Security and privacy in electronic health records: a systematic literature review

From Clinfowiki
Revision as of 03:13, 9 April 2015 by Eelms (Talk | contribs)

Jump to: navigation, search

Introduction

Privacy and Security in Electronic Health Record (EHR) is still an ongoing initiative in most Healthcare Industries. It is huge and rules are constantly changing. Most vendors are also working hard in developing, creating and embedding Privacy and Security within the system.

Objective

The authors of this study aims to “report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) system.” [1] One of their goals was to find out if certain EHRs were utilizing rules/regulations related to security and privacy

Methods

The selection process included articles dealing with Security and Privacy of EHR Systems from various data sources such as MEDLINE, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database. They used a pre-defined search string and able to extract 775 articles which were reviewed and narrowed down to 49 articles by the three authors. [1]


Results

Among the 49 articles that were subject to their system review, study revealed that “26 used standards and regulations related to the Privacy and Security of EHR Data. The most widely used regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the European Data Protection Directive 95/46/EC. We found 23 articles that used symmetric key and/or asymmetric key schemes and 13 articles that employed the pseudo anonymity technique in HER systems. A total of 11 articles propose the use of a digital signature scheme based on PKI (Public Key Infrastructure) and 13 articles propose a login/password (seven of them combined with a digital certificate or PIN) for authentication.” [1] Role-Based Access Control (RBAC) were found in 27 studies and seemed to be the most preferred. Audit-log files were also available in 25 studies. [1]

Comments

The works of the authors are highly admirable. It was very tedious and time very consuming yet they came up with very informative and accurate results. I do agree with the authors that Privacy and Security Standards and regulations have always been in place and integrated in the EHR Systems. However, it is ongoing and continues to evolve and need more enhancements from time to time. With Meaningful Use as one its drivers to implement Privacy and Security, more initiatives are coming on this area of the EHR.

References

  1. 1.0 1.1 1.2 1.3 Fernández-Alemán JL, et. al (2013). Security and privacy in electronic health records: a systematic literature review. Journal of biomedical informatics, 46(3), 541-562. Accessed from http://www.ncbi.nlm.nih.gov/pubmed/23305810. 04/07/2015./
Retrieved from "https://clinfowiki.org/wiki/index.php?title=Security_and_privacy_in_electronic_health_records:_a_systematic_literature_review&oldid=22806"