National Academies Press: OpenBook

For the Record: Protecting Electronic Health Information (1997)

Chapter: Appendix E Committee Biographies

« Previous: Appendix D Sections of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191) Related to the Privacy and Security of Electronic Health Information
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Appendix E Committee Biographies

Paul D. Clayton (chair) is a professor of medical informatics (in medicine and radiology) and chair of the Department of Medical Informatics at Columbia University. He is also director of the clinical information services department at Columbia-Presbyterian Medical Center in the City of New York. After receiving a Ph.D. in physics from the University of Arizona, Dr. Clayton spent 15 years as part of the medical informatics group at the University of Utah and LDS Hospital in Salt Lake City, Utah. His current research interests are in the areas of medical information visualization, simplification of user interfaces for physician information input, and security and confidentiality of patient data. Dr. Clayton led the Columbia Presbyterian Medical Center (CPMC) initiative to implement an Integrated Advanced Information Management System that provides access to clinical information for CPMC health care providers, faculty, and students. Dr. Clayton has served on the editorial boards of several journals and is president-elect of the American Medical Informatics Association. He is an elected fellow of the American College of Medical Informatics and the Institute of Medicine.

W. Earl Boebert is with Sandia National Laboratories. Prior to joining Sandia, he was the founder and chief scientist of Secure Computing Technology Corporation (SCTC), predecessor to Secure Computing Corporation (SCC). At SCTC/SCC he led the development of the LOCK, Secure Network Server, and Sidewinder systems. He has 35 years of experience in the computer industry, with more than 20 of them in computer security

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

and cryptography. He is the holder of three and coholder of four patents in the field, is author and coauthor of a book and numerous papers, and has lectured widely. He has been a member of numerous government and industry working groups and panels in the United States and Canada, including the System Security Study Committee of the National Research Council, which produced the report Computers at Risk.

Gordon H. DeFriese is professor of social medicine, epidemiology, and health policy and administration at the University of North Carolina at Chapel Hill. He received a B.S. (sociology and political science, 1963) from Middle Tennessee State University, an M.S. (sociology, 1966) from the University of Kentucky, and a Ph.D. (medical sociology, 1967) from the University of Kentucky College of Medicine. He has served as director of the Cecil G. Sheps Center for Health Services Research since 1973. He previously served as director of the North Carolina Cooperative Health Information System and has served on various subcommittees of the U.S. National Committee on Vital and Health Statistics. Dr. DeFriese has served on numerous state and national committees related to health care, primarily in the fields of health care policy and prevention, and he is a member of the Institute of Medicine.

Susan P. Dowell is executive vice president and chief operating officer for Medicus Systems Corporation. She received a B.S. (medical record administration, 1974) from Daemen College and an M.B.A. (1986) from the University of Seattle. Ms. Dowell's position with Medicus involves her with industry associations, including the American Health Information Management Association, of which she served, among other positions, as president; the Illinois Health Information Management Association, at which she was project manager for HL-7;1 and the Washington State Health Information Management Association, where she served as president and coeditor of the state newsletter. She is also a member of the medical record committee of the Center for Healthcare Information Management and a member of the Healthcare Information Management and Systems Society, the Healthcare Financial Management Association, and the National Association of Healthcare Quality. Ms. Dowell speaks frequently on computer-based patient record strategies, data quality, clinical data systems, quality assurance, productivity and performance standards, information systems strategies, and managed care strategies. She has also

1  

HL-7 is a specification for a health data-interchange standard designed to facilitate the transfer of health data resident on different and disparate computer systems in a health care setting.

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

published numerous articles in the Journal for the American Health Information Management Association, Topics in Health Information Management, and Computers in Healthcare.

Mary L. Fennell received a Ph.D. in sociology from Stanford University, specializing in the application of organization theory to health care organizations. She has held academic positions at the University of Illinois at Chicago and the Pennsylvania State University. She is currently professor of sociology and community health at Brown University, where she is also affiliated with the Center on Gerontology and Health Care Research. Dr. Fennell teaches courses on health policy, health professions and organizations, organizational theory, and research methods in organizations.

Dr. Fennell is best known for her work on Diffusion of Medical Innovation (with Richard Warnecke, published by Plenum in 1988) and for a series of articles on multihospital system structure and governance (with Jeffrey Alexander), which have appeared in the Administrative Science Quarterly, the Journal of Health and Social Behavior, the Academy of Management Journal, and Medical Care Review. She has recently published papers on organizational change in the U.S. health care sector and on the changing organizational context of professional work (in the Annual Review of Sociology and the Journal of Health and Social Behavior). She is currently working on a manuscript (with Kevin Leicht) that will examine recent changes in managerial work and professional practice across the fields of medicine, law, science, and engineering.

Dr. Fennell has led or collaborated on more than a dozen externally funded research projects in the areas of organizational change in health care, innovation diffusion, professional careers, and interorganizational linkage and alliance formation among health care organizations. She is currently studying the development of linkages between acute care and long-term care providers in rural areas and the dissemination of clinical practice innovation in changing health care organizations.

Dr. Fennell served as the editor of the Journal of Health and Social Behavior from 1990 through 1993 and has served on advisory or review committees for the Agency for Health Care Policy Research and the Robert Wood Johnson Foundation. She is active in the American Sociological Association, the Association for Health Services Research, the Academy of Management, and the Gerontological Society of America.

Kathleen A. Frawley is vice-president of legislative and public policy services for the American Health Information Management Association. In this position, she provides advocacy at the federal level and testifies before Congress and federal agencies on issues affecting health information management professionals. She previously worked at the Jamaica

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Hospital Medical Center in New York, where she served as director of medical records, administrator of medical information systems, and vice president and counsel. From 1976 to 1981, she served as chief of medical record services for the U.S. Public Health Service in New York, and for two years prior to that as the director of the Missouri Hospital Discharge System. Ms. Frawley holds a law degree from New York Law School, an M.S. in health services administration from Wagner College, and a certificate in health record administration. She has lectured and published widely on health information management and confidentiality issues and is a member of several professional organizations. She currently cochairs the work group on confidentiality, privacy, and security for the Computer-based Patient Record Institute. Ms. Frawley was appointed in July 1996 by the Secretary of Health and Human Services to a four-year term on the National Committee on Vital and Health Statistics.

John Glaser is vice president and chief information officer for Partners Healthcare System. He was founding chair of the College of Healthcare Information Management Executives, is past president of the Healthcare Information Management Systems Society, and was the 1994 recipient of the John Gall award for health care chief information officer of the year. Dr. Glaser previously managed the health care information systems consulting practice at Arthur D. Little. He is the author of more than 40 publications on health information systems and holds a Ph.D. (health care information systems) from the University of Minnesota.

Richard A. Kemmerer is professor and chair of the computer science department at the University of California at Santa Barbara. He is a nationally known consultant in computer security and formal verification. He has written widely on computer security, formal specification and verification, software testing, programming languages, and software complexity measures. Dr. Kemmerer received a B.S. (mathematics, 1961) from Pennsylvania State University and an M.S. (computer science, 1976) and a Ph.D. (computer science, 1979) from the University of California at Los Angeles. He is a fellow of the IEEE Computer Society and a member of the Association for Computing Machinery (ACM), the International Federation for Information Processing Working Group 11.3 on Database Security, and the International Association for Cryptologic Research. He is also the past chair of the IEEE Technical Committee on Security and Privacy and a past member of the advisory board for the ACM's Special Interest Group on Security, Audit, and Control. He served on the National Bureau of Standards' Computer and Telecommunications Security Council and on the NRC's study committee that produced Computers at Risk. Dr. Kemmerer has served on the editorial boards of the IEEE Trans-

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

actions on Software Engineering and the ACM Computing Surveys, and he is currently editor-in-chief of the IEEE Transactions on Software Engineering.

Carl E. Landwehr heads the Computer Security Section of the Center for High Assurance Computer Systems at the U.S. Naval Research Laboratory. He has led a variety of research projects to advance technologies for computer security and high-assurance systems and has served on review panels for high-assurance research and development programs at the National Aeronautics and Space Administration and the National Security Agency. Dr. Landwehr chairs an international defense panel on secure information systems and serves as an expert consultant to the North Atlantic Treaty Organization. The International Federation for Information Processing (IFIP) awarded him its Silver Core for his work as founding chair of IFIP Working Group 11.3 on database security, and the IEEE Computer Society awarded him its Golden Core for his work on behalf of its Technical Committee on Security and Privacy. He has served on the editorial boards of the High Integrity Systems Journal, IEEE Transactions on Software Engineering, and the Journal of Computer Security. He received a B.S. (engineering, 1968) from Yale University, an M.S. (computer and communication sciences, 1970) from the University of Michigan, and a Ph.D. (computer and communication sciences, 1974) from the University of Michigan.

Thomas C. Rindfleisch is director of the Center for Advanced Medical Informatics at the Stanford University School of Medicine. He received a B.S. (physics, 1962) from Purdue University and an M.S. (physics, 1965) from the California Institute of Technology. For more than 20 years, Mr. Rindfleisch has developed open, network-based, distributed computing resources for biomedical informatics applications, first on the ARPANET and subsequently on the Internet. Mr. Rindfleisch leads a team whose ongoing research includes context-based information retrieval and management, multimedia distributed intelligent e-mail systems, mobile penbased computing systems, information management and access architectures, and security architectures. His interest in privacy and security issues has grown out of real-world experiences in developing and managing nationally networked computing resources. He is a member of the National Library of Medicine Biomedical Library Review Committee and the Federal Networking Council Advisory Committee, a fellow of the American College of Medical Informatics, and a member of the American Association for Artificial Intelligence. He has served on numerous government committees examining information technology applications to health care and on Stanford University advisory committees for information architecture design and implementation strategies.

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Sheila A. Ryan received a Ph.D. from the University of Arizona and has held positions as assistant professor, acting dean, associate professor, and dean of nursing at Creighton University in Omaha, Nebraska. At present, she is dean and professor at the School of Nursing and director of Medical Center Nursing at the University of Rochester. Dr. Ryan has developed and conducted numerous funded research projects and has published extensively in books and journals about faculty practice, computer systems, and future models of alternative delivery systems; she has lectured and consulted nationally and internationally. Dr. Ryan serves on many boards of directors of community and health-related organizations locally, regionally, and nationally. She is considered one of the nursing profession's national orators. Dr. Ryan is a fellow of the American Academy of Nursing, program director of the Commonwealth Fund Executive Nurse Fellowship Program, and treasurer of the National League for Nursing. She is also a member of the Institute of Medicine.

Bruce J. Sams, Jr., received a B.A. (1951) from the Georgia Institute of Technology and an M.D. (1955) from Harvard Medical School. He received postgraduate training in internal medicine and hematology at the University of North Carolina, Chapel Hill; the University of California, San Francisco; and the Massachusetts General Hospital. Dr. Sams was a member of the Permanente Medical Group (TPMG) in Northern California from 1963 to 1993 and served as executive director of the group from 1976 to 1991. He retired from TPMG in 1993 and does private consulting. He is a fellow of the American College of Physicians, a distinguished fellow of the American College of Physician Executives, and a member of the Institute of Medicine.

Peter Szolovits is head of the Clinical Decision-Making Group in the Massachusetts Institute of Technology (MIT) Laboratory for Computer Science and a professor of computer science and engineering at MIT, where he teaches classes in artificial intelligence (AI), computer languages, knowledge-based application systems, and medical information science. Dr. Szolovits received B.S. (physics, 1970) and Ph.D. (information science, 1974) degrees from the California Institute of Technology. His research centers on the application of AI methods to problems of medical decision making. He has worked on problems of diagnosis, therapy planning, execution, and monitoring for various medical conditions, as well as on computational aspects of genetic counseling. Dr. Szolovits was editor of the first volume to summarize medical AI work in 1982. His interests in AI include knowledge representation, qualitative reasoning, and probabilistic inference. Dr. Szolovits has published extensively and is on the editorial board of several journals, was program cochairman of the 1992

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

National Conference on AI, and has been a founder of and consultant for numerous companies that apply AI to problems of commercial interest. He is a fellow of the American Association for Artificial Intelligence and of the American College of Medical Informatics.

Robbie G. Trussell is the senior project manager of pharmacy systems for the Presbyterian Healthcare System based in Dallas, Texas. She received a B.S. (pharmacy, 1972) from the University of Mississippi. She serves as a clinical faculty practitioner for the University of Texas School of Pharmacy. Her areas of expertise include clinical information systems, clinical decision support, systems integration, systems implementation, and pharmacy automation. She is considered one of the pharmacy industry's experts in automation. Ms. Trussell is a fellow of the Healthcare Information and Management Systems Society and currently serves on the board of directors for the organization. She is also a fellow of the American Society of Health-System Pharmacists. She has presented numerous papers relating to automation in pharmacy.

Elizabeth Ward has worked for 23 years in health care, specializing in community health and community mental health services. For half of that time she has been involved in the development of health information systems ranging from automated medical records to large data systems to be used for surveillance and other research activities. Ms. Ward graduated from the University of Washington in 1968 with an M.S. in nursing. Prior to working in Washington, she was Director of Public Health in Alaska. She is currently Assistant Secretary of Epidemiology, Health Statistics, and Public Health Laboratories for the Washington State Department of Health. Ms. Ward has recently been appointed to the National Committee for Vital and Health Statistics.

Paul M. Schwartz (special advisor) is a professor of law at the University of Arkansas School of Law. He is a leading international expert in the field of informational privacy who has published and lectured on issues concerning computers and privacy in the United States and Europe. In this country, his articles and essays have appeared in periodicals such as the Columbia Law Review, Vanderbilt Law Review, Hastings Law Journal, Iowa Law Review American Journal of Comparative Law, and the Partisan Review. Professor Schwartz has provided advice and testimony to numerous governmental bodies in the United States and Europe. In 1994 he testified regarding the protection of privacy in health care reform before a subcommittee of the U.S. House of Representatives. He has acted as a consultant to a study of transborder data flows sponsored by the Canadian Ministry of Justice and as one of the investigators preparing a formal

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

evaluation of U.S. data protection law for the Commission of the European Union. Professor Schwartz also served as an expert in international privacy law in a recent groundbreaking case before the Texas Supreme Court. Paul Schwartz is a graduate of Yale Law School, where he served as a senior editor of the Yale Law Journal. He received his undergraduate education at Brown University.

Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 247
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 248
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 249
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 250
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 251
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 252
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 253
Suggested Citation:"Appendix E Committee Biographies." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page 254
Next: Index »
For the Record: Protecting Electronic Health Information Get This Book
×
Buy Hardback | $32.95 Buy Ebook | $26.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

When you visit the doctor, information about you may be recorded in an office computer. Your tests may be sent to a laboratory or consulting physician. Relevant information may be transmitted to your health insurer or pharmacy. Your data may be collected by the state government or by an organization that accredits health care or studies medical costs. By making information more readily available to those who need it, greater use of computerized health information can help improve the quality of health care and reduce its costs. Yet health care organizations must find ways to ensure that electronic health information is not improperly divulged. Patient privacy has been an issue since the oath of Hippocrates first called on physicians to "keep silence" on patient matters, and with highly sensitive data—genetic information, HIV test results, psychiatric records—entering patient records, concerns over privacy and security are growing.

For the Record responds to the health care industry's need for greater guidance in protecting health information that increasingly flows through the national information infrastructure—from patient to provider, payer, analyst, employer, government agency, medical product manufacturer, and beyond. This book makes practical detailed recommendations for technical and organizational solutions and national-level initiatives.

For the Record describes two major types of privacy and security concerns that stem from the availability of health information in electronic form: the increased potential for inappropriate release of information held by individual organizations (whether by those with access to computerized records or those who break into them) and systemic concerns derived from open and widespread sharing of data among various parties.

The committee reports on the technological and organizational aspects of security management, including basic principles of security; the effectiveness of technologies for user authentication, access control, and encryption; obstacles and incentives in the adoption of new technologies; and mechanisms for training, monitoring, and enforcement.

For the Record reviews the growing interest in electronic medical records; the increasing value of health information to providers, payers, researchers, and administrators; and the current legal and regulatory environment for protecting health data. This information is of immediate interest to policymakers, health policy researchers, patient advocates, professionals in health data management, and other stakeholders.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!