Loading …

Privacy of personal information is one of our basic right.But,over the past several years,Internet has redefined privacy.In todays world of Facebook and Myspace and internet search engines,privacy is non-existent.
In practice of Medicine,privacy of patient related information plays an extremely important role.However as patients now search for health related information actively on the web as “Healthsumer”,definition of privacy needs to be readdressed.

Many groups openly advocate for more privacy controls especially when it is related to health information.
Are these concerns overstated,in a recent blog entry,Dr John Hamalka CIO of Harvard medical school reveled his entire personal medical data,that is a very brave and bold step.Although it is not recommended that all consumers reveal their personal data relating to health,yet obession with privacy of personal health record and raising concerns of going online is sometimes overstated.

Paper based records have been around for many years,yet they are not bullet-proofed for privacy.In a recent news article about medical records in garbage bins,raise issues about future of paper based records whether they are really secure?

On the other end of the spectrum,can digital storage of data be safe,yes and no.It depends on where the data is stored and how.In another news article- a computer hard drive containing sensitive patient information from a trust hospital was sold on the auction site eBay.

Across the Atlantic the same issue was raised in a study-the researchers randomly purchased 60 used disk drives from dealers in several provinces across Canada.They were able to retrieve health related data from 65 per cent of them.

Does this mean there is no fool-proof method of storing health related data?

Popularity: 80% [?]

 Loading …

HITRUST

is a common security framework group overseeing Electronic Health Record management.Their stated goal is to :

• Reduce confusion by implementing a single framework across multiple organizations
• Increase confidence by consumers, regulators and legislators in the industry’s ability to address these issues and to proactively protect sensitive information and healthcare systems
• Establish a single standard for organizations for internal and external measurement
• Reduce the number and complexity of security audits or reviews that organizations impose upon their trading partners

They plan to enroll around 155 members by the end of Feb 2008 in order to implement their framework.One of the major concerns is that this group currently involves only Major health care service providers,no small HIT vendors or hospital networks are part of this core group. it is comprised of only large health corporations like CVS Caremark, Cisco Systems, GE Healthcare, Highmark Inc., Hospital Corporation of America, Humana, Johnson & Johnson Healthcare Systems Inc., Philips Healthcare and Pitney Bowes.


The Questions raised across blogs is Can a few companies implement a standard for security in a major domain like Health without involvement of all stakeholders?

Will it succeed? and what about Personal Health Records?

Popularity: 54% [?]