Home > Technology > The security and privacy of health data

The security and privacy of health data

September 28th, 2009
The security and privacy aspect of EHR is defined as part of PHI (Protected Health Information), and is based on HIPPA.
The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996.
PHI is defined as any information concerning health status, provision of health care, or payment for health care that can be linked to an individual.
The EHR security and privacy has to cover anything from accuracy and disposal of information and hardware hosting such data to encryption for storage and exchange of data over the wire.
ON Sep. 16th the Federal panel approved EHR security, privacy standards.
The committee clarified requirements that EHR systems must meet so both vendors and healthcare providers could use a number of access controls in their electronic health record systems and practices by 2011.
The standards under discussion cover access control, authentication, authorization and transmission of health data.
According to the panel in 2013 EHRs would have to meet additional standards to further tighten security, including Health Level 7 Role-based Access Control (BRAC), Security Assertion Mark-up Language (SAML) and WS-Trust, the name of an OASIS standard to construct secure messages.
In addition HIPPA allow patients the right to review the content of their medical records and gives individuals the right to request correction of any inaccurate PHI.
For example, an individual can ask to be called at his or her work number, instead of home or cell phone number.
PHI is an important part of EHR that concerns Patients and Physicians the most.
I will cover this topic in detail as the standards progress.

The security and privacy aspect of EHR is covered in context of PHI (Protected Health Information) and is based on HIPPA.

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996.

PHI is defined as any information concerning health status, provision of health care, or payment for health care that can be linked to an individual.

The EHR security and privacy has to cover anything from accuracy and disposal of information and hardware hosting such data to encryption for storage and exchange of data over the wire.

ON Sep. 16th the Federal panel approved EHR security, privacy standards.

The committee clarified requirements that EHR systems must meet so both vendors and healthcare providers could use a number of access controls in their electronic health record systems and practices by 2011.

The standards under discussion cover access control, authentication, authorization and transmission of health data.

According to the panel in 2013 EHRs would have to meet additional standards to further tighten security, including Health Level 7 Role-based Access Control (BRAC), Security Assertion Mark-up Language (SAML) and WS-Trust, the name of an OASIS standard to construct secure messages.

In addition HIPPA allow patients the right to review the content of their medical records and gives individuals the right to request correction of any inaccurate PHI.

For example, an individual can ask to be called at his or her work number, instead of home or cell phone number.

PHI is an important part of EHR that concerns Patients and Physicians the most.

I will cover this topic in detail as the standards progress.

Technology

  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.