Electronic generation, transmission, and storage of health data have transformed patient care by making it easy to acquire, search, manipulate, and distribute large amounts of information. An electronic workflow facilitates direct patient care and can be used for purposes such as quality assurance and submission of health insurance claims. Information in the health record is also used for purposes not directly related to patient care, including insurance qualification, law enforcement, and litigation. Health information can, subject to specific safeguards, also be used for clinical research and for projects that improve public health. Systematic collection and storage of EMRs imposes the responsibility of protecting health information from unauthorized use, and patients and providers have legitimate concerns regarding the protection of their information.
The organization, delivery, and financing of modern healthcare require the aggregation and storage of personal health information. Privacy and security of health information are therefore crucial to the widespread adoption of electronic health records. The EMR contains intimate details about a person’s physical and mental health. Unauthorized access to this information can have devastating consequences for both healthcare providers and their patients. Unintentional release of information about disease processes, medication use, or visits to healthcare providers can result in stigmatization, difficulty in obtaining credit or employment, or disruption of friendships or family relationships. Most importantly, unintended release of information can result in a breach of trust between patient and physician. In response to these concerns, the European Union, United States, Australia, and Japan have all enacted stringent regulations that address the sharing and protection of health information. Compliance with these laws requires sophisticated information-management technologies. Information security encompasses physical protection of hardware, access control, data authentication, and encryption of sensitive information. This chapter discusses the privacy and security of the EMR and proposes strategies for protecting this valuable repository of information.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Electronic Privacy Information Center. Medical Privacy Public Opinion Polls.http://www.epic.org/privacy/medical/polls.html.Accessed November 15, 2007
The new threat to your medical privacy. Consum Rep 2006; 71(3):39–42
Agrawal R, Johnson C. Securing electronic health records without impeding the flow of information. Int J Med Inform 2007; 76(5–6):471–9
Sokol DK Car J. Patient confidentiality and telephone consultations: Time for a password. J Med Ethics 2006; 32(12):688–9
Gostin LO. National health information privacy: Regulations under the Health Insurance Portability and Accountability Act. JAMA 2001; 285(23):3015–21
Gostin LO. Public health law in a new century. Part III. Public health regulation: A systematic evaluation. JAMA 2000; 283(23):3118–22
Protection of Human Subjects, 56 Federal Register 28003 (1991) 45 CFR § 46
Samarati P, Sweeney L. Generalizing data to provide anonymity when disclosing information. In: Proceedings of the 17th ACM SIGMOD—SIGACT—SIGART Symposium on the Principles of Database Systems. New York: Association for Advanced Computing Machinery, 1988:188
Brooks RG, Menachemi N. Physicians' use of email with patients: Factors influencing electronic communication and adherence to best practices. J Med Internet Res 2006; 8(1):e2
Eysenbach G, Diepgen TL. Responses to unsolicited patient e-mail requests for medical advice on the World Wide Web. JAMA 1998; 280(15):1333–5
Kane B, Sands DZ. Guidelines for the clinical use of electronic mail with patients. The AMIA Internet Working Group, Task Force on Guidelines for the Use of Clinic-Patient Electronic Mail. J Am Med Inform Assoc 1998; 5(1):104–11
Kelly G, McKenzie B. Security, privacy, and confidentiality issues on the Internet. J Med Internet Res 2002; 4(2):E12
Schütze B, Kämmerer M, Klos G, et al. The public-key infrastructure of the Radiological Society of Germany. Eur J Radiol 2006; 57(3):323–8
Schneier B. Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd ed. Hoboken, NJ: Wiley, 1995:784
Pharow P, Blobel B. Electronic signatures for long-lasting storage purposes in electronic archives. Int J Med Inform 2005; 74(2–4):279–87
16. Lekkas D, Gritzalis D. Long-term verifiability of the electronic healthcare records’ authenticity. Int J Med Inform 2007; 76(5–6):442–8
Pharow P, Blobel B. Time stamp services for trustworthy health communications. Stud Health Technol Inform 2002; 90:118–22
Hartung F, Kutter M. Multimedia watermarking techniques. Proc IEEE 2006; 87(7):1079–107
Giakoumaki A, Pavlopoulos S, et al. Multiple image watermarking applied to health information management. IEEE Trans Inf Technol Biomed 2006; 10(4):722–32
Liu CT, Yang PT, Yeh YT, Wang BL. The impacts of smart cards on hospital information systems—An investigation of the first phase of the national health insurance smart card project in Taiwan. Int J Med Inform 2006; 75(2):173–81
21. Sokol DK, Car J. Protecting patient confidentiality in telephone consultations in general practice. Br J Gen Pract 2006; 56:384–5
Yen H. IDs of active military personnel on stolen laptop. Associated Press, June 4, 2006. http://www.heraldtribune.com/apps/pbcs.dll/article?AID=/20060604/BREAKING/60604004. Accessed December 20, 2007
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag London Limited
About this chapter
Cite this chapter
Gibby, G., Ruskin, K.J. (2008). Security of Health Information. In: Anesthesia Informatics. Health Informatics. Springer, New York, NY. https://doi.org/10.1007/978-0-387-76418-4_23
Download citation
DOI: https://doi.org/10.1007/978-0-387-76418-4_23
Publisher Name: Springer, New York, NY
Print ISBN: 978-0-387-76417-7
Online ISBN: 978-0-387-76418-4
eBook Packages: MedicineMedicine (R0)