Skip to main content
  • Research article
  • Open access
  • Published:

Technical requirements framework of hospital information systems: design and evaluation



Implementing the health information system (HIS) is more complex and costly than implementing other information systems. The present study was conducted to design and evaluate technical requirements for the HIS.


The present study was conducted in 2016 by determining technical requirements for the HIS using the Delphi technique and then evaluating this system using a checklist based on the approved requirements.


The first part of the study designed a 73-item final list of technical requirements for the HIS in four domains, i.e. communication service, system architecture, security service and system response time. The evaluation results obtained in the second part showed that communication service was met in 63.8% of the HIS programs, system architecture in 65.5%, security service in 72.4% and system response time in 76.3%.


A technical evaluation tool was designed and used to select and evaluate the HIS. The evaluation results suggested the study HIS was poorer in terms of communication service and system architecture than in the other two dimensions.

Peer Review reports


Modern advances in information technology (IT) have completely transformed the face of the world, and IT-based services have significantly improved healthcare services [1, 2]. Among those, HISs are one of the most commonly used health information systems [3]. Despite the potential benefits, HISs are neither widely used by healthcare providers nor are they readily accepted by users where they are launched [4]. Given the significant failure rate of the HIS, efforts are required to be made to enhance its currently-slow popularity by meeting the implementation challenges of this system [5].

Failing to properly identify technical requirements for the HIS and its integrity are implementation challenges of this system [6]. Designing a framework for determining the technical requirements and accordingly evaluating the system is therefore crucial. Technical dimensions of information systems such as architecture, communication service and response time play a key role in the failure rates of these systems [7]. The technical factors have been addressed as the second leading or even the main obstacle to effectively implementing the HIS [1, 8]. Meeting technical requirements ensures information security and confidentiality as well as the successful communication of the system with other systems [9]. Determining the technical requirements assists network designers in identifying technical features and their supporting software version and also in selecting hardware platforms [10].

Given the significant relationships between technical factors and success rates of the HIS [11], establishing appropriate evaluative criteria is as crucial for overcoming technical obstacles to the system implementation [12] as accurately assessing the system is essential for its successful implementation [13].

The HIS evaluation and technical requirements have been addressed in literature in two domains or in a general manner in a single setting using a small sample and a maximum of 7 items [14,15,16,17,18]. Moreover, hardware, software, networking and technical support have been mentioned as the technical challenges facing the HIS development [19, 20]. The Iranian Ministry of Health and Medical Education has defined technical requirements for the HIS in two domains of communication services and security services [21]. A review of literature suggests the very limited number of requirements defined using a small sample mostly involve a small section of hospitals. Library research was also found to have failed to determine comprehensive requirements. The only detailed list of requirements defined by the Iranian Ministry of Health and Medical Education can be developed in terms of the defined domains and items.

Regarding the program of Iranian Ministry of Health and Medical Education for the application of IT services in the healthcare sector and development of electronic health records (EHRs) [22] and considering HISs as good examples of EHRs [23], implementation principles and the technical requirements of these systems need to be continuously assessed and revised [24]. The present study therefore proposed a comprehensive framework for defining technical requirements for the HIS and evaluating this system accordingly. These requirements are recommended to be employed by hospital executive teams and HIS developers.


The present study was conducted in two parts, i.e. designing technical requirements for the HIS and its evaluation based on these requirements.

First part: designing technical HIS requirements

This part determined technical requirements for the HIS in three stages: Focus Group Discussion (FGD), Modified Delphi Technique and Classical Delphi Technique.

Focus group discussion

Ten experts with at least a master’s degree in software, networking or IT and 7 years of work experience in IT departments of hospitals or medical science universities were first selected from faculty members and the staff. Before holding FGD, a panel of experts was presented with a primary checklist extracted from the comprehensive outline published by the Iranian Ministry of Health and Medical Education regarding HIS assessment criteria [21].

The challenges and technical obstacles to implementing the HIS were discussed in four 4-h sessions. The FGD was held to identify the major technical requirements from expert perspectives and determine all the technical and implementation problems that had ever faced the experts. At this stage, the experts freely exchanged ideas and discussed technical requirements for the HIS through brainstorming. The expert comments were recorded and then transcribed during the meetings. A list of technical requirements was ultimately developed and they were classified into four domains, i.e. communication service, system architecture, security service and system response time according to the expert comments. The primary questionnaire was then designed as the framework of technical requirements for the HIS, which included the study introduction and objectives and a list of technical requirements for the HIS with an open-ended question for including future expert comments.

Modified Delphi technique

The Modified Delphi Technique was employed at this stage to reach consensus on the requirements by going through a multi-stage process. As an open-ended round Delphi guided by focus groups or one-to-one interviews, this technique is generally used as a Group Delphi Technique to reach consensus using expert comments and structured questionnaires [25]. Experts present at this stage were those who participated in the FGD. At the end of the focus group, the initial technical requirements for the HIS were individually scored by the experts on a five-point Likert scale ranging from 0:strongly disagree to 4:strongly agree. The requirements receiving a total mean score of over 3 were approved, those with a total score of below 2 were eliminated and those with a mean score of 2–3 were reassessed by the experts to be either approved or removed from the questionnaire. The experts were encouraged to freely express their ideas and propose potential technical requirements for the HIS. They unanimously finalized the HIS technical questionnaire after holding four focus group rounds. Four groups of technical requirements for the HIS were ultimately accepted as a 72-item questionnaire with a mean score of 3.4.

Classical Delphi technique

At this stage, the 72-item questionnaire approved in the Modified Delphi Technique was distributed among 40 IT experts and IT managers of hospitals and medical science universities across the country with at least a master’s degree and a minimum of 5 years of work experience in the HIS field. This questionnaire included demographic information, 72 closed-ended items and an open-ended question to explore the possibility of including additional technical requirements (Additional file 1). The respondents scored the items on a five-point Likert scale ranging from 0: strongly disagree to 4: strongly agree. At all rounds of the Delphi technique, the participants were anonymously provided with feedback. To meet all the Delphi requirements, including anonymity and feedback, research collaborators were introduced to the study hospitals as another focal point. They were in charge of briefing the IT experts and managers on the study objectives and providing them with feedback on the data obtained at individual rounds. Thirty eight of the 40 questionnaires distributed were completed. The mean scores of the individual requirements calculated in SPSS Statistics for Windows, version 18.0 (SPSS Inc., Chicago, Ill., USA) were employed in statistical analyses. The Classical Delphi Technique was performed in two rounds. The ultimately-approved 73-item questionnaire included one additional item and four domains of technical requirements for the HIS with a mean score of 3.6.

Second part: evaluating HISs

After inquiring of the Iranian Ministry of Health and Medical Education about the number of companies supplying the HIS, the software was found to be provided by 19 software suppliers throughout the country, 16 of which consented to have their HIS evaluated and provided a list of hospitals in which their system was being run for at least 5 years. A total of 16 hospitals, each corresponding to one of the suppliers, were then randomly selected to evaluate the HIS program. Running all the software modules was the only inclusion criterion for selecting a hospital. After completing the HIS technical checklists containing Yes/No items designed in the first part through individually asking from the IT users and experts working at the IT units of the selected hospitals as well as observing the implemented system, the data collected were analyzed in SPSS-18. The hospital HIS received a score of 1 if it met the checklist criteria; otherwise, it received a score of 0. The system performance was evaluated in individual domains as a score in percentage, with 0–20% denoting a very poor performance, 20–40% a poor performance, 40–60% an average performance, 60–80% a good performance and 80–100% a very good performance.

Ethical considerations

Before beginning the FGD, all the participants signed informed consent forms, in which they were briefed on the study objectives and their voluntary participation in the FGD and confidentiality of their information were ensured. Before completing the checklist in the second part of the study, the participants were briefed on the study objectives. Their voluntary participation and confidentiality of their information were also ensured.


In the Classic Delphi stage, 76.3% of the experts were male and 23.7% female. The participants were also 28–52 years old and had a mean age of 34.7 ± 6.3 years. They also had a mean work experience of 9.9 ± 5.3 years and a mean HIS work experience of 6.6 ± 1.7 years, whereas 63.2% had a bachelor’s degree.

In the first round of the Classical Delphi Technique, the experts approved all the requirements associated with communication service, system architecture, security service and system response time. A requirement associated with system architecture, which did not receive the minimum score in the first round, was approved after being reassessed along with the newly-proposed requirements in the second round of the Classical Delphi Technique. The 73-item list of HIS technical requirements was ultimately confirmed with a mean score of 3.6 in the four domains. These requirements were met in 68.9% of the HISs run in the study hospitals. Tables 1, 2, 3, 4 and 5 present the results of the Delphi technique and evaluation of HISs technical requirements.

Table 1 The mean score of the technical requirements and the HIS evaluation results
Table 2 The mean score of communication service requirements and the HIS evaluation results
Table 3 The mean score of system architecture requirements and the HIS evaluation results
Table 4 The mean score of security service requirements and the HIS evaluation results
Table 5 The mean score of system response time requirements and the HIS evaluation results

Table 2 presents communication service domain as 10 items; showing a mean score of 3.49 ± 0.38 using the Delphi method and suggesting that the study HISs met 63.8% of the requirements of communication service domain.

According to Table 3, the 27-item system architecture domain with a mean score of 3.53 ± 0.37 was approved, which has been met in 65.5% of implemented HISs.

According to Table 4, the 31-item service security domain with a mean score of 3.5 ± 0.39 was approved, which observed in 72.4% of the implemented HISs.

According to Table 5, the 5-item system response time domain with a mean score of 3.82 ± 0.29 was confirmed, which observed in 76.2% of the implemented HISs.


Experts approved HIS technical requirements in four domains, i.e. communication service (10 items), system architecture (27 items), security service (31 items) and system response time (5 items). Meeting the requirements in the study hospitals was found to be at good levels (68.9%).

Technical requirements for the HIS are largely addressed in literature using a researcher-made checklist, including a very limited number of items (4–7 items), on minor technical requirements [14, 17]. Even the requirements defined by the Iranian Ministry of Health and Medical Education in two domains of security services and communication services and 23 items [21] are not comparable with the number of items and domains defined in the present study. The present study designed data collection tools in a way that more specific and comprehensive domains and items were provided for evaluating the HIS on a national scale; nevertheless, technological advances require that further studies be conducted on diverse requirements and domains in the future.

The experts confirmed communication service as a domain of the technical requirements. The requirements for the study HISs associated with communication service were met in 63.8% of the cases, which was considered good though lower than the compliance rates of the other domains. Moreover, the standard protocol approved by the national healthcare authorities for patient information exchange was met in only half of the information systems of the research population. The National Coordination Office of Health Information Technology of America emphasizes the need for employing and observing standards and credible settings for interoperability and sharing and using electronic health information given the fact that these standards can prove useful in designing modern systems [26, 27]. Investigating the implementation challenges of the HIS found the poor integration of different systems to be a potential source of problems [28]. In Hungary, Aggod-Feko found HISs capable of communicating within hospitals, although they reported limited potential for inter-communication with outside the hospital [29]. Investigating the acceptability of the health information technology in seven industrial countries suggested that, despite their popularity, EHRs were yet lagging behind the health information exchange [23]. Numerous studies also reported very low levels of interoperability among HISs as low scores in assessments [30,31,32,33]. The lack of interoperability among HISs increases paperwork [34] and restricts healthcare organizations’ use of the product portfolio of a software supplier in a way that their data can be stored in the specific format of the supplier and cannot be easily transferred to other systems [35]. According to users, working with integrated systems could reduce working hours and increase work speed [6]. A high-performance information exchange system can indirectly contribute to nursing care [36] and reduce patient re-admission rates [37]. The HIS failure in terms of information exchange imposes financial burdens on hospitals and causes failure to refund the costs to healthcare organizations [38]. Exchanging information among HISs also helps reduce the costs of clinical communication among healthcare providers and transmission of laboratory and imaging reports [39]. Investigating Electronic Medical Records (EMRs) by Walker et al. showed that interoperability and health information exchange can result in an annual saving of $77 million [40]. A unified and centralized EHR approach for individual patients requires the provision of regional Electronic Patient Records (EPRs) with some degree of internal exchange [41], although the integration of HISs into other systems is known as the main feature of the fourth and current HIS generation [6]. A special attention should be paid to proposing a framework of communication service requirements for the HIS that includes information exchange standards at the system design phase given the following points: a) the key role of information exchange in information systems, b) the need for developing interoperable systems, c) prevention of organizational dependence on the products of a particular company, d) the effect of a lack of data integrity on treatment and costs and e) inhibiting the development and implementation of EHRs by heterogeneous software forests.

The system architecture was an important domain of the technical requirements. Compliance with the system architecture requirements in the study HISs were found to be proper (65.5%), which were yet lower than that of two other domains. In software development, system architecture determines the system development model and tools and environment development [42]. Multiple distributed systems developed in different programming languages demand more mechanisms in terms of practical communication [43]. Moreover, service-oriented architectures can be used to define IT infrastructures that enable different programs to exchange data and cooperate in the business process regardless of the type of the operating system and programming language through which the program is designed. Moreover, diverse healthcare programs can be run on the web based on messaging standards to exchange office and clinical data [44]. Systems designed based on diverse types of platforms and programming languages appear to make it difficult to develop HIS projects by creating numerous heterogeneous systems in an organization. Employing open-source tools, web-based implementation and supported standards as part of the framework of system architecture requirements can therefore assist with future software development.

Evaluating the information systems of the study population showed good levels (72.4%) of meeting security service as a domain of the technical requirements. Security issues hinder the application and implementation of information systems in the healthcare sector [45]. Security concerns associated with EHRs have also been reflected in literature [46,47,48]. Moreover, levels of technical security were reported as high in some health centers and moderate in certain hospitals [49]. In yet other studies, over 50% of respondents reported the security of their health data at good/moderate levels [32, 50]. Research suggests neither a specific policy for patient access to information nor a punishment for unauthorized access to information. Users can access the system using the same password with no time limitation given that no expiration dates are usually defined for the passwords [49]. The system must incorporate security mechanisms for controlling user access in terms of tasks or classified access [51]. An effective access control system ensures that only authorized users can access system resources [4]. On the other hand, the HIS should provide easy access to healthcare information at healthcare institutions [52]. The user-friendly techniques commonly used to guarantee data confidentiality and user validation include setting passwords, biometric techniques, smart cards and certifications [53]. The access control mechanisms attempt to prevent illegal operations before they occur [54]. According to the majority of IT experts, making a backup should be given top priority over the other security requirements of nursing data in EHRs [55]. Providing encrypted incremental backups for information was reported as a security measure in EHRs protection [56]. Given the effects of the HIS used for the security management of patient data on the care quality, the rights of patients and healthcare professionals and their working practices [57], patients may withdraw their information owing to their distrust of the HIS security, which is health-threatening [58]. Solving the security and privacy problems of the HIS is therefore crucial for meeting potential data protection challenges [59]. Hospital authorities should follow a standardized set of instructions to enhance information security [60, 61]. Different researchers have reported different security levels. Given the key role of data in providing patient care, data backups and data access control are known as the major security concerns of the systems. The implemented HIS should therefore incorporate a security framework that guarantees system security and facilitates access to information for authorized individuals.

The HISs evaluation showed good levels (76.3%) of meeting system response time as a domain of HIS ​​technical requirements approved by the experts. System response time is a major technical challenge of the HIS [28, 62]. The dissatisfaction with this domain highlighted in numerous studies was reported as an obstacle to applying EHRs and the main reason for their abandonment by users [62,63,64]. Organizations that heavily depend on computerized systems to deliver patient care require downtime as low as 0% and business continuity procedures to ensure safety and patient care continuity [65]. Timely high-speed system access identified as an important efficiency factor is therefore a general technical dimension of the HIS [51, 52]. A low system response time reduces the likelihood of the acceptance of the system by users and its successful implementation [66]. To enhance the system efficiency and consequently user satisfaction, the importance of the requirements for system response time is recommended to be emphasized when selecting the system.


A 73-item framework was designed to address all the HIS technical requirements in four domains, i.e. communication service, system architecture, security service and system response time. The possibility of defining and adding other items to this framework to meet the requirements for individual HISs makes it applicable to different settings. It can therefore benefit other countries depending on their degree of development and progress in implementing the HIS. These requirements can be used in the lifecycle of information systems to help customers select a system that meets minimum user requirements for the HIS. Determining these requirements can also assist the designers and developers of HISs in adapting the software program to user needs. Evaluating the HIS in the study population suggested good scores in meeting HIS technical requirements, although communication service and system architecture respectively received the lowest scores. Constantly developing heterogeneous HISs in hospitals makes the integration of these systems difficult to achieve given their different designs and their implementation according to different principles. The difficult transfer of the patient data stored in these systems to other systems is also a major challenge and obstacle to establishing interoperability among different systems in terms of developing EHRs and modifying the systems according to the individual needs of organizations and users. Sending the results of evaluating the HIS as feedback to software providers can assist them in improving their programs and meeting technical requirements.

Availability of data and materials

The datasets used and/or analyzed in the present study can be made available by the corresponding author upon official requests.



Domain Name System


Electronic Health Records


Electronic Patient Records


Electronic Medical Records


Entity Relationship Diagram


Focus Group Discussion


Hospital Information System


Information Technology


Internet Protocol


Machine Access Control


Request for Proposal


Rational Unified Process


Unified Modeling Language


  1. Farzandipur M. Factors affecting successful implementation of hospital information systems. Acta Inform Med. 2016;24(1):51.

    Article  PubMed  PubMed Central  Google Scholar 

  2. Negash S, Musa P, Vogel D, Sahay S. Healthcare information technology for development: improvements in people’s lives through innovations in the uses of technologies. Inform Thecnol Dev. 2018;24(2):189–97.

    Article  Google Scholar 

  3. Haux R. Health information systems–past, present, future. Int J Med Inform. 2006;75(3–4):268–81.

    Article  PubMed  Google Scholar 

  4. Malliarou M, Zyga S. Advantages of information systems in health services. Choregia. 2009;5(2):43–53.

    Google Scholar 

  5. Zandieh SO, Yoon-Flannery K, Kuperman GJ, Langsam DJ, Hyman D, Kaushal R. Challenges to EHR implementation in electronic-versus paper-based office practices. J Gen Intern Med. 2008;23(6):755–61.

    Article  PubMed  PubMed Central  Google Scholar 

  6. Sagiroglu O, Ozturan M. Implementation difficulties of hospital information systems. Inform Tec J. 2006;5(5):892–9.

    Article  Google Scholar 

  7. Hebda T, Czar P, Mascara C. Handbook of informatics for nurses and health care professionals.3td ed. Upper Saddle River: Pearson Prentice Hall; 2005.

  8. Sequist TD, Cullen T, Hays H, Taualii MM, Simon SR, Bates DW. Implementation and use of an electronic health record within the Indian Health Service. J Am Med Inform Assoc. 2007;14(2):191–7.

    Article  PubMed  PubMed Central  Google Scholar 

  9. Blumenthal D. Implementation of the federal health information technology initiative. N Engl J Med. 2011;365(25):2426–31.

    Article  CAS  PubMed  Google Scholar 

  10. Al-shawi M. CCDE Study Guide: Cisco Press; 2015.

    Google Scholar 

  11. Ojo AI, Popoola SO. Some correlates of electronic health information management system success in Nigerian teaching hospitals. Biomed Inform Insights. 2015;7:1–9.

    Article  CAS  PubMed  PubMed Central  Google Scholar 

  12. Mirani N, Ayatollahi H, Haghani H. A survey on barriers to the development and adoption of electronic health records in Iran. J Health Administration (JHA). 2013;15(50):65–75.

    Google Scholar 

  13. Farzandipour M, Meidani Z, Gilasi H, Dehghan R. Evaluation of key capabilities for hospital information system: a milestone for meaningful use of information technology. Ann Trop Med Public Health. 2017;10(6):1579–86.

    Article  Google Scholar 

  14. Garavand A, Samadbeik M, Asadi H, Abhari S. Readiness of Shiraz teaching hospitals to implement Electronic Medical Record (EMR). J Health Manag Informatics. 2016;3(3):82–8.

    Google Scholar 

  15. Lloyd D, Kalra D. EHR requirements. Stud Health Technol Inform. 2003;96:231-7.

  16. Sadoughi F, Sarsarshahi A, Eerfannia I, Firouzabad S. Ranking evaluation factors in hospital information systems. Human Veterinary Med. 2016;8(2):92–7.

    Google Scholar 

  17. Safdari R, Ghazisaeidi M, Jebraeily M. Electronic health records: critical success factors in implementation. Acta Inform Med. 2015;23(2):102–4.

    Article  PubMed  PubMed Central  Google Scholar 

  18. Tello VG, Rodríguez JÁ, Reiz AN, Sánchez JG, de Barbará AHA, Fresneda MM, Valdeolmillos PM, Arfelis JN, Varela IP, Chicharro MC. Technical and functional standards and implementation of a clinical information system in intensive care units. Med Int. 2011;35(8):484–96.

    Google Scholar 

  19. Amiresmaili M, Zarei L, Sheibani E, Arabpur A. Evaluation of the indicators of hospital information system. Health Inform Manag. 2013;10(1):1–13.

    Google Scholar 

  20. Garavand A, Samadbeik M, Kafashi M, Abhari S. The identification and classification of deployment challenges related to electronic health records: a review article. Shiraz E-Med J. 2016;17(2):e33304.

    Article  Google Scholar 

  21. Ministry of Health and Medical Education, Statistics and Information Technology Office. The Results of Performance Evaluation Hospital Information System Software,2010.

    Google Scholar 

  22. Farzandipour M, Ahmadi M, Sadoughi F. Adopting confidentiality principles for electronic health records in Iran: a Delphi study. J Med Syst. 2011;35(3):333–43.

    Article  PubMed  Google Scholar 

  23. Jha AK, Doolan D, Grandt D, Scott T, Bates DW. The use of health information technology in seven nations. Int J Med Inform. 2008;77(12):848–54.

    Article  PubMed  Google Scholar 

  24. Farzandipour M, Meidani Z, Riazi H, Sadeqi JM. Task-specific usability requirements of electronic medical records systems: lessons learned from a national survey of end-users. Inform Health Soc Care. 2018;43(3):280–99.

    Article  PubMed  Google Scholar 

  25. Keeney S, McKenna H, Hasson F. The Delphi technique in nursing and health research. Wiley; 2010.

  26. Huang Q, Yin Q. Study on Electronic Health Record and its Implementation. Master Thesis. Kristianstad University, Kristianstad, Sweden; 2012.

  27. Office of the National Coordinator for Health Information Thechnology. Report to Congress on Health Information Blocking. Washington, DC: Department of Health and Human Services; 2015.

    Google Scholar 

  28. Khalifa M. Technical and human challenges of implementing hospital information systems in Saudi Arabia. J Health Inform Dev Ctries. 2014;8(1):12–25.

    Google Scholar 

  29. Aggod-Feko A. The role of hospital information Systems in Successful Health and eHealth Services in Hungary and in international dimension. LESIJ-Lex ET Scientia Int J. 2010;17(1):456–66.

    Google Scholar 

  30. Carr CD, Moore SM. IHE: a model for driving adoption of standards. Comput Med Imaging Graph. 2003;27(2):137–46.

    Article  PubMed  Google Scholar 

  31. Farzandipour M, Meidani Z, Sadeqi Jabali M, Dehghan BR. Designing and evaluating functional laboratory information system requirements integrated to hospital information systems. J Eval Clin Pract. 2019;25(5):788–99.

    Article  PubMed  Google Scholar 

  32. Kang’a S, Puttkammer N, Wanyee S, Kimanga D, Madrano J, Muthee V, et al. A national standards-based assessment on functionality of electronic medical records systems used in Kenyan public-sector health facilities. Int J Med Inform. 2017;97:68–75.

    Article  PubMed  Google Scholar 

  33. Shah GH, Leider JP, Luo H, Kaur R. Interoperability of information systems managed and used by the local health departments. J Public Health Manag Pract. 2016;22(Suppl 6):S34–43.

    Article  PubMed  PubMed Central  Google Scholar 

  34. Brailer DJ. Interoperability: The Key To The Future Health Care System: Interoperability will bind together a wide network of real-time, life-critical data that not only transform but become health care. Health Aff (Millwood). 2005;24(Suppl1):W5–19-W15–21.

    Article  Google Scholar 

  35. Handel DA, Wears RL, Nathanson LA, Pines JM. Using information technology to improve the quality and safety of emergency care. Acad Emerg Med. 2011;18(6):e45–51.

    Article  PubMed  Google Scholar 

  36. Farzandipour M, Meidani Z, Riazi H, Jabali MS. Nursing information systems requirements: a milestone for patient outcome and patient safety improvement. Comput Inform Nurs. 2016;34(12):601–12.

    Article  PubMed  Google Scholar 

  37. Estes SL, Kelemen A, Liang Y, Constanine DR. Electronic health record vendors in reducing hospital readmission rates: promoting interoperability. Comput Inform Nurs. 2016;1(2):6–14.

    Google Scholar 

  38. Khajouei R, Abbasi R, Mirzaee M. Errors and causes of communication failures from hospital information systems to electronic health record: a record-review study. Int J Med Inform. 2018;119(2018):47–53.

    Article  PubMed  Google Scholar 

  39. Sprivulis P, Walker J, Johnston D, Pan E, Adler-Milstein J, Middleton B, Bates DW. The economic benefits of health information exchange interoperability for Australia. Aust Health Rev. 2007;31(4):531–9.

    Article  PubMed  Google Scholar 

  40. Walker J, Pan E, Johnston D, Adler-Milstein J, Bates DW, Middleton B. The Value Of Health Care Information Exchange And Interoperability: There is a business case to be made for spending money on a fully standardized nationwide system. Health Aff (Millwood). 2005;24(Suppl1):W5–10-W15–18.

    Article  Google Scholar 

  41. Wainer J, Campos C, Salinas M, Sigulem D. Security requirements for a lifelong electronic health record system: An opinion. Open Med Inform J. 2008;2:160–5.

    Article  CAS  PubMed  PubMed Central  Google Scholar 

  42. Zhan X, Liu X. Design and implementation of clinic appointment registration system. Engineering. 2013;5(10):527–9.

    Article  Google Scholar 

  43. Kitsiou S, Manthou V, Vlachopoulou M. A framework for the evaluation of integration technology approaches in healthcare. Paper presented at the IEEE International Special Topic Conference on Information Technology in Biomedicine. Ioannina, Greece; 2006:28–30.

  44. Yang T-H, Sun YS, Lai F. A scalable healthcare information system based on a service-oriented architecture. J Med Syst. 2011;35(3):391–407.

    Article  PubMed  Google Scholar 

  45. Tieu L, Sarkar U, Schillinger D, Ralston JD, Ratanawongsa N, Pasick R, Lyles CR. Barriers and facilitators to online portal use among patients and caregivers in a safety net health care system: a qualitative study. J Med Intern Res. 2015;17(12):e275.

    Google Scholar 

  46. Chhanabhai P, Holt A. Consumers are ready to accept the transition to online and electronic records if they can be assured of the security measures. MedGenMed. 2007;9(1):8.

    PubMed  PubMed Central  Google Scholar 

  47. Kirchner H, Prokosch H, Dudeck J, Jöckel K, Lehmacher W, Gesenhues S. Querschnittsbefragung von 8.000 BARMER-Versicherten zu Erwartungen und Einsatz einer elektronischen Gesundheitsakte [Survey on expectations and implementation of an electronic health record, in German]. Procceeding of the Annual Meeting of the GMDS,Essen,September 7–10, 2009.

  48. Zurita L, Nøhr C. Patient opinion-EHR assessment from the users perspective. Stud Health Technol Inform. 2004;107(Pt2):1333–6.

    PubMed  Google Scholar 

  49. Mehraeen E, Ayatollahi H, Ahmadi M. Health information security in hospitals: the application of security safeguards. Acta Inform Med. 2016;24(1):47–50.

    Article  PubMed  PubMed Central  Google Scholar 

  50. Yeboah ZS. The role of information and communication technology in health information system of the Afigya Sekyere District, Ghana [MSc thesis]. Department of Community Health, School of Medical Sciences,College of Health Sciences, Kwame Nkrumah University of Science and Technology; 2008.

  51. Heu, Centre For Health Economics. Technical Specifications, National Health Insurance Information System. The University of the West Indies; 2011.

  52. Mohan J, Yaacob RRR. The Malaysian Telehealth flagship application: a national approach to health data protection and utilisation and consumer rights. Int J Med Inform. 2004;73(3):217–27.

    Article  PubMed  Google Scholar 

  53. Chousiadis C, Mavridis I, Pangalos G. An authentication architecture for healthcare information systems. Health Inform J. 2002;8(4):199–204.

    Article  Google Scholar 

  54. Dekker MAC, Etalle S. Audit-based access control for electronic health records. Electronic Notes in Theoretical Computer Science(ENTCS). 2007; 168:221–236.

  55. Samadbeik M, Gorzin Z, Khoshkam M, Roudbari M. Managing the security of nursing data in the electronic health record. Acta Inform Med. 2015;23(1):39–43.

    Article  PubMed  PubMed Central  Google Scholar 

  56. Sittig DF, Belmont E, Singh H. Improving the safety of health information technology requires shared responsibility: it is time we all step up. Healthc. 2018;6(1):7–12.

    Article  Google Scholar 

  57. Harman LB, Flite CA, Bond K. Electronic health records: privacy, confidentiality, and security. Virtual Mentor. 2012;14(9):712–9.

    PubMed  Google Scholar 

  58. Ozair FF, Jamshed N, Sharma A, Aggarwal P. Ethical issues in electronic health records: a general overview. Perspec Clin Res. 2015;6(2):73–6.

    Article  Google Scholar 

  59. Fernández-Alemán JL, Señor IC, Lozoya PÁO, Toval A. Security and privacy in electronic health records: a systematic literature review. J Biomed Inform. 2013;46(3):541–62.

    Article  PubMed  Google Scholar 

  60. Cavalli E, Mattasoglio A, Pinciroli F, Spaggiari P. Information security concepts and practices: the case of a provincial multi-specialty hospital. Int J Med Inform. 2004;73(3):297–303.

    Article  PubMed  Google Scholar 

  61. Deshmukh P, Croasdell D. HIPAA: Privacy and Security in Health Care Networks. Information Ethics: Privacy and Intellectual Property. United States of America: IGI Global; 2005. p. 219–38.

  62. Hier DB, Rothschild A, LeMaistre A, Keeler J. Differing faculty and housestaff acceptance of an electronic health record. Int J Med Inform. 2005;74(7):657–62.

    Article  PubMed  Google Scholar 

  63. Cohen JF, Coleman E, Kangethe MJ. An importance-performance analysis of hospital information system attributes: a nurses' perspective. Int J Med Inform. 2016;86:82–90.

    Article  PubMed  Google Scholar 

  64. Kim HH, Cho K-W, Kim HS, Kim J-S, Kim JH, Han SP, Park CB, Kim S, Chae YM. New integrated information system for pusan national university hospital. Healthcare Inform Res. 2011;17(1):67–75.

    Article  Google Scholar 

  65. Wager KA, Lee FW, Glaser JP: Health care information systems: a practical approach for health care management. 4td ed. San Francisco: Wiley; 2017.

  66. Berg M. Implementing information systems in health care organizations: myths and challenges. Int J Med Inform. 2001;64(2–3):143–56.

    Article  CAS  PubMed  Google Scholar 

Download references


The authors would like to express their gratitude to the esteemed Vice-Chancellor of Kashan University of Medical Sciences and the management and personnel of the IT units of the study hospitals and medical science universities for their cooperation.


The present research was supported by the Research Council of Kashan University of Medical Sciences [grant number: 91120] and did not receive any grants from nonprofit organizations and funding agencies in the public and commercial sectors.

Author information

Authors and Affiliations



MF made substantial contributions to the conception, drafting and design as well as acquisition of funding. MSJ and RDB participated in data collection and performed the statistical analysis. ZM and EN contributed to manuscript drafting, revision and approval and MF was in charge of the general supervision of the research group. The author(s) read and approved the final manuscript.

Corresponding author

Correspondence to Mehrdad Farzandipour.

Ethics declarations

Ethics approval and consent to participate

The present study was approved by the Research Ethics Committee of Kashan University of Medical Sciences Research Council (Number: 90056). All the participants were verbally invited to participate in the study. According to the Declaration of Helsinki, the study goals were stated to the participants and they were assured that their information would be confidential and would not be published in the article. The subjects willing to participate signed written informed consent forms.

Consent for publication

Not applicable.

Competing interests

The authors declare that they have no competing interests.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Supplementary information

Additional file 1.

Technical requirements questionnaire.

Rights and permissions

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit The Creative Commons Public Domain Dedication waiver ( applies to the data made available in this article, unless otherwise stated in a credit line to the data.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Farzandipour, M., Meidani, Z., Nabovati, E. et al. Technical requirements framework of hospital information systems: design and evaluation. BMC Med Inform Decis Mak 20, 61 (2020).

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: