The gathering and exchange of personal data electronically has significant public health benefits but it threatens the privacy of individuals; privacy breaches lead to discrimination of an individual in employment, insurance, and government programs. People concerned about privacy may avoid clinical or public health tests, treatments, or research due to a scar of privacy invasions. (Gostin LO, 2001)
Risk of Electronic Security Threats to EHR/HIS is a critical issue because as per the privacy and security rule of The Health Insurance Portability and Accountability Act (HIPAA) the patient’s medical records are to be secured and private which can be accessible only the hospital authorities and the doctors in charge of the patient and the patient himself.
The formats of electronic data improves the performance of public health functions, but threaten privacy as they can be duplicated and transmitted very easily to unauthorized people.
A specific threat is the risk of storing and transmitting the electronic health record over the websites, network, computers or servers.
A consequence of this threat is the loss of sensitive and confidential patient personal and medical data or the disclosure of same. Counter-measures to minimize or alleviate this risk include preventive engineering and educating the staff. The CPSI system is susceptible to this risk. For instance, when a care provider does/requests major surgery, a patient medical history is required in order to complete the surgery successfully. If the medical history is not available due loss of data the surgery may not be successful due to major areas of concern and precaution being neglected due to missing of the history report. Hence the patient data being stored has to be safe and secure for the medical institution to run successfully.
Introduction
The introduction of information technology into the clinical environment holds the promise of reduced the physical and paper work to be done by the hospital staff and improved information management. However, with this promise comes the risk of security threat to the electronic health record.
The risk of electronic security threat is defined as duplication and transmitting of the patient electronic health record to and by unauthorized users who may misuse the data for illegal purpose. This threat involves illegally accessing the patient data by the unauthorized users who misuse the data or damage the data, or may duplicate the data in order to either harm the fame of the medical institution or the doctors or the patients.
The purpose of this paper is to describe the specific threat posed due electronic storage and transmitting of the data over websites, computers and servers.
The consequences of this storage and transmission of data electronically for a patient medical record can range from normal to severe. The following section describes the consequences of storage and transmission of data electronically for an EHR
Consequences to EHR
Risk of Electronic Security Threats to EHR/HIS is a critical issue because as per the privacy and security rule of The Health Insurance Portability and Accountability Act (HIPAA) the patient’s medical records are to be secured and private which can be accessible only the hospital authorities and the doctors in charge of the patient and the patient himself.
The privacy and security rule of HIPAA states that health information identified individually is the information created and received by a health care provider that is relative to health of an individual, including information regarding the demographics of the individual and, that which can be used to identify an individual. (Miller JD, 2010)
HIPAA poses severe penalties to the people and institutions which fail to abide by the security and privacy rule. The penalties vary from cash penalties to imprisonment. Hence it is necessary that the medical institutions that practice HER system take care that the medical records are secure and private and not accessible to unauthorized users. (Gostin LO, 2001)
The files or server rooms pose a risk to the EHR as the access keys to the server rooms and the file can be copied. The employees even after termination from the jobs can retain the keys to the files and the server rooms. Combination of the locks may not be shared or may not be changed as often. This leads to the patient medical data being disclosed, lost or manipulated. (Myers J, 2008)
This patient data if lost may lead to situations where the doctors do not have the patient’s medical history necessary for the treatment which may lead to cases where the doctors may perform major surgeries without knowing the patients historical conditions and which may lead to severe problems for the patient and may even cause death.
For example if a patient having diabetes visits a hospital for a major surgery. This patient has previously been to the hospital several times before and is expected to have his medical history safely stored in the records maintained by the hospital. In case the patient’s medical records are lost the doctors may think that the patients has no past history of major diseases and may conduct the surgery without having a notion of the patient’s condition where the patient may bleed to death during or after surgery due to non-clotting of the blood as the diabetes patients have a problem of blood not clotting quickly as a result of lack of the necessary platelets which are the main composition of the blood needed for clotting.
The patient data may be disclosed over the desks or work stations. Patient information that is sensitive may be left on a desk or in an unlocked drawer or cabinet or may be left over the computer screen which can be over seen by the passer by and be disclosed. (Myers J, 2008)
The patient data may be disclosed due to the use or misuse of printing media such as printers where the hard copies of the reports are left on the printers before retrieving the reports or the reports are sent to wrong printers or the printed reports are improperly discarded. (Myers J, 2008)
The patient data may be disclosed due to the use fax services where the reports are mistakenly send to unintended phone numbers or recipients or the reports do not contain the necessary confidentiality statement. (Myers J, 2008)
The patient data may be disclosed due to the use wireless devices such as the blackberries and other PDA’s and the use of USB flash drives which are used to store the patient data. These devices may be lost or stolen or may not be password protected which if accessed by unauthorized users; the unauthorized users may misuse the patient data. (Myers J, 2008)
The patient data may be disclosed due to lost or stolen desktop computers or laptops and which are not password protected and the data on the hard drive has not been erased before discarding or reassigning the computer to another employee. (Myers J, 2008)
The patient data may be disclosed due to the storage of the sensitive information on shared network drives to which other users on the network are not supposed to have the access. (Myers J, 2008)
The patient data may be disclosed due to the servers containing the sensitive databases with all the patient data which may be inappropriately accessed by users that are not authorized to access the databases. These unauthorized users may use e-mail, portable media or some applications to transfer the sensitive information from the servers. (Myers J, 2008)
The disclosure of information may be either intentional or unintentional. Be it intentional or unintentional both of them cause a lot of damage to the hospital and the patient.
For example in countries like India where gender test on fetus is an illegal crime if the sonography reports are left over the computer screen and seen by the relative of the patients, the relatives may force the patient for an abortion if they find out that the baby is a female. This leads to feticide which is a crime that has severe penalties for all the people related to this act. The hospital as well as the patients’ relatives may be charged a criminal suit for feticide and gender testing. All this will lead to defamation of the hospital and staff even though it was not done intentionally.
Get Help With Your Essay
If you need assistance with writing your essay, our professional essay writing service is here to help!
For example if the hospital databases on the server is accessed by an unauthorized user and he retrieves the list of patients who have been to the hospital for some check up. If that person for some reason uses the contact details of the patients and contacts them and tells them that they have been tested positive for HIV the patients may either go into depression and lose hopes on their lives or they might file a suit against the hospital for negligence but in reality they have not been infected by the virus. The person who illegally obtains the patient details from the database over the server may do so in order to take revenge of some personal problem or under pressure of some illegal persons. This is called subornation.
If these risks are not mitigated or alleviated, there is the risk that the hospital may unknowingly break the laws and rules imposed by HIPAA and may also cause a severe danger to patients. Therefore counter measures must be adopted that will help the hospitals to avoid these threats to come into action. The following section outlines some basic interventions that reduce a hospital/clinic/care provider’s risk to electronic security threat.
Counter-measures
The technologies in today’s world are prone to risks and hence no system can be rendered risk free but certain steps can be taken to avoid the risk of Electronic Security Threats to EHR. (Myers J, 2008)
There are two types of counter-measures to the risk of Electronic Security Threats to EHR/HIS. One type is technical or preventive engineering; the other involves training and procedures to educate the staff members so that care is taken to avoid the risks. (Myers J, 2008)
Technical counter-measures include restriction of access to the file/server rooms so that only authorized users have access to the confidential data. Video surveillance of file/server rooms ensures that unauthorized users cannot get access to the server rooms and if the security is breached and the unauthorized user gains access to the server room they can be caught hold of even before they get access to the data. Ensuring that appropriate access is assigned/de-assigned to the user based on his status might help in ensuring that past employees have no access to the confidential data. The highly sensitive file/server rooms, must have multifactor authentication access such as biometric validation like finger printing or retina scan and restricting the access to only in the supervision of the supervisor. (Myers J, 2008)
Other technical counter-measures include assembling of desks and structuring of work stations so as to separate them or partition them to create and maintain a work environment that is secure. (Myers J, 2008)
Disconnecting the servers that contain sensitive data from printers and enabling only local printers for computers that contain sensitive information avoids the disclosure of data as no data be revealed to the people outside the hospital. (Myers J, 2008)
Programming the fax machines with function for speed dial and maintaining master lists so that dialing errors are avoided and restricting certain fax machines so that they can dial only certain numbers can avoid mis-addressing of the faxes with confidential data. Programming fax machines so that they automatically include the confidentiality statement whenever a fax is sent will avoid the legal breaches to confidentiality of the patient data. (Myers J, 2008)
Enforcing password protection on all the devices that store and transport patient data and encrypting all these devices will protect the patient information even if the devices are lost or stolen. Employing inventory control procedures and deactivating devices that are unaccounted for. (Myers J, 2008)
Protecting all desktops with Password and encrypting hard drives of all desktops, laptops and shared drives with sensitive data helps keeping the data related to the patients confidential. (Myers J, 2008)
Creating thin client workstations in order to manage the data on an isolated network such that there are no other applications and no access to internet at workstation, beyond data-entry program; restricting the usage of external drives, data ports, or printers and restricting installation of printers on the servers helps us to keep the data secure and private even though the data is on a server. Encrypting of the server, the back-up of server and storing back-up in off-site location which has restricted access and is under constant video surveillance helps us secure the back-up data. Auditing the user access and his activity over the server helps us stop the illegitimate access and use of the servers which in turn helps us keep the data safe and secure. (Myers J, 2008)
These counter measures are effective when coupled with educating the staff on how to store and handle the data and the resources.
The hospital has to instruct the users they are not allowed to copy keys or share combinations, are not supposed to leave the sensitive data on their desks, in unlocked drawers/cabinets or printers, devices, portable media, hard drive, laptops, shared user drives.
The hospital has to instruct the users they need to confirm the location of the printer before printing sensitive information, and that they are not supposed to make copies of sensitive data.
The hospital has to instruct the users that they need to verify the destination number for the fax before sending the fax and they need to coordinate the fax transmitted between sender and receiver. The hospital has to instruct the staff to include a confidentiality statement with all the faxes that are sent, how to track computers to ensure that data are appropriately erased, how to handle sensitive information appropriately.
Ultimately risk and counter-measures must be assessed for a specific EHR. The following section discusses the risk of Electronic Security Threats in the CPSI system and briefly discusses appropriate counter-measures.
Implication for CPSI system
The CPSI system is an enterprise-wide, single-source electronic medical record (EMR) system. The system uses a server based application that allows the users to log-in to the system from anywhere in the world over the internet.
The CPSI system is vulnerable to the Electronic Security Threats as the data of the patients is stored on the servers which are vulnerable unauthorized access. The server rooms are also vulnerable to unauthorized access. Also the data over the servers may be disclosed over the network due to other network threats.
The CPSI system can mitigate the Electronic Security Threats by enforcing biometric validation of the persons who are trying to enter the server rooms. The biometric validations may either be finger printing or retina scanning or both.
The CPSI system should consider password protecting the servers so that even if the security to enter the server rooms is breached the unauthorized user cannot access the server.
The CPSI system should consider encrypting the data on the server so that even if the security to enter the server rooms and access to the server is breached the unauthorized user cannot read the sensitive information.
The CPSI system should consider encrypting the back-up data in secure servers in biometrically validated server rooms.
The CPSI should take care that it does not allow any of the staff members to use portable devices with the computers and there should not be any internet access using which the staff members might transmit sensitive data.
In this way CPSI system can maintain the patient data securely and avoid any circumstances of data being disclosed which may lead the CPSI system into legal hassles and also CPSI system can be sure to abide by the security rule of HIPAA.
Cite This Work
To export a reference to this article please select a referencing style below: