AUTHOR=Jabin Md Shafiqur Rahman TITLE=Operational disruption in healthcare associated with software functionality issue due to software security patching: a case report JOURNAL=Frontiers in Digital Health VOLUME=Volume 6 - 2024 YEAR=2024 URL=https://www.frontiersin.org/journals/digital-health/articles/10.3389/fdgth.2024.1367431 DOI=10.3389/fdgth.2024.1367431 ISSN=2673-253X ABSTRACT=Despite many benefits, extensive deployment of Health Information Technology (HIT) systems in healthcare has encountered many challenges, particularly in telemetry concerning patient monitoring and its operational workflow. There is a need for such analyses to identify the underlying mechanism behind such issues since very limited research has been conducted on the study of software patching. This study is a reflection on what happened associated with software security patching and why it happened through the lens of an incident report to develop potential preventive and corrective strategies using qualitative analyses – inductive and deductive approaches. The incident was classified as a “software functionality” issue, and the consequence was an “incident with a noticeable consequence but no patient harm”, and the contributing factor was a software update, i.e., software patching. This report describes how insufficient planning of software patching, lack of training for healthcare professionals, inadequate contingency planning on unplanned disruption, and inappropriate system configuration can compromise healthcare quality and, thus, patient safety. We propose 15 preventive and corrective strategies grouped under four key areas based on the system approach and social-technical aspects of the patching process. The key areas are (i) preparing, developing, and deploying patches; (ii) training the frontline operators; (iii) ensuring contingency planning; and (iv) establishing configuration and communication between systems. These strategies are expected to minimize the risk of HIT-related incidents, enhance software security patch management in healthcare organizations, and improve patient safety. However, further discussion should be continued about general HIT problems connected to software security patching.