Security for Electronic Communication in Health Care

From Clinfowiki
Revision as of 05:49, 28 October 2014 by Elia (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Security for electronic communication in health care has been one of the top priorities since the widespread implementation of EHR fueled by incentives related to Meaningful Use(MU) from the Health Information Technology for Economic and Clinical Health act (HITECH), as part of the American Recovery and Reinvestment Act (ARRA) in 2009 (1). The Office of the National Coordinator (ONC) published in 2008 a set of principles aimed at addressing issues related to privacy and security for electronic communication (2). The document “Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information” was framed within the structure of the Health Insurance Portability and Accountability Act (HIPAA) enacted in 1996 (3). The principles where inspired by the need for guidance within the areas of Health Information Exchange (HIE) and Personal Health Record (PHR) as required by MU.

Principles for secure electronic exchange of health information (ONC)

  • Individual access. Refers to ease, security and timeliness of access to identifiable health information.
  • Correction. Guarantees the individual ability to dispute and change information on record in a timely and secure fashion.
  • Openness and transparency. Addresses the need to inform individuals about the details of the mechanisms of collection, use and disclosure of their health data.
  • Individual choice. Defines the right of individuals to choose details of collection, use and exchange of data, as long as it is in compliance with the requirements outlined by laws and regulations.
  • Collection, use, and disclosure limitation. Is intended to limit data collection, use and disclosure to what is necessary to accomplish a specific task. This principle was introduce to prevent discrimination, and abuse and misuse of data.
  • Data quality and integrity. Indicates the need for individually identifiable data to be accurate, complete and regularly updated. It also emphasizes the need to assess whether data have been altered or removed.
  • Safeguards. This principle calls for “reasonable administrative, technical, and physical safeguards” to protect individually identifiable information. This is crucial to establish trust in the system and contribute to its success. Safeguards should be reasonable and should not to make access difficult to legitimate users.
  • Accountability. Emphasizes the need to promote and enforce adherence to these principles. This can be achieved by establishing rules and regulations and by monitoring and appropriate management of complaints and breaches.

Means and context of electronic communication

Electronic communication occurs in many forms, contexts and time demands, involving a wide variety of shared information. Context: Inpatient, outpatient, home care, PHR, pathology laboratory, radiology suite, pharmacy, administration, academic settings. Content: Written narrative, verbal report, radiology imaging, laboratory report, medications, insurance and financial data, educational and research data. Time demand: Routine, urgent. Hardware: Computer-terminal, smartphone or other wireless device, printer, fax machine.

Electronic security

The increasing use of health information technology (HIT) has emphasized the need to guarantee security for the data accessed and shared electronically. Six basic functions are necessary to guarantee systems’ security: 1) Identification. Refers to a long-term authorization to utilize the system for data management. 2) Authentication. It is the requirement to prove the real identity of the user each time the system is accessed. 3) Access control. Is the next step after authentication and allows the use of documents for a specific purpose and function, related to the role of the user. 4) Confidentiality. Protects sensitive information from indiscriminate use. 5) Integrity. Guarantees the protection of documents and programs from unauthorized modifications. 6) Attribution (non-repudiation). Allows for changes within the system to be traceable to the user responsible for them (4). These functions allow for secure interactions through the spectrum of activities involved in the access and transfer of data and documents. For example, passwords with increasing level of complexity are the most common authentication tool, but they can be easily discovered by sophisticated criminals and the more complicated they are the easier it is for users to forget them. Therefore operating system manufacturers are faced with the challenge to increase the level of security they provide and at the same time to allow legitimate users to easily access their systems. More recently biometric authentication modalities have been proposed and implemented, including fingerprinting, iris scanning, voice recognition and keystroke dynamics (5).


Encryption is a technology that allows the application of some of the security functions described above, specifically, authentication, confidentiality, integrity and attribution. The general principles of encryption predate the electronic era and consist of scrambling a message (encoding) using a key, that will make the document illegible for unauthorized individuals. When the message reaches the legitimate recipient it will need to be changed to its original form to be read (decoding). If the decoding process uses the same key as the encoding, the system is called symmetric encryption. If the key used to encode and decode is made of two parts, one to encode, the other to decode, the system is called asymmetric encryption. Asymmetric encryption is easier to implement and is the one used more often for electronic communication. The level of security of the encryption key is directly proportional to its length (4).

Data transfer

There are several systems available for secure communication. One that is used in small and large institutions is the Intranet. This is a local network that may or may not have access to the Internet, but which uses its functions and protocols. An Intranet is very restrictive and is as safe as the terminal access and users’ authentication procedures implemented. Virtual private networks (VPN) use specific encryption to send data through the internet. VPN works through designated routers that use what is described as a tunneling protocol. This function works, as described by its name, by allowing the transfer of data through the Internet while encrypted within virtual tunnels inaccessible to unauthorized entities. The level of protection of this modality is related to the level of security of the system used. When data transmission requires interaction between a browser and a server, Secure Sockets Layer (SSL)/ Transport Layer Security (TSL) are the encryption standards (6).

Examples of available systems


In the realm of PHR a system that has been tested and used is the Patient Centered Access to Secure Systems Online (PCASSO). This system was created in 1996 and has gone through numerous updates. The most recent report from experience in an academic center has been very favorable when considering security record, but providers found the system’s security features too cumbersome. Another reported criticism from the providers was that they were limited to access only to the records of patients with whom they had a professional relationship (7).

Carebook (ZynxCarebook TM)

Security is a recognized challenge in real-time communication between providers. The use of a smartphone on a non-secure connection is often used by clinicians to share patients’ information. But the convenience and ease of this method of communication comes with the risk for breach of confidentiality for sensitive information. The Carebook application was developed by CareInSyncTM to optimize secure communication among all the providers involved in the care of patients in a hospital setting. The system is connected with the hospital inpatient list and matches automatically hospitalists, nurses, social workers, case managers and other ancillary providers assigned to each patient, in order to create the patient’s care team. Consultants can become part of the team and participate in the information exchange, but have to “pick-up” each patient. ZynxCarebook TM is currently being tried for communication between hospital and homecare teams (8). CareInSyncTM was acquired by Zynx HealthTM on April 24, 2014


  4. Masys DR. Internet and Intranet Technologies. In Electronic Health Records. A Guide for Clinicians and Administrators. Second Edition. Editor Carter J. Philadelphia: ACP Press 2008.
  5. Ahmad N, Szymkowiak A, Campbell PA. Keystroke dynamics in the pre-touchscreen era. Front Hum Neurosci. 2013; 7: 835.
  6. Kelly G, McKenzie B. Security, privacy, and confidentiality issues on the Internet. Med Internet Res. 2002; 4(2): e12. Published online Nov 22, 2002.
  7. Baker BD, Masys DR, Butros A, Cowles KA. Giving Patients Access to Their Medical Records via the Internet: The PCASSO Experience. J Am Med Inform Assoc 2002;9:181-191

Submitted by Giovanni Elia