Quality evidence, quality decisions: Ways to improve security and privacy of EHR systems

The readily available and accessible large collection of electronic health records has encouraged an increasing interest on its secondary use. It is especially true for the approach of practice-based evidence where the secondary use of EHR data, collected during routine care, has the potential to improve healthcare professionals' decision-making capabilities and effectiveness, and broadens their knowledge regarding treatments, medications and clinical conditions. Through effective and quality decision-making, healthcare professionals are able to deliver care that positively improves patient health outcomes in a cost-effective and safe manner. However, privacy and security breaches potentially impact the integrity of data captured in electronic health records, and this invalidates its perceived usefulness in providing evidence to support care. In order to design a secure and effective EHR system for the adoption of practice-based evidence approaches, recommendations for privacy and security measures can follow the security control protocol of preventive, detective and corrective control. Within each control, different security solutions are recommended so that security design is truly holistic.

[1]  C. Thompson,et al.  An Electronic Medical Record Report Improves Identification of Hospitalized Patients With Heart Failure. , 2016, Journal of cardiac failure.

[2]  Chunhua Weng,et al.  Methods and dimensions of electronic health record data quality assessment: enabling reuse for clinical research , 2013, J. Am. Medical Informatics Assoc..

[3]  Jorge Bernardino,et al.  Open Source Backup Systems for SMEs , 2015, WorldCIST.

[4]  Ghizlane Orhanou,et al.  Data Integrity in Real-time Datawarehousing , 2013 .

[5]  Marijke De Soete Two-Factor Authentication , 2011, Encyclopedia of Cryptography and Security.

[6]  A. Hoerbst,et al.  Electronic Health Records , 2010, Methods of Information in Medicine.

[7]  W. Keith Edwards,et al.  A Brief Introduction to Usable Security , 2008, IEEE Internet Computing.

[8]  Patrick Bours,et al.  Continuous Authentication using Biometric Keystroke Dynamics , 2009 .

[9]  Sateesh Kumar Pradhan,et al.  Intrusion Prevention System , 2020, Securing the Internet of Things.

[10]  D. Blumenthal,et al.  The benefits of health information technology: a review of the recent literature shows predominantly positive results. , 2011, Health affairs.

[11]  Michael E. Miller,et al.  Electronic Health Records , 2014, Annals of Internal Medicine.

[12]  K. Win A Review of Security of Electronic Health Records , 2005, Health information management : journal of the Health Information Management Association of Australia.

[13]  Yau Hon Keung Basic Principle of Information Security , 2014, ICRA 2014.

[14]  Majid Sarrafzadeh,et al.  Using electronic health records to predict severity of condition for congestive heart failure patients , 2014, UbiComp Adjunct.

[15]  Anil K. Jain,et al.  An Introduction to Biometric Authentication Systems , 2005 .

[16]  T. MacDonald,et al.  Managing security and privacy concerns over data storage in healthcare research , 2011, Pharmacoepidemiology and drug safety.

[17]  Tong Li,et al.  Electronic health record phenotyping improves detection and screening of type 2 diabetes in the general United States population: A cross-sectional, unselected, retrospective study , 2015, J. Biomed. Informatics.

[18]  Charo Rodríguez,et al.  Examining the evidence of the impact of health information technology in primary care: An argument for participatory research with health professionals and patients , 2012, Int. J. Medical Informatics.

[19]  A. Schuchat DEPARTMENT OF HEALTH & HUMAN SERVICES , 2015 .

[20]  José Luis Fernández Alemán,et al.  Security and privacy in electronic health records: A systematic literature review , 2013, J. Biomed. Informatics.

[21]  Hamzah Osop,et al.  Data-Driven and Practice-Based Evidence: Design and Development of Efficient and Effective Clinical Decision Support System , 2016 .

[22]  M. Salive,et al.  Multimorbidity in older adults. , 2013, Epidemiologic reviews.

[23]  Dong Seong Kim,et al.  Intrusion detection system , 2020, International Journal of Engineering and Techniques.

[24]  James A. Haskett,et al.  Pass-algorithms: a user validation scheme based on knowledge of secret algorithms , 1984, CACM.

[25]  Tony R. Sahama,et al.  Managing and sharing health data through Information Accountability protocols , 2015, 2015 17th International Conference on E-health Networking, Application & Services (HealthCom).

[26]  M. Barkham,et al.  Practice‐based Evidence as a Complement to Evidence‐based Practice: From Dichotomy to Chiasmus , 2008 .

[27]  Jiajie Zhang,et al.  TURF: Toward a unified framework of EHR usability , 2011, J. Biomed. Informatics.

[28]  C. Goldzweig,et al.  Costs and benefits of health information technology: new trends from the literature. , 2009, Health affairs.