Difference between revisions of "Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records Systems"
(→Introduction) |
|||
| Line 1: | Line 1: | ||
A review of an article by Rodrigues et al (2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health REcords System. <ref name=Rodrigues et al 2013>Rodrigues, J, Torre, I, Fernandez, G, Lopez-Coronado, M (August 2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Record Systems.Journal of Medical Internet Research. Vol 15. http://www-ncbi-nlm-nih-gov.ezproxyhost.library.tmc.edu/pmc/articles/PMC3757992/</ref> | A review of an article by Rodrigues et al (2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health REcords System. <ref name=Rodrigues et al 2013>Rodrigues, J, Torre, I, Fernandez, G, Lopez-Coronado, M (August 2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Record Systems.Journal of Medical Internet Research. Vol 15. http://www-ncbi-nlm-nih-gov.ezproxyhost.library.tmc.edu/pmc/articles/PMC3757992/</ref> | ||
==Introduction== | ==Introduction== | ||
| − | The article stated that Cloud computing system [http://en.wikipedia.org/wiki/Cloud_computing] enhances and facilitates better health care delivery. Yet, using this system for storage and exchange of patient information comes with a heavy burden of securing sensitive information. In this article the authors analyzed security and privacy requirements of Cloud base Electronic health record system. They also pointed out some of the important steps that needed to be taken | + | The article stated that Cloud computing system [http://en.wikipedia.org/wiki/Cloud_computing] enhances and facilitates better health care delivery. Yet, using this system for storage and exchange of patient information comes with a heavy burden of securing sensitive information. In this article the authors analyzed security and privacy requirements of Cloud base Electronic health record system. They also pointed out some of the important steps that are needed to be taken by both health care providers and Cloud system providers to assure [[security]] and [[privacy ]] of sensitive patient information. |
| + | |||
==Method== | ==Method== | ||
In order to make the analysis, the authors reviewed published papers and researches about security and privacy using Medline as the main source of information. Besides that, they made direct contact to some providers to gain more information. | In order to make the analysis, the authors reviewed published papers and researches about security and privacy using Medline as the main source of information. Besides that, they made direct contact to some providers to gain more information. | ||
Revision as of 03:12, 10 April 2015
A review of an article by Rodrigues et al (2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health REcords System. [1]
Introduction
The article stated that Cloud computing system [1] enhances and facilitates better health care delivery. Yet, using this system for storage and exchange of patient information comes with a heavy burden of securing sensitive information. In this article the authors analyzed security and privacy requirements of Cloud base Electronic health record system. They also pointed out some of the important steps that are needed to be taken by both health care providers and Cloud system providers to assure security and privacy of sensitive patient information.
Method
In order to make the analysis, the authors reviewed published papers and researches about security and privacy using Medline as the main source of information. Besides that, they made direct contact to some providers to gain more information.
Result
As a result the article pointed out two categories of issues based on who needed to attend them. 1. Issues that needed to be considered by both Cloud system provider and healthcare provider are:
- Role-base access,
- Network security mechanisms,
- Data encryption,
- Digital signature and
- Access monitoring.
2. In addition to the above list that article stated “Cloud service provider must be compliant with various certification and third party requirements such as: SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA)”
Conclusion
The article pointed out that Cloud computing system is an emerging technology, with an expectation to revolutionize many fields. However, when it comes to healthcare services careful approach to wards patient privacy and information security should be granted while using the system to deliver care.
Comment
Cloud computing system has a potential to improve and enhance healthcare delivery; however, the risk of patient privacy and information security should be addressed before implementing the system.
References
- ↑ Rodrigues, J, Torre, I, Fernandez, G, Lopez-Coronado, M (August 2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Record Systems.Journal of Medical Internet Research. Vol 15. http://www-ncbi-nlm-nih-gov.ezproxyhost.library.tmc.edu/pmc/articles/PMC3757992/
