research syntheses, and other relevant sources (Sullivan et al. 2007). One example: evidence-based guidelines that synthesize current research evidence and are adapted to the local context. Information services are organizational efforts made in order to serve users of information, and may include searchable databases and online libraries (Sullivan et al. 2007).

Information products and services are distributed to users using various means of communication including electronic, written and verbal tools (Sullivan et al. 2007).

Information technology has changed the way people communicate and dissemi- nate information to each other. However, the selection of the distribution channels should be based on work processes in order to enable effective information flow (Choo 2002). Information sharing increases organizational learning, creates new insights and knowledge about situations in organizations, and enables the use of information in patient care during transitions of care and in handovers during and between shifts, leading to the appropriate clinical decision-making (Choo 2002, Nagpal et al. 2010a).

Subjective information (e.g., patient’s experience) and objective facts and details (e.g., measurements) are used as the basis of clinical decision-making in hospitals. Com- munication of clinical data is not only needed for clinical purposes, but also required for collaboration with other professionals and for management and policy purposes on the regional and national levels (Goossen et al. 1997).

The target of an organization’s information management is to support the actions of the organization (e.g., hospital) to guarantee safe and effective care. Table 2 de- scribes the dimensions of IM in terms of patient safety using four operational levels:

macro, meso, micro, and nano. The latter refers to patient-provider interaction during clinical care that is guided by an organization at the micro-level. Thus, micro-level de- scribes collaboration and guidance at a certain organization. Meso-level information management includes regional initiatives, whereas macro-level concerns the whole na- tionwide health system. As in the DIKW framework, presented previously in section 2.1, the patient data is produced at the nano-level to be processed as information that is used in clinical decision-making. Aggregated patient data are generated as knowledge to be used in administrative decision-making at organizational and regional levels as well as in policy decisions at the national level (Goossen et al. 1997).

The dimensions of information management at different levels are described using the triangle of structure, process, and outcome in Table 2 (Donabedian 1988, EXPH 2014). Structure refers to the attributes of the environment where information manage- ment is arranged, whereas process describes interactions and the actions taken in the environment in order to achieve desired outcomes (Donabedian 1988). In the context of information management, outcomes are defined as effects of information manage- ment in certain environments. These three elements are interrelated, as a good struc- ture creates good processes that result in good outcomes (Donabedian 1988). These elements are consistent with the stages of development of organizational accidents (Figure 3) presented in the next chapter.

Table 2. Dimensions of information management. Modified from EXPH (2014).

STRUCTURE PROCESS OUTCOME

MACRO National level - Health care system

• Governance - Regulations - Laws - Policies

• Organization

• National information systems

• Availability of norms and standards

• Regulation of information manage- ment in health care

• Privacy protection

• Processing of aggregated patient data for policy decisions

• Policy decisions

• Indicators

• Effectiveness

• Equity

• Privacy require- ments

• Quality and safety standards MESO

Regional level • Information culture

• Regional and local information systems

• Information exchange and commu- nication between organizations

• Processing of aggregated patient data for administrative deci- sion-making and policy decisions

• Administrative decision-making

• Information availability

• Continuity of care

MICRO Organizational level

• Organizational guidance

• Information culture

• Information systems

• Support

• Information exchange and commu- nication inside one organization

• Information management practices

• Information management behaviors

• Information technology practices

• Processing of patient data for clini- cal decision-making

• Administrative decision-making

• Continuity of

• Evidence-based care practices supporting effective and safe information management

• Availability of data NANO

Clinical level - Patient-provider interaction

• Information systems

• Characteristics of health professionals - Competence and

skills - Attitudes and

values

• Information retrieval, storage, distribution, and use of information in patient care at organizational perspective.

• Communication

• Clinical decision-making

• Accurate data in patient records

• Patient safety

• Confidentiality

At the macro-level, national governance – including laws, regulations, and policies – guides information management in hospitals, and technology intended for national use. In Finland, processing of health information in hospitals is based on the Personal Data Act 523/1999 that defines the principles of the privacy protection in processing of personal information. In comparison, the Act on the Status and Rights of Patients 785/1992 regulates the processing of patient records and requires the concealment of confidential health information. Detailed requirements for the content of documen- tation and storing of patient records are given in the Decree of the Ministry of Social Affairs and Health on the Patient Records 298/2009.

In Finland, the nationwide patient data management system—The National Ar- chive of Health Information (KanTa)—has been implemented in accordance with the Act on the Electronic Processing of Client Data in Social and Health Care 159/2007.

The KanTa enables hospitals to enter patient records from their information systems in a secure way; additionally, the records are available regardless of the user’s location.

Further, citizens have the right to access and manage their own personal health data as regulated by law (Kanta 2016). The Act on Electronic Prescriptions 61/2007 regulates the processing of electronic prescriptions that are stored in the national electronic Prescription Centre, which created to improve medication safety. The basic premise of the Health Care Act 1326/2010 is that health care needs to be evidence-based, high quality and safe for patients. The overall purpose of the macro-level regulations is to guarantee trustworthy information management in hospitals and to improve privacy, patient safety, and effectiveness.

Information processing at the meso- and micro-level is strongly guided by that at the macro-level, but information culture and information systems also build the en- vironment in which the information management occurs (Marchand et al. 2002, Choo 2006). Information exchange and communication between primary and specialized care organizations at the regional level enables continuity of care when patient data is available as needed in patient transfers (Vermeir et al. 2015, Kattel et al. 2016). The regional and organizational levels are linked with each other, and similar information systems are used when managing patient information. Further, organizational guid- ance at the micro-level is based on macro-level regulations, but information culture and local conditions also formulate the ways information is exchanged and transferred at the organization (Choo et al. 2006). Information management practices, behaviors, and technology define the organization’s ability to manage information safely and effectively (Marchand et al. 2002, Choo 2013).

At the clinical level, the data is collected and further transferred to information to be used in clinical decision-making. The patient-provider interaction in the informa- tion management process includes verbal and written communication; the latter is the most common form of communication (Vermeir et al. 2015). Written communication includes both electronic and manual information processing. Health professionals’

competence, education, skills, and attitudes affect the compliance with organizations’

guidance. In addition, usability of information systems and user interfaces has an impact on the outcomes of information management (Meeks et al. 2014).

2.3 ADVERSE EVENTS AND NEAR-MISSES

Adverse events (AEs) are defined as unintended injuries caused by medical manage- mente (including all aspects of care) rather than by disease processes, in contrast to complications (Committee of Experts on Management of Safety and Quality in Health Care (SP-SQS) & Expert Group on Safe Medication Practices 2005, World Alliance for Patient Safety 2005). Furthermore, many other terms such as adverse outcomes and mishaps are used interchangeably, and are used to mean events that reach the patient and have the potential to cause harm (World Alliance for Patient Safety 2005). Error that has the potential to cause an adverse event for the patient, but is intercepted before reaching the patient, is referred to as a near-miss (Committee of Experts on Management of Safety and Quality in Health Care (SP-SQS) & Expert Group on Safe Medication Practices 2005). To describe adverse events, no-harm events and near-miss situations alike, the term patient safety incident is used; it is defined as any unintended or unexpected event that could have or did lead to unnecessary harm to a patient.

(Committee of Experts on Management of Safety and Quality in Health Care (SP-SQS)

& Expert Group on Safe Medication Practices 2005, World Alliance for Patient Safety Drafting Group et al. 2009). The term unnecessary in this context refers to different origins of incidents, such as errors, violations, patient abuse, and deliberately unsafe acts that might occur in health care (Runciman et al. 2009). These unnecessary inci- dents might be either unintended or intended acts by health professionals. In contrast, necessary harm occurs, such as an incision during an operation, but it is not defined as a patient safety incident (Runciman et al. 2009).

Further, adverse events are divided into preventable and non-preventable events;

preventable describes events that are “potentially avoidable in the relevant circum- stances” (Committee of Experts on Management of Safety and Quality in Health Care

(SP-SQS) & Expert Group on Safe Medication Practices 2005, p.9), and are occurring as a result of human error or system failure (World Alliance for Patient Safety 2005).

Preventable adverse events do not occur if the patient has received appropriate care in accordance with ordinary standards (Committee of Experts on Management of Safety and Quality in Health Care (SP-SQS) & Expert Group on Safe Medication Practices 2005). This dissertation focuses on preventable adverse events excluding non-prevent- able adverse events such as adverse drug reactions relating to an event caused by the nature of drugs themselves (Bates et al. 1995).

Error is defined as “the failure of planned actions to achieve their desired goal”

(Reason 1995, p.81). Thus, errors are unintentional (Runciman et al. 2009) and can be divided into slips and lapses, and mistakes. Moreover, slips and lapses are associated with failures of execution when the plan is correct, but mistakes relate to inadequate planning (Reason 1995, 2001). Contrary to errors, violations are usually intentional deviations of safe practices, procedures, standards, or rules (Reason 1995, 2001, Runci- man et al. 2009). However, violations may become routine and automatic in certain contexts (Runciman et al. 2009). The types of errors are further distinguished by two considerations: the length of time before failure has an impact, and the level of the organization where the error occurs (Reason 1995, 2001, Mitchell 2008). Latent failures occur at the organizational level, usually emerging from management decisions and organizational processes that require a longer time to occur in practice (Reason 1995, 2001). They involve decisions that affect the organizational policies, procedures, and allocation of resources, whereas active failures involve direct contact with patients (Mitchell 2008). Active failures are defined as unsafe acts that sometimes have an im- mediate impact on patients; they can be either errors or violations (Reason 1995, 2001).

The latent and active failures create the task-related work conditions that might lead to patient safety incidents.

Stages in development of organizational accidents (i.e., adverse events in hospi- tals) begin with the latent failures in organizational processes that create undesirable consequences in the workplace and in patient care (Reason 1995, 1997, 2001). The Figure 3 presents the interactions of four stages preceding an adverse event: (1) orga- nizational and corporate culture, (2) contributory factors influencing clinical practice, (3) task, and (4) defense barriers of the organization. The model describes how orga- nizational factors, such as management decisions and processes, promote error- and violation-producing conditions, and how these conditions impact the prevalence of adverse events through errors and violations by health professionals (Reason 1995, 1997, 2001). Vincent et al. (1998) extended this model to the clinical practice and added the following cultural factors: institutional context, organizational and management factors, and work environment. In addition, team factors, individual (staff) factors, task factors, and patient characteristics are workplace- and individual-level factors that have an effect on the outcomes of care and need to be taken into account (Vincent et al. 1998). When this model is applied in information management, the organization stage corresponds to structural IM elements described in Table 2. Further, contributing factors and task factors refer to IM processes, and adverse events reflect outcomes of IM. As mentioned previously, a good structure creates good processes that result in good outcomes (Donabedian 1988). It is possible to prevent adverse outcomes in IM when organizational structures and workplace processes support effective IM.

Institutional context*

Organizational and management

factors*

Work environment*

Error producing conditions

Violation producing

conditions Violations

Errors ORGANIZATION

Organizational and corporate culture

WORKPLACE Contributory factors influencing clinical practice

Incident/

Adverse Event INDIVIDUALS

Task Defense

barriers

*Vincent et al. 1998 Latent failures

Figure 3. The model for stages in the development of an organizational accidents adapted from Reason (1995, 1997, 2001, p.15).

System-centered approach employed in the model pays attention to the organizational factors rather than individual errors (van Beuzekom et al. 2010). The approach as- sumes that humans are fallible, and that they inherit rather than instigate the adverse events; it proposes that systems must be designed so that humans are prevented from making errors (Reason 1995, 1997, 2001, van Beuzekom et al. 2010). Nevertheless, it does not eliminate health professionals’ responsibility for their actions; the line between acceptable and unacceptable behavior needs to be clear in an organization (Reason 1997).

2.4 INFORMATION CULTURE AND CONTRIBUTING FACTORS FOR ADVERSE EVENTS

The information culture specifically concerns how organizations manage data, infor- mation, and knowledge, and reflects the organization’s values, norms, and practices related to information management (Choo et al. 2008, Choo 2013). Many variables such as mission, history, leadership, employee, traits, and national culture, determine information culture (Choo et al. 2008). As for information culture, it has a defining influence on how information is shared and used in the organization (Choo et al.

2006), and it seems to be associated with practices and activities that lead to successful performance (Westrum 2004).

The systems approach suggests that different aspects of organization culture and patient safety are linked together (Reason 1995, 1997, 2001). Previous studies have showed that workplace culture is associated with some nursing-sensitive outcomes such as length of stay (Hahtela et al. 2015), and the quality of the hospital work envi- ronment is connected with patient satisfaction, quality and safety of care, and nurse workforce outcomes (Aiken et al. 2012). Patient safety culture and human factors en- gineering are important structural issues that might improve patient safety (Effken &

Carty 2002, Sammer et al. 2010, Halligan & Zecevic 2011). The positive safety culture

is related to lower adverse events in hospitals (Mardon et al. 2010, Wang et al. 2014, DiCuccio 2015). The positive practice environment improves quality of care (Hinno et al. 2011) and patient outcomes, and decreases adverse events (Kirwan et al. 2013, Van Bogaert et al. 2014). The relational leadership style is associated with the reduction of adverse events, probably through human resources variables (Wong et al. 2013). Di- mensions of organizational culture influence health care performance and safety (Scott et al. 2003, Westrum 2004, Choo 2013), and have a latent connection to the origins of adverse events (Westrum 2004, Hartmann et al. 2009, van Beuzekom et al. 2010, Tvedt et al. 2012). Only a few studies, however, have examined information culture and its dimensions in health care settings (MacIntosh-Murray & Choo 2005, Choo et al. 2006, Choo et al. 2008), where the flow of information is a type marker for organizational culture and is the most critical factor in ensuring safety in hospitals (Westrum 2004).

Some indicators of each information culture dimension are presented in the Table 3. These indicators define how supportive the information culture is, and how infor- mation management is valued in the organization (Choo 2002). Values, norms and practices are applicable at all levels of the DIKW framework (Figure 1); the informa- tion culture affects the effectiveness of information processing and utilization. It is notable that information culture exists in organizations regardless of the effectiveness of information management (Oliver 2008); some practices or policies might actually impede the effective use of information (Choo 2002).

Table 3. Information culture as values, norms and practices (Choo 2002, p.54).

Dimension Indicators

Values Importance of information in organizational achievement

Perception of information management as an organizational priority Attitudes toward new ideas and innovations

Trust, integrity, openness in information creation and use Ownership of information assets

Norms Care and vigilance in gathering and using information Reflection and inquiry as part of work practice

Active and proactive sharing and dissemination of information Rewards and recognition for effective use of information Dealing with errors, failures, mistakes

Practices Creating leadership roles and coordination structures

Developing plans, policies, rules and routines for information management Use of information resources and services

Use of information and communication technologies Collaboration and the sharing of information

Measuring the performance and use of information assets

Personal interests in scanning for information broadly, keeping up-to-date Hoarding of proprietary or personal information

Training and development of information skills

The information orientation of the organization measures the effectiveness of the organization’s information management and use (Choo 2002). It is defined by three information capabilities: information technology (IT) practices, information manage- ment practices, and information behaviors and values (Marchand et al. 2002). In- formation technology practices refer to an organization’s ability to effectively manage information technology applications, software, and infrastructure (Choo et al. 2006). It includes four levels of IT support: operational, business process, innovation, and man- agement (Marchand et al. 2002). Information management practices refer to the capability of an organization to manage information over its life cycle effectively; these practices include sensing, collecting, organizing, processing, and maintaining information in

order to enhance its use for decision-making (Marchand et al. 2000, Choo et al. 2006).

Information behaviors and values are defined as “the capability to instill and promote behaviors and values in the people for effective use of information” (Marchand et al.

2002). They include integrity (i.e., being truthful, accurate, and unbiased), formality (i.e., trust in formal sources), control (i.e., disclosure of business performance to all employees), sharing (i.e., exchange of information), transparency (i.e., open discussion of failures and errors) and proactiveness (i.e., active reactions in information use, ob- taining new information, and implementing it) (Marchand et al. 2002). The relations between these three capabilities are presented in Figure 4.

Figure 4. Spiral of effective information use (Marchand et al. 2002, p.9).

The integrated view of these three information capabilities forms the information orien- tation of an organization, which is prerequisite for good performance. (Marchand et al.

2000, Choo et al. 2006, Choo et al. 2008, Choo 2013). Good IT practices enhance good in- formation usage behavior, which improves information management; this has a positive effect on the ability to use IT in decision-making, which leads back to improved informa- tion management (Marchand et al. 2002). Further, IT practices define the environment and infrastructure where information is used and managed (Choo 2002). Together with information behaviors and information management practices, IT practices create work conditions that might contribute to information management incidents in hospitals.

Based on previous literature reviews in the field, these incidents include failures in (1) documentation (Braaf et al. 2011, Sondergaard et al. 2016), (2) intra-hospital handovers (Nagpal et al. 2010a, Ong & Coiera 2011), (3) information transfer between organizations (Kripalani et al. 2007, Kattel et al. 2016), and (4) the use of EPRs (Bowman 2013, Zahabi et al. 2015). These incidents are presented in the following section.

Documentation of patient data is a central element of safe patient care and a pre- requisite for the continuity of care when patient is transferred to another unit or or- ganization (Braaf et al. 2011, Saranto et al. 2014, Sondergaard et al. 2016). Structured documentation processes seem to have a positive effect on patient safety (Saranto et al. 2014), but studies have shown that there are major variations in documentation practices, and patient data documentation is prone to errors (Paans et al. 2010, Braaf et al. 2011, Edwards et al. 2014). In particular, handwritten nursing documentation is not as comprehensive as electronic documentation (Saranto et al. 2014) and is rec- ognized as an important source of error (Callen et al. 2010). Even in organizations where electronic patient records are in use, paperwork or other recordkeeping devices