Introduction to healthcare information privacy and security concerns

Abstract

A systematic collection of electronic health information of individuals (Electronic Health Record or EHR) in general has been picking up lately. We are gradually leaving behind the extensive paper trail along with the illegible handwriting of many physicians and a headache to compile the patient history from the pile of papers. EHR presented itself with several benefits including cost reduction, easy data maintenance and interpretation, use of one's medical history as a reference for similar cases, data sharing, fmding trends or correlations in medical histories to detect an anomaly or maybe a cure. To offer these benefits, an EHR system should have properties like high availability, failure resilient, data completeness, secure and privy among others. While numerous benefits are being offered by EHR, given the insecurities in the digital world, it is easily threatened by hackers, worms, viruses and similar attackers. These issues may arise during storage of data, communication of data and use of data. Though several standards and policies like ISO 13606 and ISO/TR 20514 exist citing various guidelines associated with EHR, but individual implementers may choose to put them aside or may not be even aware of them. We would outline such different security and privacy issues while using electronic health records in this paper.