First Advisor

Lindoo, Ed

Second Advisor

Plantz-Masters, Shari

Third Advisor

Birkenheuer, Nancy


College for Professional Studies

Degree Name

MS Systems Engineering


School of Computer & Information Science

Document Type

Thesis - Open Access

Number of Pages

92 pages


Over the past decade, healthcare organizations have been subjected to many federally mandated statutes to comply with. Three of the biggest statutes over the last decade are the Health Information Portability and Accountability Act (HIPAA), the Red Flag Rules, and the Health Information Technology for Clinical Health (HITECH). These mandates deal directly with the security of electronic patient information. To date, many entities have provided estimations of cost of compliance. Some have provided quantitative models to calculate the return of IT investments. Very few have attempted to look retrospectively and determine the level of and barriers to compliance. This quantitative study used a similar study as the framework to build upon. The study in part used survey questions from Mhamed Zineddine's doctoral dissertation titled, “Compliance of the healthcare industry with the Health Insurance Portability and Accountability Act security regulations in the Washington State: A quantitative study two years after mandatory compliance." The survey asked hospital Information Technology directors and managers questions to look at the level of compliance with the Health Insurance Portability and Accountability Act standards. Additionally, the survey asked questions to determine the impact on a health care organization when attempting to comply with multiple government mandates simultaneously. The analysis is an attempt to answer the question “Is Healthcare IT over regulated."

Date of Award

Spring 2011

Location (Creation)

Denver, Colorado

Rights Statement

All content in this Collection is owned by and subject to the exclusive control of Regis University and the authors of the materials. It is available only for research purposes and may not be used in violation of copyright laws or for unlawful purposes. The materials may not be downloaded in whole or in part without permission of the copyright holder or as otherwise authorized in the “fair use” standards of the U.S. copyright laws and regulations.