It may seem so, but I’ve done security consulting work for 10+ of the largest hospital chains and insurance providers in the country and I can assure you it isn’t an exception. Doctors don’t care about HIPAA (“that’s legal’s job”). They don’t care about the company’s finances (unless it’s a small private practice, “that’s the accountant’s job”).
Some of the complexity is caused by the software itself being complex, yes, but that’s not what I’m talking about. In every organization I have worked with, doctors were always the biggest obstacle to even doing something as simple as requiring them to carry around a badge for physical access to the building. As a group, they are very resistant to anything that might add an extra step to their workflow. And yes, everyone hates and is resistant to stuff being added to their workflow, but I find most people are amenable to it as long as it’s a small interruption and it’s for a good reason (security). Doctors generally don’t have that attitude, though.
I worked in healthcare IT for years, before than going to medical school, and now in residency. My experience really does not match yours.
As mentioned earlier in the thread, I will agree that doctors in general are quite resistant to technology because they have been fucked over by implementations that are more concerned with billing and regulatory than either better patient care or improving physician quality of life/workload.
Most medical facilities use badges for access. I think what you’re calling resistance is increased scrutiny, something you might not be used to dealing with in other fields.
Based on your sweeping generalizations tinged with bitterness I can only imagine most doctors that have to work with you professionally are going to be a bit on edge. The reaction you’re getting from all these physicians you’re working with is probably related to what I can only imagine is a shitty attitude.
Also in security for a long time, spending a lot of that with hospitals and healthcare organizations. My experience matches the parents. Your points are very valid but doctors can definitely be dicks as well.
Why you are resistant is important but you must follow the rules. Bad things beyond your imagination will happen if you click on that email link. The increased scrutiny allows for better patient tracking and care. That needs to be the priority.
Regulatory paperwork and billing are the reason why you are putting in information into the computer. Without these the medical centre closes. Getting the correct information to that department is part of the role.
The better approach would be to automatically filter email containing dangerous link, or automatically prevent whatever dangerous thing that happen when that link is clicked. Is it hard ? Sure, the goal is to maintain security without creating additional burden to the user.
Some of the complexity is caused by the software itself being complex, yes, but that’s not what I’m talking about. In every organization I have worked with, doctors were always the biggest obstacle to even doing something as simple as requiring them to carry around a badge for physical access to the building. As a group, they are very resistant to anything that might add an extra step to their workflow. And yes, everyone hates and is resistant to stuff being added to their workflow, but I find most people are amenable to it as long as it’s a small interruption and it’s for a good reason (security). Doctors generally don’t have that attitude, though.