Showing papers by "Helmut Krcmar published in 2008"

Do virtual communities matter for the social support of patients

Abstract: Purpose – The purpose of this paper is to explore whether online communities meet their potential of providing environments in which social relationships can be readily established to help patients cope with their disease through social support. The paper aims to develop and test a model to examine antecedents of the formation of virtual relationships of cancer patients within virtual communities (VCs) as well as their effects in the form of social assistance.Design/methodology/research – Data were collected from members of virtual patient communities in the German‐speaking internet through an online survey to which 301 cancer patients responded. The data were analyzed with partial least square (PLS) structural equation modeling.Findings – Virtual relationships for patients are established in VCs and play an important role in meeting patients' social needs. Important determinants for the formation of virtual relationships within virtual communities for patients are general internet usage intensity (active...

Leveraging the Wisdom of Crowds: Designing an IT-Supported Ideas Competition for an ERP Software Company

Abstract: "Crowdsourcing" is currently one of the most discussed key words within the open innovation community. The major question for both research and business is how to find and lever the enormous potential of the "collective brain". This research in progress paper provides an approach for finding and leveraging innovations for an ERP software company among its user base. This is done by designing an IT-supported ideas competition within the SAP UCC (University Competence Center) User Group to use the potentials of the collective intelligence of this crowd. The German SAP UCC User Group consists of about 60,000 people (lecturers and students) using SAP software for educational purposes. The practical problem is twofold: On the one hand, there is not much activity yet in this community. On the other hand, SAP has not tried to systematically address this highly educated group for idea generation or innovation development so far. Therefore, the objective of this research is to generate innovations, process and product ideas for SAP Research and Development through an IT-supported ideas competition among the SAP UCC Community. Furthermore, the concept aims at providing an interface to SAP Human Resources processes in order to identify the most promising students in this VC This paper follows an action research approach. It is focusing on the diagnosing and action planning phase to develop an integrated concept of the ideas competition within the VC.

Do Point of Sale RFID-Based Information Services Make a Difference?

Abstract: The increase in RFID implementation in retail allows the development of smart product information applications. However, literature describes only a few evaluations of RFID retail applications with real consumers. The question that arises is, whether such theoretically possible user-centric ubiquitous computing applications meet user needs and, if so, what method is best to investigate this? For our investigation, we developed a mobile phone application prototype based on Near Field Communication (NFC) to obtain product information at the Point of Sale (PoS). Following the ideas of Davis and Venkatesh (2004) and Abowd et al. (2005) with an extended pre-prototype approach for application development and evaluation, we conducted two focus groups (10 consumers, 10 sales assistants). While participants considered the NFC technology innovative and very easy to use ? the need for further information at the PoS was low and varied between product categories. Our approach found that user opinions about paper-based concepts and real prototypes were different from the findings of Davis and Venkatesh (2004). This paper is the first to evaluate a smart information product system with an existing prototype and real consumers, as well as sales personnel. The findings contribute to the theory of ubiquitous computing by proposing a modified approach to evaluating user acceptance and to refining information system requirements for RFID-based smart products. The findings also reflect the response of sales personnel to RFID penetration in shops, suggest how mobile services can add user benefits, and help in the selection of what is the most beneficial information to present at the PoS.

Do Point of Sale RFID-Based Information Services Make a Difference? Analyzing Consumer Perceptions for Designing Smart Product Information Services in Retail Business

Abstract: The increase in RFID implementation in retail allows the development of smart product information applications. However, literature describes only a few evaluations of RFID retail applications with real consumers. The question that arises is, whether such theoretically possible user-centric ubiquitous computing applications meet user needs and, if so, what method is best to investigate this? For our investigation, we developed a mobile phone application prototype based on Near Field Communication (NFC) to obtain product information at the Point of Sale (PoS). Following the ideas of Davis and Venkatesh (2004) and Abowd et al. (2005) with an extended pre-prototype approach for application development and evaluation, we conducted two focus groups (10 consumers, 10 sales assistants). While participants considered the NFC technology innovative and very easy to use-the need for further information at the PoS was low and varied between product categories. Our approach found that user opinions about paper-based concepts and real prototypes were different from the findings of Davis and Venkatesh (2004). This paper is the first to evaluate a smart information product system with an existing prototype and real consumers, as well as sales personnel. The findings contribute to the theory of ubiquitous computing by proposing a modified approach to evaluating user acceptance and to refining information system requirements for RFID-based smart products. The findings also reflect the response of sales personnel to RFID penetration in shops, suggest how mobile services can add user benefits, and help in the selection of what is the most beneficial information to present at the PoS.

RFID in Retailing and Customer Relationship Management

Abstract: Radio Frequency Identi?cation (RFID) is a hot topic in retail supply chain management [Behrenbeck, Kupper et al. 2004]. Yet, a recent study predicts ?that the true bene?ts of RFID for retailers will be in enhanced marketing opportunities? [Sharpless 2005]. Research on RFID for marketing purposes is still rare giving the opportunity for more speci?c research on how RFID will in?uence business to consumer (B2C) marketing and services [Curtin, Kauffman et al. 2005]. Apparel retailing will most likely be one of the ?rst industries to adopt item level tagging and thus bene?t from those new marketing opportunities [Chappell, Durdan et al. 2003; Kurt Salmon Associates 2005]. This paper investigates the opportunities of RFID to enhance B2C marketing of apparel retailers. The paper presents six out of 17 developed RFID applications that support relationship marketing of apparel retailers to better recruit, retain, and recover customers. The RFID applications are classi?ed by the marketing goals they ful?ll and the marketing phase they support. The authors describe the use of each RFID application exempli?ed, and evaluate the additional value for the customer company relationship as well as the feasibility for apparel retailers to implement the application into practice.

Data Warehouse Design

Abstract: A focus of many business curricula is on information management including special topics such as Data Warehousing. In real life system architects usually encounter the question of ?how to design a Data Warehouse? to meet certain business requirements. The different approaches and the related challenges of Data Warehouse design will be addressed in theory and within the scope of a concrete case study. The case study offers a hands-on-scenario illustrating the implementation of a data model for sales reporting. The widespread Data Warehouse solution SAP Netweaver BI 7.0 ? is used as technological platform.

Multikonferenz Wirtschaftsinformatik 2008

Abstract: Informations- und Kommunikationstechnologien sind ein zentraler Erfolgsfaktor fur moderne Unternehmen. Der forliegende Band prasentiert Ergebnisse der Multikonferenz Wirtschaftsinformatik, die vom 26.-28. Februar 2008 von den Wirtschaftsinformatiklehrstuhlen der Munchener Universitat am Standort der TU Munchen in Garching organisiert wurde. Die Multikonferenz Wirtschaftsinformatik ist der traditionelle Treffpunkt der deutschsprachigen Wirtschaftsinformatik in den geradzahligen Jahren. Sie richtet sich sowohl an Wissenschaftler als auch Praktiker, die an aktuellen Entwicklungen von Informations- und Kommunikationstechnologien und ihrer Anwendung in einem okonomischen Umfeld interssiert sind. Die MKWI umfasst Themenfelder von Wissenschaftstheorie bis Webservices und von Automotive Services bis Unternehmensarchitekturen. Ziel der Konferenz ist es, mit unterschiedlichen Vortrags- und Diskussionsformaten den Austausch zwischen den Fachgruppen sowie zwischen Wissenschaft und Praxis zu fordern.

Community for Innovations: Developing an Integrated Concept for Open Innovation

Abstract: This paper presents a research project called GENIE. It aims at developing a concept for integrating external stakeholders into a company’s innovation management through a virtual community. This novel instrument for opening up a company’s innovation process to external stakeholders enables collaborative creation and implementation of innovations along the entire innovation process. We focus on software companies and aim at developing and testing this approach in several real-world settings.

IT-Standards and Standardization Approaches in Healthcare

Abstract: E-health basically comprises health services and information delivered or enhanced through the Internet and related technologies. The future healthcare system and its services, enabling e-health, are based on the communication between all information systems of all participants of an integrated treatment. Connecting the elements of each healthcare system (general practitioners, hospitals, health insurance companies, pharmacies, and so on) — even across national boarders — is an important issue for information systems research in healthcare. Current developments, such as upcoming or already-deployed electronic healthcare chip cards (that are to be used across Europe), show the need for Europe-wide standards and norms. In this article, we first outline the advantages of the standards, and then describe their main characteristics. After the introduction of communication standards, we present their comparison with the aim to support the different functions in the healthcare information systems. Subsequently, we describe the documentation standards, and discuss the goals of existing standardization approaches. Implications conclude the article.

Relational Risk Mitigation: The Relationship Approach to Mitigating Risks in Business Process Outsourcing

Abstract: Managing risks in outsourcing has been widely researched but is still not fully understood by either academics or practitioners. Recent research on IS outsourcing relationships has addressed the relationship between formal and relational governance, but has not revealed how individual relational factors affect outsourcing risk. Surveying 335 business process outsourcing initiatives, our data supports the separation of an operational, performance-driven approach and an embedded, financial-driven one in order to mitigate risks through relational factors. Our findings show that relationship processes, particularly conflict resolution, are the most important for controlling performance risk, while inherent relationship attributes, such as trust, are the most suitable and promising for managing financial risk. Overall, our findings recommend a more integrated, specific study of contractual and relational governance mechanisms on individual risk and benefit measures.

A Proposed Solution for Managing Doctor's Smart Cards in Hospitals Using a Single Sign-On Central Architecture

Abstract: This paper describes a single sign-on solution for the central management of health care provider's smart cards in hospitals. The proposed approach which is expected to be an improvement over current methods is made possible through the introduction of a national healthcare telematics infrastructure in Germany where every physician and every patient will automatically be given an electronic health smart card (for patients) and a corresponding health professional card (for health care providers). This introduction will cause changes in many existing health care administrative processes. The example process of writing a discharge letter is used in the paper to compare two existing approaches for integrating the new smart cards to the proposed single sign-on approach. Based on the findings we support a centralized single sign-on card management approach which allows us to exploit possible process improvements now and in the future. In closing we outline further application potentials of the described approach for management of smart cards in health care and, in particular, in hospitals.

Quality aspects in service ecosystems: areas for exploitation and exploration

Abstract: Service Science, Management, and Engineering (SSME) is a research area with significant relevance to research and practice. Networked systems of web services are a field of service science that enjoys growing interest from researchers. The complex and dynamic environment of these service ecosystems poses new requirements on quality management that are insufficiently addressed by current approaches that focus mainly on the technical aspects of quality. This focus is a severe limitation for the development of service networks because it neglects perceived service quality from the viewpoint of service consumers. In this paper we propose a reference model for quality management in service ecosystems. This reference model is linked in particular to innovation and new service development. Towards the end we propose premises for the implementation and outline a future research agenda.

Quality aspects in service ecosystems : areas for exploitation and exploration

Abstract: Service Science, Management, and Engineering (SSME) is a research area with significant relevance to research and practice. Networked systems of web services are a field of service science that enjoys growing interest from researchers. The complex and dynamic environment of these service ecosystems poses new requirements on quality management that are insufficiently addressed by current approaches that focus mainly on the technical aspects of quality. This focus is a severe limitation for the development of service networks because it neglects perceived service quality from the viewpoint of service consumers. In this paper we propose a reference model for quality management in service ecosystems. This reference model is linked in particular to innovation and new service development. Towards the end we propose premises for the implementation and outline a future research agenda.

Exploring success factors for IT carve out projects

Abstract: Carve out projects have recently become an emerging issue in practice and theory given the diversity of strategic foci of companies as well as recent merger and acquisition activities. This paper highlights the relevance of IT in such carve out projects. IT depicts their characteristics and specific features with regard to general IT projects as well as success factors for the management of IT carve outs. Based on a systematic literature review, we conducted 18 exploratory expert interviews with different stakeholders involved in the management of IT carve outs. We show that the perception and acknowledgement of the IT function within the overall carve out project is broadly underestimated. We elaborate on learnings for the successful management of the IT function within a carve out project: the involvement of IT executives in the early phases of contract negotiations; improved IT due diligence processes for a better anticipation of IT costs; early analysis of the target enterprise architecture. Additionally, we identified success factors of managing IT carve out projects. This paper is among the first to shed light into the research field of IT carve out projects including exploratory empirical data and gives recommendations for future research of IT carve outs.

IS Outsourcing Governance in Innovation- Focused Relationships: An Empirical Investigation

Abstract: Out of the various motivations and intentions for outsourcing information technology, customers’ expectations of innovative IT products and services for business advantage have only recently become an emerging issue among IT service providers and their customers. But little is known about ITenabled innovation in IS outsourcing settings and how to manage such outsourcing relationships. Do customers who strive for innovation through outsourcing have other governance mechanisms in place than customers who do not expect innovation potentials from their outsourcing vendor? Based on 268 responses from chief information officers and IT executives, this paper shows that innovation-seeking customers manage their outsourcing relationship differently from those who do not associate innovation opportunities with their outsourcing relationship. In innovation-seeking outsourcing settings informal relationship mechanisms have a significantly stronger impact than in non-innovation seeking settings. However, contractual governance was found to be important regardless of the outsourcing intent. These findings call for further research on the relation and mutual impact of contractual and relational governance, e.g. by formalizing experience and mutual learning gathered through relational governance of the outsourcing partners in a contract.

Security analysis of the health care telematics infrastructure in germany

Abstract: Based on ISO 27001 for Information Security Management Systems, this paper introduces a newly developed security analysis approach, suitable for technical security analyses in general. This approach is used for a security analysis of several components and processes of the Health Care Telematics in Germany. Besides the results of the analysis, basics for further analysis and verification activities is given.

A Cross-Cultural Comparison of Perceived Strategic Importance of RFID for CIOs in Germany and Italy

Abstract: Drawing from literature on innovation, strategy and culture the objective of this study is to explore the role of perceived potentials and perceived strategic importance on CIOs' perspective on RFID technology in two different cultural settings. Based on survey responses from 463 German and 157 Italian IT decision makers we analyzed the data with PLS structural equation modeling. We show that perceived potentials of RFID influence the perceived strategic importance which positively influences CIOs' intention to invest in RFID. The composition of perceived potentials affecting the strategic importance of RFID differs significantly in both cultures. In Germany, potentials attributed to RFID are improving quality, automating manpower, reducing counterfeits, and improving customer-service. Italian CIOs value reducing stock inconsistencies, optimizing stock keeping, and improving customer- service as RFID potentials. Regardless of culture, findings show that company size hardly has impact on perceived strategic importance. This research shows on a large empirical basis cultural differences in the perception of RFID in two countries using PLS.

Toward IT Value Mapping - An Approach to Value-Based IT Management

Abstract: Recent research has shown that companies face considerable difficulties in implementing a value-based management of their IT portfolios. This paper therefore presents an approach for measuring and managing the business value of IT investments. To ensure practicability, our approach is derived from a set of practice-based requirements extending previous empirical work. In our conceptual model we distinguish between capital budgeting and ongoing value management. For capital budgeting we propose to assess IT investments according to their expected business value by using net present value analysis and a scoring model. For ongoing value management we recommend to keep track of a set of project specific key performance indicators to ensure that the desired benefits are realized. In order to link these two fundamental processes, value drivers and measurable performance indicators have to be identified. Thus we combine established evaluation for an integrated IT Portfolio assessment considering financial, non-financial and risk effects as well.

Exploring relationships in information systems outsourcing: a typology of IS outsourcing relationships

Abstract: Information systems (IS) outsourcing continues to be an important issue on the agenda of corporate IT executives (Luftman et al. 2006). However, the IS outsourcing market is changing and diversified approaches to outsourcing practices have been emerging over the past three decades (Dibbern et al. 2004; Lee et al. 2003). Starting with long-term outsourcing projects in the 1980s, organizations today face a turbulent and dynamic business environment and thus tend to seek increasingly selective, short-term, and often multi-vendor outsourcing arrangements (Cohen and Young 2006). Outsourcing has evolved beyond providers merely taking over a function and performing higher quality work at lower cost. Outsourcing arrangements have become more sophisticated not only with regard to the service itself but also with regard to the seemingly boundless global delivery of IT components (Rottman and Lacity 2004). Besides forms of short-term selective outsourcing, strategic partnerships and alliances, often referred to as transformational outsourcing (Linder 2004), have become an emerging trend. In this context, risk-sharing models and collaborative service development of innovative IT services have begun to shape customers’ expectations toward the IT service provider (Leimeister et al. 2006b).

Struktur von IT-Servicekatalogen: Ein praxisorientierter Gestaltungsvorschlag für die Dokumentation des IT-Leistungsangebots.

Abstract: Vielfach erweist sich Aufbau und Ausgestaltung von ITServicekatalogen in der Praxis als schwierig, da konkrete Gestaltungshilfen zur Strukturierung des Leistungsangebots fehlen oder nur eingeschränkt anwendbar sind. In diesem Beitrag wird ein Ansatz vorgestellt, der zu einer durchgängigen und transparenten Strukturierung des IT-Leistungsangebots beiträgt und einen konkreten Gestaltungsvorschlag liefert. Hierzu wird neben der integrierten Betrachtung der zentralen Zielgruppen von IT-Servicekatalogen, eine Grundlage für eine einheitliche Dokumentation des Leistungsangebots geschaffen. Auf Basis zentraler Anforderungen an IT-Servicekataloge bildet die Darstellung und Begründung der herausgebildeten Strukturierungsebenen des Vorschlags und dessen Ausgestaltung den Schwerpunkt des Beitrags.

Zentrale Verwaltung von Gesundheitskarten im stationären Krankenhausumfeld – Das IQ-Medi-LOG-Produkt als Alternative zu gematik-Konzepten

Abstract: Die gesetzlich vorgeschriebene Einfuhrung des Heilberufsausweises (HBA) fur medizinische Leistungserbringer stellt IT-Infrastrukturen, Aufbau- und Ablauforganisationen in Krankenhausern vor grose Herausforderungen. Der Beitrag stellt einen im Vergleich zu den von der gematik spezifizierten Ansatzen zur geplanten HBA-Integration in Krankenhausprozesse neuen Losungsansatz vor, der im Produkt IQ-Medi-LOG umgesetzt ist. Hierdurch konnen die propagierten Effektivitats- und Effizienzverbesserungspotenziale durch die elektronischen Gesundheitskarten vorteilhafter gehoben und eine Verbesserung des Kundenservice ermoglicht werden. Daruber hinaus bietet der Ansatz eine Grundlage fur bisher noch nicht existierende Mehrwertdienstleistungen in Krankenhausern. Anhand eines konzeptionellen Vergleichs kann die Vorteilhaftigkeit des neuen Ansatzes demonstriert werden. Abschliesend werden weitere Anwendungspotenziale fur diesen zentralen Ansatz zur Verwaltung von Gesundheitskarten dargestellt und ein Ausblick fur die Weiterentwicklung gegeben.

An Approach to Simulate Enterprise Resource Planning Systems

Abstract: Enterprise Resource Planning (ERP) systems are an essential part of the infrastructure to run and support a company?s business processes. These systems have to be updated frequently to satisfy law regulations, needed functionality and sustain stability within a changing technical environment. Having these needs for change in mind the impact of related updates is often not transparent to the operator and may cause unwanted side-effects. The way to prevent update problems is running a shadow system and deploy changes there first. However this is not always feasible due to monetary or other reasons. One proper approach might be the simulation of ERP systems. Therefore this workshop paper shows a process how a simulation model for complex ERP systems might be developed. The paper focuses on the development of an adequate structure to represent complex ERP system architectures. For the development of this structure it utilizes the idea of the Enterprise Service Oriented Architecture (SOA) paradigm and an extended 3 tier architecture reference model. The basic approach focuses on a so called multi-layer service map, which contains all services inside an ERP system and interdependencies between these services. This multi-layer service map can be used as data basis to create a simulation model of the analysed ERP system later on.

RFID in Operations and Supply Chain Management

Abstract: Edited byThorsten Blecker and George Q. HuangWith Contributions byEddy Bajic, Malcolm Bertoni, John S. Bishop, Jr., Melanie Blasl, Thorsten Blecker, Indranil Bose, Madlen Boslau, Charles M. Carson, Aldo Cea-Ramirez, Pavlina Chikova, Alvin Chung Man Leung, Dragos Dobre, Ergin Erdem, G. Scott Erickson, Michael Etgar, Emilio Ferrari, Lynn A. Fish, Dimitris Folinas, Wayne C. Forrest, Driss Hakimi, George Q. Huang, Brian D. Janz, Bernd Kaluza, Chris Keen, Eileen P. Kelly, Zsolt Kemeny, Eva-Maria Kern, Diego Klabjan, Uta Knebel, Ron Konecny, Helmut Krcmar, Pierre-Alexandre Leclerc, Jan Marco Leimeister, Britta Lietke, Peter Loos, Laszlo Monostori, Benoit Montreuil, Donald C. Mosley, Jr., Robert F. Otondo, Nikolas Patrikios, Kulwant S. Pawar, Mitzi G. Pitts, Yoseph Raanan, Johann Riedel, Angel Ruiz, Uwe Sandner, Sandipan Sen, Jing Shi, Bjorn Simon, Jollean K. Sinclaire, Jeffrey M. Stanton, Joseph G. Szmerekovsky, Kantipa Thamworrawong, Bettina Thurnher, Stefano Torroni, Ilias Vlachos, David L. Wells, Herwig Winkler, V. Zeimpekis, Hai Zeng, Jiang Zhang, Kathryn M. Zuckweiler, Elisabeth Zudor-Ilie

Virtualisierung von Very Large Business Applications.

Abstract: In einigen Anwendungsbereichen hat der Einzug von Virtualisierungslösungen bereits umfangreich stattgefunden [1U1], in anderen Bereichen scheint sich der Einzug derzeit anzubahnen [AB07]. Gleichzeitig nimmt die Anzahl der am Markt verfügbaren Virtualisierungslösungen stark zu [IX607]. Konzeptionelle Unterschiede der einzelnen Virtualisierungslösungen scheinen hier erhebliche Vorund Nachteile beim Einsatz in den jeweiligen Anwendungsgebieten mit sich zu bringen [XE03]. Der Betrieb von komplexen Umgebungen wie Very Large Business Applications (VLBAs) [GR07] stellt besondere Anforderungen an die verwendete Infrastruktur – und damit ggf. an Virtualisierungslösungen. Um den möglichen Einsatz von Virtualisierungslösungen für den Betrieb von VLBAs zu untersuchen, stellen sich folgende Fragen: Was sind die wesentlichen Merkmale von Virtualisierungslösungen? Wie sieht der Entwicklungspfad aktueller Virtualisierungslösungen aus? Wie lässt sich die Architektur verschiedener Virtualisierungslösungen darstellen? Wie kann die Eignung von Virtualisierungslösungen für den Betrieb von VLBAs festgestellt werden? Diese Arbeit gibt eine Einführung in den Themenkomplex „Virtualisierung“ und stellt in diesem Zusammenhang einige Lösungsansätze, Konzepte und Architekturen sowie deren Eigenschaften vor. Es folgt ein Ausblick, wie mögliche Messreihen den Betrieb von „Very Large Business Applications“ in virtualisierten Umgebungen untersuchen können.

Grundlagen der IT-Industrialisierung.

Abstract: Bereits seit einigen Jahren hat die Informationstechnik (IT) nicht nur zur Industrialisierung anderer Wirtschaftszweige beigetragen, sondern unterliegt in zunehmendem Mase selbst einem Industrialisierungsprozess. Die Analyse der strukturellen Grundlagen der Industrialisierung zeigt, dass es im Zuge einer fortschreitenden IT-Industrialisierung zu Veranderungen bei den Faktoren Preis, Produkt, Produktion, Personal und Partner kommt. Neben den Veranderungen bei den Produkten der IT und deren Preisen spielt vor allem das Management der ITLeistungserstellung, d. h. die Produktion von IT, eine wichtige Rolle. 1 IT-Industrialisierung und deren Auswirkungen auf das SoftwareManagement Die Rolle der Informationstechnik (IT) wurde lange Zeit als wettbewerbsdifferenzierender Produktionsfaktor diskutiert. IT wurde als „Enabler“ neuer Geschaftsmodelle wahrgenommen – der Einsatz von IT war oft eine wichtige strategische Entscheidung. Seit einiger Zeit wird diskutiert, ob die IT nun zur „Commodity“ wird, die – ahnlich wie elektrische Energie – eine geschaftskritische Ressource ist, deren Einsatz aber keine Wettbewerbsvorteile mit sich bringt [Ca03, S. 44-48].

Bewertung und Klassifikation von Bedrohungen im Umfeld der elektronischen Gesundheitskarte

Abstract: Dieser Beitrag identifiziert und klassifiziert m?gliche Angreifer und Angriffe rund um die Einf?hrung der neuen elektronischen Gesundheitskarte bzw. rund um die Telematik-Infrastruktur in Deutschland aus sicherheitstechnischer Perspektive. Dadurch soll mehr Transparenz zur IT-Sicherheit f?r Patienten und Leistungserbringer geschaffen und m?gliche Sicherheitsl?cken identifiziert werden, um projekt-begleitende L?sungen rechtzeitig vor der fl?chendeckenden Einf?hrung der elektronischen Gesundheitskarte erarbeiten zu k?nnen. Die vorgeschlagene Klassifikation der Bedrohungen wird in der Test- und Modellregion Ingolstadt als Teil der begleitenden Sicherheitsevaluation angewendet.

IT-Sicherheitsrichtlinien für eine sichere Arztpraxis

Abstract: In kleinen Einzelpraxen, Praxisgemeinschaften oder Gemeinschaftspraxen befinden sich oft nur ungen?gend oder ?berhaupt nicht gesicherte IT-Infrastrukturen. Dies liegt nur zum Teil an den begrenzten Mitteln. Vielmehr fehlt es oft an konkreten Vorgaben f?r eine sichere IT-Umgebung. Zudem sind die wenigsten ?rzte mit dem Thema IT-Sicherheit vertraut, obwohl den meisten von ihnen bewusst ist wie eng das Thema Datenschutz mit der ?rztlichen Schweigepflicht zusammenh?ngt. Zudem wird mit der Einf?hrung der elektronischen Gesundheitskarte (eGK) damit zu rechnen sein, dass Arztpraxen ihre IT aufr?sten m?ssen, um die neuen IT-Ger?tschafte einbinden zu k?nnen. Hierbei gelten f?r die eGK-Komponenten h?chste Sicherheitsstandards, dessen An-forderungen sp?ter ziemlich sicher auch auf die Sicherheitsanforderungen der restlichen Pra-xis-IT abf?rben werden. Das folgende Dokument bietet eine Richtlinie f?r die Organisation einer sicheren Arztpraxis-IT basierend auf dem Grundschutzhandbuch des Bundesministeriums f?r Sicherheit in der Informationstechnik (BSI).

Anforderungen an Werkzeuge zum Prototyping von Automotive Services

Abstract: Bei der Konzeption neuer Services (z.B. dynamische Navigationssysteme) in Fahrzeugen stehen die Entwickler meist vor ?hnlichen Problemstellungen, wie z.B. der komplexen Infrastruktur im Fahrzeug oder der n?tigen Reduktion der Fahrerablenkung bei der Nutzung w?hrend der Fahrt. F?r die prototypische Umsetzung von innovativen mobilen Diensten, z.B. im Rahmen von Pilotierungsprojekten, kann ein ?Komponentenbaukasten?, der Entwicklern vorgefertigte Module liefert, hier Abhilfe schaffen. Die Entwickler sparen so wertvolle Entwicklungszeit, da h?ufig verwendete Bausteine automobiler Dienste (z.B. Mensch-Maschine Schnittstellen) ?off the shelve? benutzt werden k?nnen. Wir zeigen die Anforderungen an eine solche Prototyping Plattform auf und beschreiben, wie die Architektur gestaltet sein k?nnte und welche Komponenten Teil einer solchen Umgebung sein k?nnten.