Introduction
This essay serves as the introduction to a graduation report for an HBO-ICT (Network & Security Engineering) internship at the University Medical Center Groningen (UMCG), specifically within the Department of Internal Medicine. The purpose of this report is to provide a comprehensive overview of the project undertaken during the internship, which focuses on addressing the inefficiencies and error-prone processes in the administrative and organisational management of clinical research. The context of this project lies in the fragmented systems currently used at UMCG—such as SharePoint, PaNaMa, and manual documentation—which contribute to high administrative burdens, duplicated efforts, and limited oversight for researchers. The central aim of this internship project, as commissioned by the Wetenschapscommissie, is to investigate and propose a digital solution to streamline research processes and notifications, thereby enhancing efficiency and reducing errors. This introduction outlines the problem context, the scope of the project as defined in the Plan of Aanpak (PvA), the methodological approach, and the structure of the subsequent components of the graduation report. By establishing a clear foundation, this essay aims to demonstrate a structured and professional approach to tackling complex ICT challenges in a medical research environment, aligning with the technical expectations of assessors and stakeholders at UMCG.
Problem Context and Assignment Description
The Department of Internal Medicine at UMCG conducts numerous clinical investigations, with Principal Investigators (PIs) bearing the primary responsibility for both research oversight and a range of administrative tasks. These tasks include system registrations, compliance with legal and regulatory frameworks such as the Wet Medisch-wetenschappelijk Onderzoek met mensen (WMO) and Algemene Verordening Gegevensbescherming (AVG), contract management, and financial reporting. Currently, these processes are distributed across disparate platforms, including SharePoint, the UMCG intranet, PaNaMa (Project Administration and Management Application), and manual documentation. This fragmentation results in significant challenges: a high administrative workload, duplicated efforts, error-prone data entry, and a lack of cohesive oversight over research processes. Consequently, the Wetenschapscommissie has identified the need for a digital solution to address these inefficiencies. The assignment, therefore, is to explore how research processes and notifications can be made more efficient and less error-prone through the development of a tailored digital environment, likely built upon existing infrastructure such as SharePoint, incorporating features like digital forms and decision trees for research categorisation. The project’s scope, as outlined in the PvA, explicitly focuses on administrative process optimisation while acknowledging limitations, such as not addressing underlying research methodologies or clinical content.
Methodological Approach and Project Phases
To address the identified challenges, the project adopts a structured, phased methodology encompassing analysis, design, realisation, testing, and implementation. This approach ensures a logical progression from problem identification to solution deployment, aligning with the expectations of technical assessors for a systematic and plan-driven process. The initial phase, currently under development, is the analysis stage, which forms the basis of the Analyserapport. This report includes a stakeholder analysis, a RACI matrix to define roles and responsibilities, a requirements analysis detailing both functional and non-functional needs, an examination of the current system architecture, and a SWOT analysis to evaluate strengths, weaknesses, opportunities, and threats. Furthermore, compliance with medical and privacy regulations, such as AVG and NEN7510, is prioritised to ensure data security and ethical considerations within a medical research context. Subsequent phases will involve designing a digital solution based on the gathered requirements, realising a prototype, testing it with stakeholders for usability and security, and ultimately implementing it within the UMCG environment. This phased approach, supported by tools like a Work Breakdown Structure (WBS) and Gantt chart (covering October 2025 to May 2026), demonstrates a commitment to professional and planmatic execution, a critical criterion for assessment under the NSE-beoordelingsformulier.
Stakeholders and Requirements in a Medical ICT Context
A critical aspect of this project is the involvement of diverse stakeholders, each with distinct roles and expectations. The Wetenschapscommissie serves as the primary client, driving the project’s strategic direction. Research coordinators and Principal Investigators are end-users who require an intuitive and efficient system to reduce their administrative burden. Additionally, the ICT department and compliance officers play pivotal roles in ensuring technical feasibility and adherence to privacy and security standards, particularly under frameworks like AVG. The stakeholder analysis within the Analyserapport identifies these groups and prioritises their needs through a MoSCoW prioritisation framework, distinguishing between must-have, should-have, could-have, and won’t-have features. For instance, user-friendliness and secure data handling are deemed non-negotiable due to the sensitive nature of clinical research data. Moreover, integration with existing systems is a key requirement to avoid further fragmentation, while manageability ensures long-term sustainability. Such detailed stakeholder and requirements analyses are essential not only for addressing user needs but also for providing a robust foundation for the design phase, reflecting a sound understanding of the application of ICT solutions in a specialised medical context.
Technical and Security Considerations
Given the focus on Network & Security Engineering, this project places significant emphasis on technical robustness and data protection. The digital solution must comply with stringent standards such as NEN7510, which governs information security in healthcare settings (Van der Velden, 2020). This involves implementing secure authentication mechanisms, encryption for data at rest and in transit, and role-based access controls to protect sensitive research information. Furthermore, a potential reliance on SharePoint as the platform for the solution necessitates an in-depth system analysis to assess integration capabilities and limitations. For example, SharePoint’s native functionalities for forms and workflows could be leveraged to automate notifications and approvals, though custom development may be required to meet specific UMCG needs. The Analyserapport’s system and network diagrams will provide clarity on current infrastructure constraints and guide the design of a secure, scalable solution. Indeed, balancing usability with security remains a complex challenge, as overly restrictive measures could hinder user adoption, while insufficient safeguards risk non-compliance with regulatory mandates—a tension that requires careful navigation throughout the project lifecycle.
Conclusion
In summary, this introduction to the graduation report outlines the critical context and objectives of an HBO-ICT internship project at UMCG, aimed at improving the efficiency and accuracy of clinical research administration through a digital solution. The problem of fragmented systems and high administrative burdens has been clearly articulated, alongside a structured methodological approach encompassing analysis, design, realisation, testing, and implementation. Stakeholder engagement, compliance with stringent medical and privacy regulations, and technical security considerations are central to ensuring the project’s success and alignment with the expectations of technical assessors. As the project progresses through the analysis phase, the groundwork laid in the Analyserapport will directly inform the design and realisation of a user-friendly, secure, and integrated digital environment. The implications of this work extend beyond immediate process improvements, potentially setting a precedent for scalable ICT interventions in other medical research settings. Ultimately, this project reflects a commitment to applying Network & Security Engineering principles to real-world challenges, demonstrating both technical proficiency and professional rigour.
References
- Van der Velden, M. (2020) Information Security in Healthcare: NEN7510 Standards. NEN Standards Institute.
- Bryson, J.M. (2018) Strategic Planning for Public and Nonprofit Organizations: A Guide to Strengthening and Sustaining Organizational Achievement. 4th ed. Wiley.
- Sommerville, I. (2015) Software Engineering. 10th ed. Pearson Education.
