National Academies Press: OpenBook
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

For the Record Protecting Electronic Health Information

Committee on Maintaining Privacy and Security in Health Care Applications of the National Information Infrastructure

Computer Science and Telecommunications Board

Commission on Physical Sciences, Mathematics, and Applications

National Research Council

NATIONAL ACADEMY PRESS
Washington, D.C.
1997

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance.

This report has been reviewed by a group other than the authors according to procedures approved by a Report Review Committee consisting of members of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine.

Support for this project was provided by the National Library of Medicine and the Warren Grant Magnuson Clinical Center of the National Institutes of Health and by the Massachusetts Health Data Consortium. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.

Library of Congress Catalog Card Number 97-65240

International Standard Book Number 0-309-05697-7

Additional copies of this report are available from:
National Academy Press
2101 Constitution Avenue, NW Box 285 Washington, DC 20055 800/624-6242 202/334-3313 (in the Washington Metropolitan Area) http://www.nap.edu

Copyright 1997 by the National Academy of Sciences. All rights reserved.

Printed in the United States of America

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Committee On Maintaining Privacy And Security In Health Care Applications Of The National Information Infrastructure

PAUL D. CLAYTON,

Columbia-Presbyterian Medical Center,

Chair

W. EARL BOEBERT,

Sandia National Laboratories

GORDON H. DeFRIESE,

University of North Carolina at Chapel Hill

SUSAN P. DOWELL,

Medicus Systems Corporation

MARY L. FENNELL,

Brown University

KATHLEEN A. FRAWLEY,

American Health Information Management Association

JOHN GLASER,

Partners Healthcare System

RICHARD A. KEMMERER,

University of California at Santa Barbara

CARL E. LANDWEHR,

U.S. Naval Research Laboratory

THOMAS C. RINDFLEISCH,

Stanford University

SHEILA A. RYAN,

University of Rochester

BRUCE J. SAMS, JR.,

Permanente Medical Group

(retired)

PETER SZOLOVITS,

Massachusetts Institute of Technology

ROBBIE G. TRUSSELL,

Presbyterian Healthcare System, Dallas

ELIZABETH WARD,

Washington State Department of Health

Special Advisor

PAUL M. SCHWARTZ,

University of Arkansas

Staff

JERRY R. SHEEHAN, Study Director and Program Officer

HERBERT S. LIN, Senior Staff Officer

LESLIE M. WADE, Research Assistant

MOLLA S. DONALDSON, Staff Liaison,

Institute of Medicine

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Computer Science And Telecommunications Board

DAVID D. CLARK,

Massachusetts Institute of Technology,

Chair

FRANCES E. ALLEN,

IBM T.J. Watson Research Center

JEFF DOZIER,

University of California at Santa Barbara

SUSAN L. GRAHAM,

University of California at Berkeley

JAMES GRAY,

Microsoft Corporation

BARBARA J. GROSZ,

Harvard University

PATRICK HANRAHAN,

Stanford University

JUDITH HEMPEL,

University of California at San Francisco

DEBORAH A. JOSEPH,

University of Wisconsin

BUTLER W. LAMPSON,

Microsoft Corporation

EDWARD D. LAZOWSKA,

University of Washington

BARBARA H. LISKOV,

Massachusetts Institute of Technology

JOHN MAJOR,

Motorola Inc.

ROBERT L. MARTIN,

Lucent Technologies Inc.

DAVID G. MESSERSCHMITT,

University of California at Berkeley

CHARLES L. SEITZ,

Myricom Inc.

DONALD SIMBORG,

Know Med Systems Inc.

LESLIE L. VADASZ,

Intel Corporation

MARJORY S. BLUMENTHAL, Director

HERBERT S. LIN, Senior Staff Officer

PAUL D. SEMENZA, Program Officer

JERRY R. SHEEHAN, Program Officer

LESLIE M. WADE, Research Assistant

JULIE C. LEE, Administrative Assistant

LISA L. SHUM, Project Assistant

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Commission On Physical Sciences, Mathematics, And Applications

ROBERT J. HERMANN,

United Technologies Corporation,

Cochair

W. CARL LINEBERGER,

University of Colorado,

Cochair

PETER M. BANKS,

Environmental Research Institute of Michigan

LAWRENCE D. BROWN,

University of Pennsylvania

RONALD G. DOUGLAS,

Texas A&M University

JOHN E. ESTES,

University of California at Santa Barbara

L. LOUIS HEGEDUS,

Elf Atochem North America Inc.

JOHN E. HOPCROFT,

Cornell University

RHONDA J. HUGHES,

Bryn Mawr College

SHIRLEY A. JACKSON,

U.S. Nuclear Regulatory Commission

KENNETH H. KELLER,

University of Minnesota

KENNETH I. KELLERMANN,

National Radio Astronomy Observatory

MARGARET G. KIVELSON,

University of California at Los Angeles

DANIEL KLEPPNER,

Massachusetts Institute of Technology

JOHN KREICK,

Sanders, a Lockheed Martin Company

MARSHA I. LESTER,

University of Pennsylvania

THOMAS A. PRINCE,

California Institute of Technology

NICHOLAS P. SAMIOS,

Brookhaven National Laboratory

L.E. SCRIVEN,

University of Minnesota

SHMUEL WINOGRAD,

IBM T.J. Watson Research Center

CHARLES A. ZRAKET,

MITRE Corporation

(retired)

NORMAN METZGER, Executive Director

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce Alberts is president of the National Academy of Sciences.

The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. William A. Wulf is president of the National Academy of Engineering.

The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Kenneth I. Shine is president of the Institute of Medicine.

The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy's purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Bruce Alberts and Dr. William A. Wulf are chairman and vice chairman, respectively, of the National Research Council.

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Preface

In response to a request from the National Library of Medicine (NLM), and with support from the Warren Grant Magnuson Clinical Center of the National Institutes of Health and from the Massachusetts Health Data Consortium, the Computer Science and Telecommunications Board (CSTB) initiated a study in October 1995 on maintaining privacy and security in health care applications of the national information infrastructure (NII). As one of the lead agencies within the executive branch for facilitating the development and expansion of health care applications of the NII, NLM identified privacy and security as primary issues that need to be addressed in order to facilitate greater use of information technology within the health care sector.1 Several reports written over the last two decades note the potential vulnerabilities of health information systems and the potential risks to patient privacy that could result from the

1  

The terms privacy, confidentiality, and security are used in many different ways to discuss the protection of personal health information. This report uses the term privacy to refer to an individual's desire to limit the disclosure of personal information. It uses the term confidentiality to refer to a condition in which information is shared or released in a controlled manner. Organizations develop confidentiality policies to codify their rules for controlling the release of personal information in an effort to protect patient privacy. Security consists of a number of measures that organizations implement to protect information and systems. It includes efforts not only to maintain the confidentiality of information, but also to ensure the integrity and availability of that information and the information systems used to access it.

Page viii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

unauthorized use of health data.2 Although they outline risks and discuss possible corrective measures, these earlier reports do not attempt to evaluate the effectiveness of alternative mechanisms for protecting electronic health information. To remedy this situation, CSTB was asked to investigate the threats to electronic health information and to evaluate alternative technical and nontechnical means of protecting health information that are being used today. A natural outgrowth of this assessment is a judgment about the technical and nontechnical means that can be used to maintain privacy and security in health care information systems, about future research that is needed to develop additional mechanisms, and about the obstacles that stand in the way of future advances.

The Committee And Its Charge

To conduct this study, CSTB formed a committee of 15 members and a special advisor with expertise in computer and information security, medical informatics, health information management, health care privacy, law, medical sociology, and health information systems. Both developers and users of health information systems were included. NLM charged the committee to do the following:

Observe and assess existing technical and nontechnical mechanisms for protecting the privacy and maintaining the security of health care information systems, identify other mechanisms worthy of testing in a health care environment, and outline promising areas for further research.

In carrying out this charge, the committee was asked to address questions in the following areas:

  • Threats to health care information: What problems have health care organizations encountered to date regarding unauthorized access to individually identified patient data? To what extent has the security of health information systems been compromised or threatened by the introduction of electronic medical records and networked information systems? What problems could be encountered in the future related to unauthorized access to individually identifiable patient data? How sig-

2  

See National Institute of Standards and Technology, 1994, Putting the Information Infrastructure to Work: Report of the Information Infrastructure Task Force Committee on Applications and Technology, NIST Special Publication 857, U.S. Government Printing Office, Washington, D.C., May; Institute of Medicine, 1994, Health Data in the Information Age: Use, Disclosure and Privacy, Molla S. Donaldson and Kathleen N. Lohr (eds.), National Academy Press, Washington, D.C.; Office of Technology Assessment, 1993, Protecting Privacy in Computerized Medical Information, OTA-TCT-576, U.S. Government Printing Office, Washington, D.C., September; National Research Council, 1972, Databanks in a Free Society: Computers, Record Keeping, and Privacy, National Academy of Sciences, Washington, D.C.

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
  • nificant is the threat posed by inferential identification through the linking of databases with unidentifiable information?
  • Adequacy of existing privacy and security measures: What types of policies are in place to provide privacy, security, and confidentiality? How adequate are these policies in practice? What technical features are incorporated into health information systems to provide security? How effective are they? What has been done to educate users about the need for privacy and security and their responsibilities for protecting health information?
  • Future mechanisms and best practices: What other approaches to information privacy and security are worthy of testing in health care organizations? What approaches should be broadly promulgated? How cost-effective are various approaches? What combination of technologies, policies, and standards would help to promote better information security for health-related data? How can highly sensitive aspects of an individual's health care records (e.g., mental health history and HIV status) be better protected?
  • Barriers to adoption: What barriers exist to the adoption of better information security practices and technology (e.g., cost, ease of use)? What incentives are needed to encourage providers to adopt sound information privacy and security practices and to secure health information systems?

Although the focus of the committee's charge was to evaluate practices that individual organizations can use to better protect electronic health information, the committee quickly learned from its research that the primary threats to patient privacy originate from the lack of controls over the legal (and generally legitimate) demands for data made by organizations not directly involved in the provision of care, such as managed care organizations, insurers, public health agencies, and self-insured employers. The committee regarded this larger threat as significant enough to warrant systematic attention. Given the committee's original charge and its composition, however, this report does not make specific recommendations in this area, although it does call for a national debate on these issues.3 Accordingly, this report undertakes the tasks of raising consciousness in the health care industry (and the nation as a whole) regarding privacy and security issues in health care; demonstrating ways in which these issues can be addressed; and providing practical guidance to practitioners in the field of medical informatics and health information management who must continually wrestle with privacy and security concerns.

3  

Another study committee convened by the Institute of Medicine was charged to investigate systemic uses of health information and to offer recommendations in this area. See Institute of Medicine. 1994. Health Data in the Information Age: Use, Disclosure, and Privacy, National Academy Press, Washington, D.C.

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Recognizing that organizations strive to balance security against other concerns such as cost and access to information, the committee investigated both the efficacy of various privacy and security measures and the implications of such measures for the ability of users to access critical information in a timely manner. In order that its work would have lasting value to the community, the committee attempted, where possible, to project future changes in the uses of health information, the potential threats to such information, and the technologies capable of addressing these threats.

Methodology

The committee's primary mechanism for gathering information about technical and nontechnical approaches to protecting electronic health information consisted of a series of site visits to six organizations that collect, process, and store electronic health information. Sites were selected on the basis of their reputed leadership in the development of electronic medical records, networked clinical systems, and privacy and security policies. Committee nominations were verified against reports or rankings in several highly regarded health care publications. The selected sites included a large, urban hospital; a tightly integrated health care system; a second tightly integrated health care system affiliated with a community health information network; a more loosely affiliated provider network; a state health care system; and a large insurer. To encourage personnel at the various sites to share their experiences candidly, the committee decided to keep sites' identities confidential.

Because site visits were conducted by different subsets of the committee's members, the committee as a whole developed a standard site visit protocol to ensure some degree of uniformity among the visits (see Appendix A). Prior to each visit, the site visit team gathered information from the site regarding its organizational structure, computer and data security policies, information systems, security mechanisms, confidentiality policies, procedures for releasing medical records, employee training and orientation materials, and disciplinary policies. This information proved valuable not only in orienting committee members to idiosyncrasies of each site, but also in indicating the degree to which the organizations had codified their policies and procedures.

During each one-and-a-half-day visit, the site visit team met with corporate executives; staff from the information systems, health information management (i.e., medical records), human resources, and legal departments; doctors; nurses; and other system users. Where possible, it met with members of health information management committees and of privacy and confidentiality committees. The site visit team discussed a

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

wide range of topics with its hosts on each visit: confidentiality policies, policies regarding data exchanges and uses or releases of aggregated data, means of implementing policies, perceived and experienced threats to patient privacy and system security, training and education programs, information systems, electronic medical records, security mechanisms, users' perceptions of the information systems and security practices, and future needs.

In addition to its site visits, the full committee met five times during the course of the study to plan its work, listen to briefings from relevant stakeholders, and deliberate over its conclusions and recommendations. During these sessions, the committee met with health care providers, insurers, pharmaceutical benefits managers,4 vendors of health information systems, experts in computer security (from both the health care and the non-health care communities), privacy advocates and consumer representatives, federal agencies interested in health information systems, insurers, relevant industry associations, and other organizations that maintain health-related databases. The committee also met with groups attempting to develop health care applications of the NII and with researchers who study the uses of medical information, including genetic information. Additional meetings were held with the Massachusetts Health Data Consortium and with representatives of European data commissions to understand the problems they face and the solutions they are implementing (see Appendix B for a complete list of people who briefed the committee).

The site visits and committee meetings provided committee members with numerous opportunities to observe and discuss the confidentiality and security policies, mechanisms, and practices used in a variety of health care organizations and firms in other industries. The visits themselves facilitated extended dialogue with key decision makers within the organizations, allowing the committee to better understand the objectives and motivations of the sites' privacy and security strategies. Many of the practices the committee observed during its site visits were described in its interim report released in September 1996.5 This final report provides additional analysis of practices observed during the site visits and describes other practices that have not yet been applied in health care set-

4  

Pharmaceutical benefits managers are organizations such as Merck-Medco Managed Care Inc. and PCS Inc. that offer benefits plans that pay for prescriptions. They typically assist in designing the benefits programs, offer point-of-sale claims processing, and develop formularies of the drugs that participating pharmacies prescribe.

5  

Computer Science and Telecommunications Board, National Research Council. 1996. ''Observed Practices for Improving the Security and Confidentiality of Electronic Health Information: Interim Report," National Academy Press, Washington, D.C., September.

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

tings; describes the general exchanges of health information throughout the industry and identifies obstacles to and incentives for increased attention to privacy and security concerns; and presents the committee's conclusions and recommendations on the state of practice today, on practices that should be more widely adopted throughout the industry, and on research needs for the future.

The committee recognizes that this report will serve multiple audiences: information systems and operations staffs within medical organizations who are charged with developing and implementing practices to improve privacy and security, government agencies and accrediting bodies with roles to play in overseeing health care organizations and other users of health information, and legislators and other policy makers who are interested in establishing a policy framework for protecting health information while allowing legitimate access. The committee hopes that each of these audiences will find useful guidance in this report, both in the detailed practices described in Chapters 4 and 5, and in the findings and recommendations contained in Chapter 6.

Acknowledgments

The committee members that came together represented a number of different backgrounds and perspectives (Appendix E). The harmony with which people with such diverse points of view worked together is testament to the character of the individual committee members and a reflection upon the importance of the issue this report addresses. Each committee member volunteered a substantial amount of time over the course of the study to meet, conduct site visits, and draft sections of this report. To the extent that this report improves the privacy and security environment by enlightening the public, policy makers who set institutional priorities, daily users of health information, and those who build the systems, the committee members will believe that their effort was worthwhile.

To the CSTB staff, the committee expresses its admiration and gratitude for their faithful capture of the wide-ranging content of its deliberations and for the gentle but effective way they kept things on schedule. It is hard to find people of such talent who are willing to facilitate and support rather than impose their observations and conclusions. Thanks are also extended to those who volunteered to review and critique an early draft of this document, as well as to the numerous briefers who volunteered their time to meet with it and to help the committee better understand their concerns. The committee also owes many thanks to those who hosted the site visits. The committee received honest and open cooperation from a variety of individuals at each site.

Finally, the committee wishes to express appreciation to the sponsors

Page xiii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

of this report who were willing to invest in developing solutions to societal concerns: Dr. Donald Lindberg and Ms. Betsy Humphreys of the National Library of Medicine; Dr. John Gallin of the Warren Grant Magnuson Clinical Center; and Mr. Elliot Stone of the Massachusetts Health Data Consortium. Such leadership is crucial in motivating more than a fragmented approach to the search for solutions.

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
This page in the original is blank.
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
   

State Statutes and Regulations

 

44

   

Limitations of State Protections

 

45

   

Nongovernmental Initiatives

 

47

   

American National Standards Institute

 

47

   

Computer-based Patient Record Institute

 

48

   

Joint Commission on Accreditation of Healthcare Organizations

 

48

   

Improving Public Policy

 

49

   

Building National Consensus

 

50

   

Legislative Initiatives

 

52

3

 

Privacy and Security Concerns Regarding Electronic Health Information

 

54

   

Concerns Regarding Health Information Held by Individual Organizations

 

54

   

Scale of the Threat to Health Information Held by Individual Organizations

 

55

   

General Taxonomy of Organizational Threats

 

56

   

Factors Accounting for Differences Among Threats

 

56

   

Levels of Threat to Information in Health Care Organizations

 

59

   

Countering Organizational Threats

 

61

   

Developing Appropriate Countermeasures

 

61

   

Observations on Countering Organizational Threats

 

64

   

Systemic Concerns About Health Information

 

65

   

Uses and Flows of Health Information

 

65

   

Alice's Medical Records

 

69

   

Government Collection of Health Data

 

72

   

Risks Created by Systemic Flows of Health Information

 

74

   

Universal Patient Identifiers

 

78

   

Conclusions Regarding Systemic Concerns

 

80

4

 

Technical Approaches to Protecting Electronic Health Information

 

82

   

Observed Technological Practices at Studied Sites

 

84

   

Authentication

 

86

   

Authentication Technologies Observed on Site Visits

 

88

   

Authentication Technologies Not Yet Deployed in Health Care Settings

 

89

   

Access Controls

 

93

   

Access Control Technologies Observed on Site Visits

 

94

   

Access Control Technologies Not Yet Deployed in Health Care Settings

 

96

Page xvii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
   

Audit Trails

 

97

   

Audit Trail Technologies Observed on Site Visits

 

98

   

Audit Trail Technologies Not Yet Deployed in Health Care Settings

 

98

   

Physical Security of Communications, Computer, and Display Systems

 

99

   

Control of External Communication Links and Access

 

102

   

Network Control Technologies Observed on Site Visits

 

104

   

Network Control Technologies Not Yet Deployed in Health Care Settings

 

104

   

Encryption,

 

106

   

Software Discipline

 

108

   

Software Control Technologies Observed on Site Visits

 

110

   

Software Control Technologies Not Yet Deployed in Health Care Settings

 

110

   

System Backup and Disaster Recovery Procedures

 

111

   

System Backup Procedures Observed on Site Visits

 

111

   

System Backup Procedures Not Yet Deployed in Health Care Settings

 

112

   

System Self-Assessment and Attention to Technological Awareness

 

112

   

Site Visit Summary

 

114

   

Key Issues in Using Technology to Protect Health Information

 

117

   

Patient Identifiers and Techniques for Linking Records

 

117

   

Control of Secondary Users of Health Care Information

 

120

   

Obstacles to Use of Security Technology

 

122

   

Difficulty of Building Useful Electronic Medical Records

 

122

   

Lack of Market Demand for Security Technology

 

123

   

Organizational Systems Accumulate-They Are Not Designed

 

123

   

Cryptography-based Tools Are Still Out of Reach

 

124

   

Effective Public-key Management Infrastructures Are Essential but Still Nonexistent

 

124

   

Helpful Technologies Are Hard to Buy and Use

 

125

   

Education and Demystifying Issues of Distributed Computing and Security

 

125

5

 

Organizational Approaches to Protecting Electronic Health Information

 

127

   

Formal Policies

 

128

   

Policies Regarding Information Uses and Flows

 

129

   

Security Policies

 

129

   

Confidentiality Policies

 

130

Page xviii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
   

Policies to Protect Sensitive Information

 

131

   

Policies on Research Uses of Health Information

 

134

   

Policies Guiding Release of Information

 

135

   

Patient-centered Policies

 

136

   

Patient Bill of Rights

 

136

   

Authorization Forms

 

136

   

Access to Records and Audit Logs

 

137

   

Organizational Structures

 

138

   

Policy Development Process

 

138

   

Structures for Implementing Policy

 

139

   

Structures for Granting Access Privileges

 

140

   

Education and Training

 

142

   

Training Programs

 

143

   

Nonformal Training

 

144

   

Educational Tools

 

145

   

User Confidentiality Agreements

 

149

   

Sanctions for Breaches of Confidentiality

 

149

   

Improving Organizational Management: Closing the Gap Between Theory and Practice

 

153

   

Implementing an Integrated Security and Confidentiality Management Model

 

154

   

Overcoming Obstacles to Effective Organizational Practices

 

155

   

Lack of Public or External Incentives

 

155

   

Resource Constraints

 

156

   

Competing Demands

 

156

   

Lack of Focus on Information Technology

 

157

   

Cultural Constraints

 

158

6

 

Findings and Recommendations

 

160

   

Findings and Conclusions

 

161

   

Recommendations

 

167

   

Improving Privacy and Security Practices

 

167

   

Technical Practices and Procedures for Immediate Implementation

 

169

   

Organizational Practices for Immediate Implementation

 

173

   

Security Practices for Future Implementation

 

175

   

Creating an Industry-wide Security Infrastructure

 

177

   

Addressing Systemic Issues Related to Privacy and Security

 

180

   

Developing Patient Identifiers

 

185

   

Meeting Future Technological Needs

 

189

   

Technologies Relevant to the Computer Security Community as a Whole

 

191

   

Technologies Specific to Health Care

 

192

Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
This page in the original is blank.
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×

Whoever you are—

I have always depended on the kindness of strangers.

Blanche, in

A Streetcar Named Desire

Tennessee Williams

Page xxii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
This page in the original is blank.
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R1
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R2
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R3
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R4
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R5
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R6
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R7
Page viii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R8
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R9
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R10
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R11
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R12
Page xiii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R13
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R14
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R15
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R16
Page xvii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R17
Page xviii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R18
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R19
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R20
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R21
Page xxii Cite
Suggested Citation:"Front Matter." National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press. doi: 10.17226/5595.
×
Page R22
Next: Executive Summary »
For the Record: Protecting Electronic Health Information Get This Book
×
Buy Hardback | $32.95 Buy Ebook | $26.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

When you visit the doctor, information about you may be recorded in an office computer. Your tests may be sent to a laboratory or consulting physician. Relevant information may be transmitted to your health insurer or pharmacy. Your data may be collected by the state government or by an organization that accredits health care or studies medical costs. By making information more readily available to those who need it, greater use of computerized health information can help improve the quality of health care and reduce its costs. Yet health care organizations must find ways to ensure that electronic health information is not improperly divulged. Patient privacy has been an issue since the oath of Hippocrates first called on physicians to "keep silence" on patient matters, and with highly sensitive data—genetic information, HIV test results, psychiatric records—entering patient records, concerns over privacy and security are growing.

For the Record responds to the health care industry's need for greater guidance in protecting health information that increasingly flows through the national information infrastructure—from patient to provider, payer, analyst, employer, government agency, medical product manufacturer, and beyond. This book makes practical detailed recommendations for technical and organizational solutions and national-level initiatives.

For the Record describes two major types of privacy and security concerns that stem from the availability of health information in electronic form: the increased potential for inappropriate release of information held by individual organizations (whether by those with access to computerized records or those who break into them) and systemic concerns derived from open and widespread sharing of data among various parties.

The committee reports on the technological and organizational aspects of security management, including basic principles of security; the effectiveness of technologies for user authentication, access control, and encryption; obstacles and incentives in the adoption of new technologies; and mechanisms for training, monitoring, and enforcement.

For the Record reviews the growing interest in electronic medical records; the increasing value of health information to providers, payers, researchers, and administrators; and the current legal and regulatory environment for protecting health data. This information is of immediate interest to policymakers, health policy researchers, patient advocates, professionals in health data management, and other stakeholders.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!