Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach

Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach

Effective risk prioritization in healthcare informatics is critical for safeguarding operational continuity and patient safety. Traditional risk management frameworks in healthcare cannot often holistically address technical vulnerabilities and operational urgencies. To overcome this limitation, th...

Full description

Saved in:
Bibliographic Details
Main Author: Cecilio Jr GARCIANO
Format: Article
Language:English
Published: Iuliu Hatieganu University of Medicine and Pharmacy, Cluj-Napoca 2025-05-01
Series:Applied Medical Informatics
Subjects:
Risk Priority Number (RPN)
Common Vulnerability Scoring System (CVSS)
Information Technology Infrastructure Library (ITIL)
Healthcare Informatics
Risk Assessment
Online Access:https://ami.info.umfcluj.ro/index.php/AMI/article/view/1104
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1850100437187821568
author Cecilio Jr GARCIANO
author_facet Cecilio Jr GARCIANO
author_sort Cecilio Jr GARCIANO
collection DOAJ
description Effective risk prioritization in healthcare informatics is critical for safeguarding operational continuity and patient safety. Traditional risk management frameworks in healthcare cannot often holistically address technical vulnerabilities and operational urgencies. To overcome this limitation, this study introduces a novel Risk Priority Number (RPN) calculator that integrates the Common Vulnerability Scoring System (CVSS) and the Information Technology Infrastructure Library (ITIL) into a single, unified risk assessment model. Developed using Python and PyQt5, the standalone application was validated using 20 synthesized hospital IT (Information Technology) issues at Peamount Healthcare, including examples such as system clock-in failures, annual leave miscalculations, and scheduling errors. The scoring algorithm employs weighted formulas: 60% weight is assigned to technical severity (CVSS), and 40% to operational urgency and impact (ITIL), providing a comprehensive view of each issue’s priority level. The tool categorized 40% of the issues as high-priority and 20% as critical, demonstrating the calculator's ability to triage risks effectively. The scale of impact included payroll disruptions, workflow inefficiencies, and delays in patient service processing—issues that affect both compliance and staff productivity. The combined CVSS-ITIL approach significantly enhances the accuracy of healthcare risk prioritization, providing actionable, standards-aligned recommendations. Future development aims to incorporate artificial intelligence for automated risk detection and broader usability across healthcare settings. The application represents a scalable, research-driven innovation that supports operational resilience and decision-making in critical healthcare infrastructures.
format Article
id doaj-art-37b2f588f82d46fe856a8cf9599ddddc
institution DOAJ
issn 2067-7855
language English
publishDate 2025-05-01
publisher Iuliu Hatieganu University of Medicine and Pharmacy, Cluj-Napoca
record_format Article
series Applied Medical Informatics
spelling doaj-art-37b2f588f82d46fe856a8cf9599ddddc2025-08-20T02:40:18ZengIuliu Hatieganu University of Medicine and Pharmacy, Cluj-NapocaApplied Medical Informatics2067-78552025-05-0147Suppl. 1Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework ApproachCecilio Jr GARCIANO0Peamount Healthcare Effective risk prioritization in healthcare informatics is critical for safeguarding operational continuity and patient safety. Traditional risk management frameworks in healthcare cannot often holistically address technical vulnerabilities and operational urgencies. To overcome this limitation, this study introduces a novel Risk Priority Number (RPN) calculator that integrates the Common Vulnerability Scoring System (CVSS) and the Information Technology Infrastructure Library (ITIL) into a single, unified risk assessment model. Developed using Python and PyQt5, the standalone application was validated using 20 synthesized hospital IT (Information Technology) issues at Peamount Healthcare, including examples such as system clock-in failures, annual leave miscalculations, and scheduling errors. The scoring algorithm employs weighted formulas: 60% weight is assigned to technical severity (CVSS), and 40% to operational urgency and impact (ITIL), providing a comprehensive view of each issue’s priority level. The tool categorized 40% of the issues as high-priority and 20% as critical, demonstrating the calculator's ability to triage risks effectively. The scale of impact included payroll disruptions, workflow inefficiencies, and delays in patient service processing—issues that affect both compliance and staff productivity. The combined CVSS-ITIL approach significantly enhances the accuracy of healthcare risk prioritization, providing actionable, standards-aligned recommendations. Future development aims to incorporate artificial intelligence for automated risk detection and broader usability across healthcare settings. The application represents a scalable, research-driven innovation that supports operational resilience and decision-making in critical healthcare infrastructures. https://ami.info.umfcluj.ro/index.php/AMI/article/view/1104Risk Priority Number (RPN)Common Vulnerability Scoring System (CVSS)Information Technology Infrastructure Library (ITIL)Healthcare InformaticsRisk Assessment
spellingShingle Cecilio Jr GARCIANO
Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach
Applied Medical Informatics
Risk Priority Number (RPN)
Common Vulnerability Scoring System (CVSS)
Information Technology Infrastructure Library (ITIL)
Healthcare Informatics
Risk Assessment
title Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach
title_full Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach
title_fullStr Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach
title_full_unstemmed Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach
title_short Enhancing Risk Prioritization in Healthcare Informatics: A Combined Vulnerability Scoring and Operational Framework Approach
title_sort enhancing risk prioritization in healthcare informatics a combined vulnerability scoring and operational framework approach
topic Risk Priority Number (RPN)
Common Vulnerability Scoring System (CVSS)
Information Technology Infrastructure Library (ITIL)
Healthcare Informatics
Risk Assessment
url https://ami.info.umfcluj.ro/index.php/AMI/article/view/1104
work_keys_str_mv AT ceciliojrgarciano enhancingriskprioritizationinhealthcareinformaticsacombinedvulnerabilityscoringandoperationalframeworkapproach

Similar Items