NCBI Bookshelf. A service of the National Library of Medicine, National Institutes of Health.
When you visit the doctor, information about you may be recorded in an office computer. Your tests may be sent to a laboratory or consulting physician. Relevant information may be transmitted to your health insurer or pharmacy. Your data may be collected by the state government or by an organization that accredits health care or studies medical costs. By making information more readily available to those who need it, greater use of computerized health information can help improve the quality of health care and reduce its costs. Yet health care organizations must find ways to ensure that electronic health information is not improperly divulged. Patient privacy has been an issue since the oath of Hippocrates first called on physicians to "keep silence" on patient matters, and with highly sensitive data--genetic information, HIV test results, psychiatric records--entering patient records, concerns over privacy and security are growing.
For the Record responds to the health care industry's need for greater guidance in protecting health information that increasingly flows through the national information infrastructure--from patient to provider, payer, analyst, employer, government agency, medical product manufacturer, and beyond. This book makes practical detailed recommendations for technical and organizational solutions and national-level initiatives.
For the Record describes two major types of privacy and security concerns that stem from the availability of health information in electronic form: the increased potential for inappropriate release of information held by individual organizations (whether by those with access to computerized records or those who break into them) and systemic concerns derived from open and widespread sharing of data among various parties.
The committee reports on the technological and organizational aspects of security management, including basic principles of security; the effectiveness of technologies for user authentication, access control, and encryption; obstacles and incentives in the adoption of new technologies; and mechanisms for training, monitoring, and enforcement.
For the Record reviews the growing interest in electronic medical records; the increasing value of health information to providers, payers, researchers, and administrators; and the current legal and regulatory environment for protecting health data. This information is of immediate interest to policymakers, health policy researchers, patient advocates, professionals in health data management, and other stakeholders.
Contents
- Committee On Maintaining Privacy And Security In Health Care Applications Of The National Information Infrastructure
- Computer Science And Telecommunications Board
- Commission On Physical Sciences, Mathematics, And Applications
- [The National Academies]
- Preface
- [Dedication]
- Executive Summary
- 1. Introduction
- 2. The Public Policy Context
- 3. Privacy and Security Concerns Regarding Electronic Health Information
- 4. Technical Approaches to Protecting Electronic Health Information
- Observed Technological Practices At Studied Sites
- Physical Security of Communications, Computer, and Display Systems
- Control of External Communication Links and Access
- Encryption
- Software Discipline
- System Backup and Disaster Recovery Procedures
- System Self-Assessment and Attention to Technological Awareness
- Site Visit Summary
- Key Issues In Using Technology To Protect Health Information
- Obstacles To Use Of Security Technology
- 5. Organizational Approaches to Protecting Electronic Health Information
- 6. Finding and Recommendations
- Bibliography
- Appendixes
- Appendix A Study Committee's Site Visit Guide
- Appendix B Individuals Who Briefed the Study Committee
- Appendix C National Library of Medicine Awards to Develop Health Care Applications of the National Information Infrastructure
- Appendix D Sections of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191) Related to the Privacy and Security of Electronic Health Information
- Appendix E Committee Biographies
NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance.
This report has been reviewed by a group other than the authors according to procedures approved by a Report Review Committee consisting of members of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine.
Support for this project was provided by the National Library of Medicine and the Warren Grant Magnuson Clinical Center of the National Institutes of Health and by the Massachusetts Health Data Consortium. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.
- NLM CatalogRelated NLM Catalog Entries
- Working towards a national health information system in Australia.[Medinfo. 1995]Working towards a national health information system in Australia.Bomba B, Cooper J, Miller M. Medinfo. 1995; 8 Pt 2:1633.
- Security of electronic medical information and patient privacy: what you need to know.[J Am Coll Radiol. 2014]Security of electronic medical information and patient privacy: what you need to know.Andriole KP. J Am Coll Radiol. 2014 Dec; 11(12 Pt B):1212-6. Epub 2014 Dec 1.
- The role of health care experience and consumer information efficacy in shaping privacy and security perceptions of medical records: national consumer survey results.[JMIR Med Inform. 2015]The role of health care experience and consumer information efficacy in shaping privacy and security perceptions of medical records: national consumer survey results.Patel V, Beckjord E, Moser RP, Hughes P, Hesse BW. JMIR Med Inform. 2015 Apr 2; 3(2):e14. Epub 2015 Apr 2.
- Review Electronic health records, adoption, quality of care, legal and privacy issues and their implementation in emergency departments.[Health Policy. 2015]Review Electronic health records, adoption, quality of care, legal and privacy issues and their implementation in emergency departments.Ben-Assuli O. Health Policy. 2015 Mar; 119(3):287-97. Epub 2014 Nov 29.
- Review Patient confidentiality, data security, and provider liabilities in diabetes management.[Diabetes Technol Ther. 2003]Review Patient confidentiality, data security, and provider liabilities in diabetes management.Albisser AM, Albisser JB, Parker L. Diabetes Technol Ther. 2003; 5(4):631-40.
- For the Record Protecting Electronic Health InformationFor the Record Protecting Electronic Health Information
Your browsing activity is empty.
Activity recording is turned off.
See more...