We must all obey the great law of change. It is the most powerful law of nature.
—EDMUND BURKE (1729–1797), BRITISH POLITICAL WRITER
What is data? At first glance, this may seem like a simple question with a simple answer. Words such as information, captured results, statistics, numbers, and records may come to mind. In the context of e-health, consider data as defined and undefined information. Defined data is information that has an assigned meaning or significance. Undefined information, therefore, is data that appears without an assigned meaning or significance. Both defined and undefined information generates new discoveries and understanding. A comprehensive understanding of data and its purpose provides the framework for auditing any e-infrastructure or exchanges between infrastructures. A well-defined data dictionary is therefore crucial to the success of e-health audits.
The Institute of Internal Auditors provides the following definition of internal audit:
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.1
From an audit perspective, analysis ...