Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records Systems

From Clinfowiki
Jump to: navigation, search

A review of an article by Rodrigues et al (2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records System. [1]

Introduction

The article stated that Cloud computing system [1] enhances and facilitates better health care delivery. Yet, using this system for storage and exchange of patient information comes with a heavy burden of securing sensitive information. In this article, the authors analyzed security and privacy requirements of Cloud base Electronic health record system. They also pointed out some of the important steps that are needed to be taken by both health care providers and Cloud system providers to assure security and privacy of sensitive patient information.

Method

In order to make the analysis, the authors reviewed published papers and researches about security and privacy using Medline as the main source of information. Besides that, they made direct contact to some providers to gain more information.

Result

As a result the article pointed out two categories of issues based on who needed to attend them.

1. Issues that needed to be considered by both Cloud system provider and healthcare provider are:

  • Role-base access,
  • Network security mechanisms,
  • Data encryption,
  • Digital signature and
  • Access monitoring.

2. In addition to the above list that article stated “Cloud service provider must be compliant with various certification and third party requirements such as: SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA)”

Conclusion

The article pointed out that Cloud computing system is an emerging technology, with an expectation to revolutionize many fields. However, when it comes to healthcare services careful approach towards patient privacy and information security should be granted while using the system to deliver care.

Comment

Cloud computing system has a potential to improve and enhance healthcare delivery as there are 3 big trends that are utilizing this system. More physician practices are turning to cloud-based EHRs, Community hospitals and Medical imaging are also shifting to using cloud-bases systems as they provide more storage space. [2] However, the risk of patient privacy and information security should be addressed before implementing any Cloud-based EHR system.

References

  1. Rodrigues, J, Torre, I, Fernandez, G, Lopez-Coronado, M (August 2013). Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Record Systems.Journal of Medical Internet Research. Vol 15. http://www-ncbi-nlm-nih-gov.ezproxyhost.library.tmc.edu/pmc/articles/PMC3757992/
  2. Monegain, B. (2012, October 08). 3 big trends for the ehr cloud. Retrieved from http://www.healthcareitnews.com/news/3-big-trends-ehr-cloud?page=1
Retrieved from "https://www.clinfowiki.org/wiki/index.php?title=Analysis_of_the_Security_and_Privacy_Requirements_of_Cloud-Based_Electronic_Health_Records_Systems&oldid=22912"