Medical data security: Are you informed or afraid?

Practical application of security measures severely hampers the level of security afforded to medical data in Australia. Whilst the reasons for medical data security are widely understood, there is little published information on how to tackle even basic security challenges for medical practice in Australia. Research suggests that there is an underestimation of the potential threats by medical practitioners; hence there is sufficient reason to promote development of tools to assist medical practice with technical issues they are unfamiliar with. This paper discusses the lack of threat realisation and provides a process for how security may be improved by those who are responsible for it. The process includes a framework for risk assessment and its practical implementation to make medical data in Australia secure.

[1]  Patricia A. H. Williams,et al.  Is the Internet an Integral Part of General Practice in Australia? , 2001, MedInfo.

[2]  T. Adams,et al.  Lessons from the central Hampshire electronic health record pilot project: issues of data protection and consent , 2004, BMJ : British Medical Journal.

[3]  D Howland,et al.  Keeping the doors open. , 1993, Trustee : the journal for hospital governing boards.

[4]  Patricia A. H. Williams,et al.  Securing PDAs in the Healthcare Environment , 2004, AISM.

[5]  Alan R. Dennis Networking in the Internet Age , 2002 .

[6]  Douglas M. Stetson Achieving Effective Medical Information Security: Understanding the Culture , 2005 .

[7]  Hhs Centers for Medicare Medicaid Services HIPAA administrative simplification: standard unique health identifier for health care providers. Final rule. , 2004 .

[8]  D. Christakis,et al.  The effect of point-of-care personal digital assistant use on resident documentation discrepancies. , 2004, Pediatrics.

[9]  Patricia A. H. Williams Where are the Policies for PDA Usage in the Australian Healthcare Environment? , 2005, ECIW.

[10]  M Carter Integrated electronic health records and patient privacy: possible benefits but real dangers , 2000, The Medical journal of Australia.

[11]  David J. P. Barker,et al.  Epidemiology in medical practice , 1976 .

[12]  C E Gilkes,et al.  Clinical databases and data protection: are they compatible? , 2003, British journal of neurosurgery.

[13]  Francis Roger-France,et al.  Security Of The Electronic Health Care Record -Professional And Ethical Implications , 1996, Towards Security in Medical Telematics.

[14]  D. Lawlor,et al.  Public health and data protection: an inevitable collision or potential for a meeting of minds? , 2001, International journal of epidemiology.

[15]  Dawn Everington,et al.  Obstacles to conducting epidemiological research in the UK general population , 2004, BMJ : British Medical Journal.

[16]  L Turnberg Common sense and common consent in communicable disease surveillance , 2003, Journal of medical ethics.

[17]  Neoma S Bower Put technology at your fingertips with a PDA. , 2004, The Nurse practitioner.

[18]  Barbara Meredith,et al.  Data protection and freedom of information , 2005, BMJ : British Medical Journal.

[19]  Ken Appelt Safeguarding data integrity from power failure. , 2005, Health management technology.

[20]  Aaron Dalton HIPAA. Eye spy. , 2004, Hospitals & health networks.

[21]  Kelli Rosenthal Get "smart" with a PDA. , 2004 .

[22]  T. Walley,et al.  Data protection legislation: interpretation and barriers to research , 2000, BMJ : British Medical Journal.

[23]  Raymond R. Panko,et al.  Business Data Networks and Telecommunications , 2008 .

[24]  C D Mount,et al.  An integrated electronic health record and information system for Australia? , 2000, The Medical journal of Australia.

[25]  Heather Grain Information systems in the new world: an emerging national approach. , 2005, Australian health review : a publication of the Australian Hospital Association.