An action framework for compliance and governance
Clinical Governance: An International Journal
ISSN: 1477-7274
Article publication date: 30 September 2014
Abstract
Purpose
The purpose of this paper is to propose a framework for clinical governance, in particular, the compliance of data privacy in a healthcare organisation.
Design/methodology/approach
The approach of the research was to highlight problem areas in compliance and governance risk management (governance, risk and compliance (GRC)) in general, and then identify knowledge in other domains that could be combined and applied to improve GRC management, and ultimately improve governance outcomes.
Findings
There is a gap in the literature is respect of systems and frameworks to assist organisations in managing the complex minutiae associated with compliance. This paper addresses this gap by proposing a “compliance action framework” which builds on work existing in other domains in relation to education, process control and governance.
Research limitations/implications
The present research provides a starting point for an implementation of the framework within a number of organisations, and opens questions for further research in the field.
Originality/value
The GRC framework proposed in this paper contributes to the state of the art, by proposing processes for improving the governance capability and compliance outcomes within an organisation for governance of data privacy risk and data protection.
Keywords
Acknowledgements
General attribution: Includes material copied from or derived from OCEG at http://oceg.org under the creative commons attribution-ShareAlike 3.0 unported license.
Citation
O’Neill, A. (2014), "An action framework for compliance and governance", Clinical Governance: An International Journal, Vol. 19 No. 4, pp. 342-359. https://doi.org/10.1108/CGIJ-07-2014-0022
Publisher
:Emerald Group Publishing Limited
Copyright © 2014, Emerald Group Publishing Limited