Multimedia Tools and Applications

, Volume 74, Issue 7, pp 2391–2404 | Cite as

Comparison of knowledge, attitudes, and trust for the use of personal health information in clinical research

  • Mi Jung Rho
  • Kwang Soo Jang
  • Kyung-Yong Chung
  • In Young Choi


As interest in the use of electronic medical record data for clinical research has increased, the protection of personal health information has become increasingly important. The Privacy Rule, established by the Health Insurance Portability and Accountability Act in 1996, proposed the concept of Protected Health Information (PHI) to restrict the use of personal health information from clinical settings. Because researchers and patients are not familiar with PHI despite its importance, our study aimed to find out the effect of the different knowledge, attitudes and levels of trust regarding personal health information on the use of them for clinical research. We collected 267 paper and online surveys from three groups: a clinical researcher group (n = 113), a non-clinical researcher group (n = 72) and a patient group (n = 82). The collected data were analyzed using one-way ANOVA depending on the three groups. We calculated the percentages of correct answers and incorrect answers to 40 questions related to PHI to determine the level of knowledge. Although the three groups had significantly different knowledge of PHI (p < 0.01), all three groups correctly understood that social security numbers and bank account numbers were Protected Health Information. In contrast, all three of the groups misunderstood that the physician’s name, discharge date, and admission date were not non-PHI items. In addition, the three groups had significantly different attitudes and levels of trust regarding the use of PHI for clinical research (p < 0.05); however, all of the groups had favorable attitudes toward using and disclosing medical data in clinical research. Interestingly, although the three groups strongly agreed regarding the protection of the confidentiality of PHI, the patient groups trusted that hospitals would maintain a high level of PHI protection. The attitude toward using health information for clinical research was found to be favorable, but all of the groups were confused regarding date items. These results indicate that more education about PHI is required to protect identifiable health information. In particular, researcher groups, including both clinical and non-clinical researchers, must completely understand the protection of personal information to gain trust from patient groups.


Electronic Medical Record Protected Health Information HIPAA Privacy Rule 



This study was supported by a grant of the Korea Health technology R&D Project, Ministry of Health & Welfare, Republic of Korea (A112022).

Conflict of interest

We declare that we have no conflicts of interest.


  1. 1.
    Annas GJ (2003) HIPAA regulations-a new era of medical-record privacy? N Engl J Med 348(15):1486–1490CrossRefGoogle Scholar
  2. 2.
    Baumer D, Earp JB, Payton FC (2000) Privacy of medical records: IT implications of HIPAA. ACM SIGCAS Comput Soc 30(4):40–47CrossRefGoogle Scholar
  3. 3.
    Bélanger F, Crossler RE (2011) Privacy in the digital age: a review of information privacy research in information systems. MIS Quar 35(4):1017–1042Google Scholar
  4. 4.
    Brownstein JS, Murphy SN, Goldfine AB, Grant RW, Sordo M, Gainer V, Colecchi JA, Dubey A, Nathan DM, Glaser JP, Kohane IS (2010) Rapid identification of myocardial infarction risk associated with diabetes medications using electronic medical records. Diabetes Care 33(3):526–531CrossRefGoogle Scholar
  5. 5.
    Caine K, Hanania R (2013) Patients want granular privacy control over health information in electronic medical records. J Am Med Inform Assoc 20:7–15CrossRefGoogle Scholar
  6. 6.
    Choi IY, Lee JY, Choy S, Kim SK (2007) Comparison of the perception on health information privacy protection for electronic health record among patients, healthcare providers and administration groups. J Korean Soc Med Inform 13(03):197–205Google Scholar
  7. 7.
    Choi IY, Park SH, Park BJ, Chung BH, Kim CS, Lee HM, Byun SS, Lee JY (2013) Development of prostate cancer research database with the clinical data warehouse technology for direct linkage with electronic medical record system. Prostate Int 1(2):59–64CrossRefGoogle Scholar
  8. 8.
    Crawford AG, Cote C, Couto J, Daskiran M, Gunnarsson C, Haas K, Haas S, Nigam SC, Schuette R (2010) Prevalence of obesity, type II diabetes mellitus, hyperlipidemia, and hypertension in the United States: findings from the GE centricity electronic medical record database. Popul Health Manag 13(3):151–161CrossRefGoogle Scholar
  9. 9.
    Holman CDJ, Bass AJ, Rouse IL, Hobbs MST (1999) Population-based linkage of health records in Western Australia: development of a health services research linked database. Aust N Z J Public Health 23(5):453–459CrossRefGoogle Scholar
  10. 10.
    Kim SH, Chung KY (2013) Medical information service system based on human 3D anatomical model. Multimed Tools Appl. doi: 10.1007/s11042-013-1584-8 Google Scholar
  11. 11.
    King T, Brankovic L, Gillard P (2012) Perspectives of Australian adults about protecting the privacy of their health information in statistical databases. Int J Med Inform 81(4):279–289CrossRefGoogle Scholar
  12. 12.
    Kuo KM, Ma CC, Alexander JW (2013) How do patients respond to violation of their information privacy?. The Health Inform Manag J. 1–13 see doi: 10.12826/18333575.2013.0011.Ma
  13. 13.
    Kurtz G (2003) EMR confidentiality and information security. J Healthc Inf Manag 17(3):41–48MathSciNetGoogle Scholar
  14. 14.
    Lee SM (2008) The medical treatment information and medical treatment information protection. Kookmin Law ReviewGoogle Scholar
  15. 15.
    Leestma R (2003) Implementing technological safeguards to ensure patient privacy. Caring: Natl Assoc Home Care Mag 22(2):16–18Google Scholar
  16. 16.
    Liao KP, Cai T, Gainer V, Goryachev S, Zeng-treitler Q, Raychaudhuri S, Szolovits P, Churchill S, Murphy S, Kohane I, Karlson EW, Plenge RM (2010) Electronic medical records for discovery research in rheumatoid arthritis. Arthritis Care Res 62:1120–1127CrossRefGoogle Scholar
  17. 17.
    Longstaff D (2005) Contentious crop: harvesting information from electronic health records, Australian National University: Australian Primary Health Care Research InstituteGoogle Scholar
  18. 18.
    Meingast M, Roosta T, Sastry S (2006) Security and privacy issues with health care information technology. Engineering in medicine and biology society, 2006. EMBS ’06. 28th Annual International Conference of the IEEE. 5453–5458Google Scholar
  19. 19.
    Murff HJ, FitzHenry F, Matheny ME, Gentry N, Kotter KL, Crimin K, Dittus RS, Rosen AK, Elkin PL, Brown SH, Speroff T (2011) Automated identification of postoperative complications within an electronic medical record using natural language processing. JAMA 306(8):848–855CrossRefGoogle Scholar
  20. 20.
    Ness RB (2007) Influence of the HIPAA privacy rule on health research. JAMA 298(18):2164–2170CrossRefGoogle Scholar
  21. 21.
    O’Connor K (1994) Confidentiality, privacy and security concerns in the modern healthcare environment. Aust Comput J 26(3):70–74Google Scholar
  22. 22.
    Office of the Federal Privacy Commissioner, Australian Government. Getting in on the Act: the Review of the Private Sector Provisions of the Privacy Act 1988, 2005Google Scholar
  23. 23.
    Park MY, Yoon DY, Lee KY, Kang SY, Park IH, Lee SH, Kim WJ, Kam HJ, Lee YH, Kim JH, Park RW (2011) A novel algorithm for detection of adverse drug reaction signals using a hospital electronic medical record database. Pharmacoepidemiol Drug Saf 20(6):598–607CrossRefGoogle Scholar
  24. 24.
    Privacy Protection Act, Article 10465 (March 29, 2011)Google Scholar
  25. 25.
    Rothstein MA (2007) Health privacy in the electronic age. J Legal Med 28(4):487–501CrossRefGoogle Scholar
  26. 26.
    Rothstein MA (2010) Is deidentification sufficient to protect health privacy in research? Am J Bioeth 10(9):3–11CrossRefGoogle Scholar
  27. 27.
    Terry NP (2009) What’s wrong with health privacy. J Health Biomed Law 5:1–32Google Scholar
  28. 28.
    Whiddett R, Hunter I, Engelbrecht J, Handy J (2006) Patients’ attitudes towards sharing their health information. Int J Med Inform 75:530–541CrossRefGoogle Scholar
  29. 29.
    Willison DJ, Schwartz L, Abelson J, Charles C, Swinton M, Nothrup D, Thabane L (2007) Alternatives to project-specific consent for access to personal information for health research: what is the opinion of the Canadian public? J Am Med Inform Assoc 14:706–712CrossRefGoogle Scholar
  30. 30.
    Wilson JF (2006) Health insurance portability and accountability act privacy rule causes ongoing concerns among clinicians and researchers. Ann Intern Med 145(4):313–316CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  • Mi Jung Rho
    • 1
  • Kwang Soo Jang
    • 2
  • Kyung-Yong Chung
    • 3
  • In Young Choi
    • 1
  1. 1.Department of Medical InformaticsCollege of Medicine, The Catholic University of KoreaSeoulSouth Korea
  2. 2.Graduate School of Information SystemHanyang UniversitySeoulSouth Korea
  3. 3.School of Computer Information EngineeringSangji UniversityWonju-siSouth Korea

Personalised recommendations