When you visit the doctor, information about you may be recorded in an office computer. Your tests may be sent to a laboratory or consulting physician. Relevant information may be transmitted to your health insurer or pharmacy. Your data may be collected by the state government or by an organization that accredits health care or studies medical costs. By making information more readily available to those who need it, greater use of computerized health information can help improve the quality of health care and reduce its costs. Yet health care organizations must find ways to ensure that electronic health information is not improperly divulged. Patient privacy has been an issue since the oath of Hippocrates first called on physicians to "keep silence" on patient matters, and with highly sensitive data--genetic information, HIV test results, psychiatric records--entering patient records, concerns over privacy and security are growing.
For the Record responds to the health care industry's need for greater guidance in protecting health information that increasingly flows through the national information infrastructure--from patient to provider, payer, analyst, employer, government agency, medical product manufacturer, and beyond. This book makes practical detailed recommendations for technical and organizational solutions and national-level initiatives.
For the Record describes two major types of privacy and security concerns that stem from the availability of health information in electronic form: the increased potential for inappropriate release of information held by individual organizations (whether by those with access to computerized records or those who break into them) and systemic concerns derived from open and widespread sharing of data among various parties.
The committee reports on the technological and organizational aspects of security management, including basic principles of security; the effectiveness of technologies for user authentication, access control, and encryption; obstacles and incentives in the adoption of new technologies; and mechanisms for training, monitoring, and enforcement.
For the Record reviews the growing interest in electronic medical records; the increasing value of health information to providers, payers, researchers, and administrators; and the current legal and regulatory environment for protecting health data. This information is of immediate interest to policymakers, health policy researchers, patient advocates, professionals in health data management, and other stakeholders.
Table of Contents
|2 The Public Policy Context||37-53|
|3 Privacy and Security Concerns Regarding Electric Health Information||54-81|
|4 Technical Approaches to Protecting Electronic Health Information||82-126|
|5 Organizational Approaches to Protecting Electronic Health Information||127-159|
|6 Findings and Recommendations||160-196|
|Appendix A Study Committee's Site Visit Guide||209-220|
|Appendix B Individuals Who Briefed the Study Committee||221-221|
|Appendix C National Library of Medicine Awards to Develop Health Care Applications of the National Information Infrastructure||222-232|
|Appendix D Sections of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191) Related to the Privacy and Security of Electronic Health Information||233-246|
|Appendix E Committee Biographies||247-254|
The National Academies Press and the Transportation Research Board have partnered with Copyright Clearance Center to offer a variety of options for reusing our content. You may request permission to:
For most Academic and Educational uses no royalties will be charged although you are required to obtain a license and comply with the license terms and conditions.
For information on how to request permission to translate our work and for any other rights related query please click here.
For questions about using the Copyright.com service, please contact:
Copyright Clearance Center
22 Rosewood Drive
Danvers, MA 01923
Tel (toll free): 855/239-3415 (select option 1)
Loading stats for For the Record: Protecting Electronic Health Information...