SlideShare ist ein Scribd-Unternehmen logo

Standards and Best Practices for Confidentiality of Electronic Health Records

MEASURE Evaluation
MEASURE Evaluation

Presented by Manish Kumar and Sam Wambugu

Bildung
1 von 19
Primer: Standards and Best Practices for Confidentiality of Electronic Health Records Manish Kumar Sam Wambugu MEASURE Evaluation September28, 2015 Informatics Webinar
Outline 1. Context 2. Situation in lower- and middle-income countries (LMIC) 3. Information systems for electronic health records (EHR) 4. Key concepts 5. Security, confidentiality, and privacy analysis 6. Global standards
To describe key concepts, outline global standards, and suggest key steps for organizations to protect and manage access to and use of individual health information in electronic health records. Purpose
“Ensuring the information is processed lawfully and fairly, and is kept secure, is a common value of everyone involved in health care.” − Policy Engagement Network IDRC − 2010
Context  Strong health information systems (HIS) are critical for health systems strengthening  EHR systems are used for:  improving quality of care  reducing cost  enhancing patient mobility  better record keeping  enabling evidence-based medicine
Context, cont.  Transition from paper-based to EHR poses challenges for privacy and confidentiality, security, and data integrity  Expertise on privacy and security aspects of eHealth systems in LMIC is lacking  Understanding of key concepts, standards, and security management practices is necessary
Situation in LMIC  Most of the scientific literature is from developed country experiences  LMICs tend to lack legal and regulatory safeguards  International treaties and conventions may have been signed, but they are not enacted into laws  Where laws exist, regulations that give life to laws are absent  eHealth is not getting the same legislative momentum as e-Commerce and e-Government
Method • Reviewed secondary literature • Literature search was limited to literature published in English and accessible through scientific databases. We used:  PubMed  MeSH (medical subject headings) for “Electronic Health Records” together with other pertinent keywords: privacy, security, confidentiality, protected health information, personally identifiable information
eHealth systems 1. Electronic health records and electronic medical records that capture and store patient information 2. Laboratory information management systems 3. Prescription information systems within hospitals 4. Patient registration and scheduling systems 5. Systems for aggregating and reporting information, monitoring health programs, and tracking patients’ status 6. Clinical decision support systems 7. Patient reminder systems (for example: for prompting patients to take medications or visit a clinic) − mHealth 8. Systems for medical research Electronic systems with patient-identifiable information:
Key concepts in EHR (1) Electronic Health Records Personal Health Information Individual Identifiable Health Information Privacy Security Confidentiality
Key concepts in EHR (2) 1. Electronic health record (EHR) “One or more repositories, physically or virtually integrated, of information in computer processable form, relevant to the wellness, health, and healthcare of an individual, capable of being stored and communicated securely and of being accessible by multiple authorized users, represented according to a standardized or commonly agreed logical information model…” ISO 18308:2011 2. Personal health information “Personal health information is information about an identifiable person which relates to the physical or mental health of the individual, or to provision of health services to the individual…” ISO 27799
Key concepts in EHR (3) 3. Individually identifiable health information “Information, including demographic information that relates to:  the individual’s past, present, or future physical or mental health or condition,  the provision of healthcare to the individual, or  the past, present, or future payment for the provision of healthcare to the individual…” −Health Insurance Portability and Accountability Act (HIPAA) of 1996
Key concepts in EHR (4) 4. Privacy = individual’s right to decide about access to their personal information: what information to share, with whom to share, and how to share 5. Security = protection measures and tools that safeguards health information and health information systems from any unauthorized access to or modification of information, denial of service to authorized users, and provision of service to unauthorized users 6. Confidentiality is intertwined with privacy and security. It is a tool to protect privacy or an act of limiting disclosure of private matters.
Security analysis Confidentiality, integrity, and availability triad of NIST
Ensuring privacy, security, and confidentiality • Even though technology and standards are integral to security and privacy of health information in EHR, healthcare providers have the prime responsibility • Information security involves a number of non- technical factors: • organizational policy • human resources • communication networks • roles and processes • monitoring and compliance
Global standards (1) • Health informatics standards are set by both international and national standard organizations.  ISO is the global authority for standards  European Committee for Standardization (CEN) is the European authority for standards  American National Standards Institute (ANSI), approves official national standards in the United States • Work of these standard organizations inform and influence each others’ standard development processes. • Adoption, implementation, and compliance to standards in a healthcare system is context-specific.
Global standards (2)  Availability of international and national health informatics standards is critical but not enough to protect individual health information.  Information security involves a number of non-technical factors such as organizational policy, human resource, communication networks, roles and processes, monitoring and compliance  Inadequate identification and authentication of users, unauthorized access and inadequate monitoring of user activity, inappropriate disclosure, reporting requirements, and poor security are key sources of privacy breaches (Neame 2014)
Conclusion • While EHR systems are vital to improved and continuity of care data privacy, security and confidentiality issues can create hurdles • To be effective, the principles of privacy, confidentiality, and security in the eHealth environment must be supported by local awareness and a strong national legal and regulatory footing • Awareness and understanding of related key concepts can create an enabling environment • National and international health informatics standards and legislation are essential
MEASURE Evaluation is funded by the U.S. Agency for International Development (USAID) under terms of Cooperative Agreement AID-OAA-L-14-00004 and implemented by the Carolina Population Center, University of North Carolina at Chapel Hill in partnership with ICF International, John Snow, Inc., Management Sciences for Health, Palladium Group, and Tulane University. The views expressed in this presentation do not necessarily reflect the views of USAID or the United States government. www.measureevaluation.org For more information on MEASURE Evaluation’s work in health informatics, visit: www.cpc.unc.edu/measure/publications/fs-15-141

Empfohlen

Health information exchange (HIE)
Health information exchange (HIE)Health information exchange (HIE)
Health information exchange (HIE)
ACCESS Health Digital
 
Use of Electronic Health Record Data in Clinical Investigation Guidance for I...
Use of Electronic Health Record Data in Clinical Investigation Guidance for I...Use of Electronic Health Record Data in Clinical Investigation Guidance for I...
Use of Electronic Health Record Data in Clinical Investigation Guidance for I...
Sungpil Han
 
Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)
Nawanan Theera-Ampornpunt
 
Electronic Health Record
Electronic Health RecordElectronic Health Record
Electronic Health Record
mr stark
 
Powerpoint on electronic health record lab 1
Powerpoint on electronic health record lab 1Powerpoint on electronic health record lab 1
Powerpoint on electronic health record lab 1
nephrology193
 
Electronic health record powerpoint assignment for informatics
Electronic health record powerpoint assignment for informaticsElectronic health record powerpoint assignment for informatics
Electronic health record powerpoint assignment for informatics
Michaelina Alexander
 
Health Information Exchange (HIE)
Health Information Exchange (HIE)Health Information Exchange (HIE)
Health Information Exchange (HIE)
Greenway Health
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA Basics
Karna *
 

Empfohlen

Health information exchange (HIE)
Health information exchange (HIE)Health information exchange (HIE)
Health information exchange (HIE)
ACCESS Health Digital
 
Use of Electronic Health Record Data in Clinical Investigation Guidance for I...
Use of Electronic Health Record Data in Clinical Investigation Guidance for I...Use of Electronic Health Record Data in Clinical Investigation Guidance for I...
Use of Electronic Health Record Data in Clinical Investigation Guidance for I...
Sungpil Han
 
Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)
Nawanan Theera-Ampornpunt
 
Electronic Health Record
Electronic Health RecordElectronic Health Record
Electronic Health Record
mr stark
 
Powerpoint on electronic health record lab 1
Powerpoint on electronic health record lab 1Powerpoint on electronic health record lab 1
Powerpoint on electronic health record lab 1
nephrology193
 
Electronic health record powerpoint assignment for informatics
Electronic health record powerpoint assignment for informaticsElectronic health record powerpoint assignment for informatics
Electronic health record powerpoint assignment for informatics
Michaelina Alexander
 
Health Information Exchange (HIE)
Health Information Exchange (HIE)Health Information Exchange (HIE)
Health Information Exchange (HIE)
Greenway Health
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA Basics
Karna *
 
Electronic health record
Electronic health recordElectronic health record
Electronic health record
PS Deb
 
Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)
Nawanan Theera-Ampornpunt
 
Powerpoint presentation on EHR
Powerpoint presentation on EHRPowerpoint presentation on EHR
Powerpoint presentation on EHR
informatics-jacqueline
 
Electronic Medical Record
Electronic Medical RecordElectronic Medical Record
Electronic Medical Record
Tricia Gervacio
 
Use of IT in the Hospitals
Use of IT in the HospitalsUse of IT in the Hospitals
Use of IT in the Hospitals
Yash Vardhan
 
Healthcare information technology
Healthcare information technologyHealthcare information technology
Healthcare information technology
Dr.Vijay Talla
 
Healthcare analytics
Healthcare analytics Healthcare analytics
Healthcare analytics
Arun K
 
Hospital information systems - HIS
Hospital information systems - HISHospital information systems - HIS
Hospital information systems - HIS
KHALID C
 
Electronic medical record for Doctors
Electronic medical record for DoctorsElectronic medical record for Doctors
Electronic medical record for Doctors
Railwire
 
information technology in healthcare
information technology in healthcareinformation technology in healthcare
information technology in healthcare
Samiksha Parab
 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability Act
Harshit Trivedi
 
Clinical Decision Support Systems
Clinical Decision Support SystemsClinical Decision Support Systems
Clinical Decision Support Systems
Nawanan Theera-Ampornpunt
 
Electronic Health Records: Implications for IMO State's Healthcare System
Electronic Health Records: Implications for IMO State's Healthcare SystemElectronic Health Records: Implications for IMO State's Healthcare System
Electronic Health Records: Implications for IMO State's Healthcare System
Michael Loechel
 
XDS - Cross-Enterprise Document Sharing
XDS - Cross-Enterprise Document SharingXDS - Cross-Enterprise Document Sharing
XDS - Cross-Enterprise Document Sharing
Health Informatics New Zealand
 
ROLE OF IT IN HOSPITALS
ROLE OF IT IN HOSPITALSROLE OF IT IN HOSPITALS
ROLE OF IT IN HOSPITALS
GAURAV PRAKASH
 
Estándares Gerencia de la Información
Estándares Gerencia de la InformaciónEstándares Gerencia de la Información
Estándares Gerencia de la Información
Angela Patricia Espinosa Pineda
 
Presentation hippa
Presentation hippaPresentation hippa
Presentation hippa
maggie_Platt
 
Electronic Health Record System and Its Key Benefits to Healthcare Industry
Electronic Health Record System and Its Key Benefits to Healthcare IndustryElectronic Health Record System and Its Key Benefits to Healthcare Industry
Electronic Health Record System and Its Key Benefits to Healthcare Industry
Calance
 
Introduction to Health Informatics
Introduction to Health InformaticsIntroduction to Health Informatics
Introduction to Health Informatics
Moustafa Hosni
 
e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...
e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...
e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...
eGov Magazine
 
Digital health at DH: guidance, support and best practice
Digital health at DH: guidance, support and best practiceDigital health at DH: guidance, support and best practice
Digital health at DH: guidance, support and best practice
Tim Lloyd
 
Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...
Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...
Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...
MEASURE Evaluation
 

Weitere ähnliche Inhalte

Was ist angesagt?

Electronic health record
Electronic health recordElectronic health record
Electronic health record
PS Deb
 
Healthcare information technology
Healthcare information technologyHealthcare information technology
Healthcare information technology
Dr.Vijay Talla
 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability Act
Harshit Trivedi
 

Was ist angesagt? (20)

Electronic health record
Electronic health recordElectronic health record
Electronic health record
 
Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)
 
Powerpoint presentation on EHR
Powerpoint presentation on EHRPowerpoint presentation on EHR
Powerpoint presentation on EHR
 
Electronic Medical Record
Electronic Medical RecordElectronic Medical Record
Electronic Medical Record
 
Use of IT in the Hospitals
Use of IT in the HospitalsUse of IT in the Hospitals
Use of IT in the Hospitals
 
Healthcare information technology
Healthcare information technologyHealthcare information technology
Healthcare information technology
 
Healthcare analytics
Healthcare analytics Healthcare analytics
Healthcare analytics
 
Hospital information systems - HIS
Hospital information systems - HISHospital information systems - HIS
Hospital information systems - HIS
 
Electronic medical record for Doctors
Electronic medical record for DoctorsElectronic medical record for Doctors
Electronic medical record for Doctors
 
information technology in healthcare
information technology in healthcareinformation technology in healthcare
information technology in healthcare
 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability Act
 
Clinical Decision Support Systems
Clinical Decision Support SystemsClinical Decision Support Systems
Clinical Decision Support Systems
 
Electronic Health Records: Implications for IMO State's Healthcare System
Electronic Health Records: Implications for IMO State's Healthcare SystemElectronic Health Records: Implications for IMO State's Healthcare System
Electronic Health Records: Implications for IMO State's Healthcare System
 
XDS - Cross-Enterprise Document Sharing
XDS - Cross-Enterprise Document SharingXDS - Cross-Enterprise Document Sharing
XDS - Cross-Enterprise Document Sharing
 
ROLE OF IT IN HOSPITALS
ROLE OF IT IN HOSPITALSROLE OF IT IN HOSPITALS
ROLE OF IT IN HOSPITALS
 
Estándares Gerencia de la Información
Estándares Gerencia de la InformaciónEstándares Gerencia de la Información
Estándares Gerencia de la Información
 
Presentation hippa
Presentation hippaPresentation hippa
Presentation hippa
 
Electronic Health Record System and Its Key Benefits to Healthcare Industry
Electronic Health Record System and Its Key Benefits to Healthcare IndustryElectronic Health Record System and Its Key Benefits to Healthcare Industry
Electronic Health Record System and Its Key Benefits to Healthcare Industry
 
Introduction to Health Informatics
Introduction to Health InformaticsIntroduction to Health Informatics
Introduction to Health Informatics
 
e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...
e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...
e-Health Care - Gyanesh Pandey, Chairman & Managing Director, HSCC(India) Lim...
 

Andere mochten auch

Digital health at DH: guidance, support and best practice
Digital health at DH: guidance, support and best practiceDigital health at DH: guidance, support and best practice
Digital health at DH: guidance, support and best practice
Tim Lloyd
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updated
kkurapat
 
Sylvia hipaa powerpoint presentation 2010(2)
Sylvia hipaa powerpoint presentation 2010(2)Sylvia hipaa powerpoint presentation 2010(2)
Sylvia hipaa powerpoint presentation 2010(2)
bholmes
 

Andere mochten auch (13)

Digital health at DH: guidance, support and best practice
Digital health at DH: guidance, support and best practiceDigital health at DH: guidance, support and best practice
Digital health at DH: guidance, support and best practice
 
Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...
Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...
Impact Evaluation of Approaches to Strengthen Health Facility Operation and M...
 
Evaluations of Gender-Integrated Reproductive Health Interventions: A Review ...
Evaluations of Gender-Integrated Reproductive Health Interventions: A Review ...Evaluations of Gender-Integrated Reproductive Health Interventions: A Review ...
Evaluations of Gender-Integrated Reproductive Health Interventions: A Review ...
 
Monitoring and Evaluating Male Engagement in Family Planning Programs
Monitoring and Evaluating Male Engagement in Family Planning ProgramsMonitoring and Evaluating Male Engagement in Family Planning Programs
Monitoring and Evaluating Male Engagement in Family Planning Programs
 
Implementing the Population Registration System: Progress Towards a Data Revo...
Implementing the Population Registration System: Progress Towards a Data Revo...Implementing the Population Registration System: Progress Towards a Data Revo...
Implementing the Population Registration System: Progress Towards a Data Revo...
 
Digital Data Ethics: Harnessing without Hurting
Digital Data Ethics: Harnessing without HurtingDigital Data Ethics: Harnessing without Hurting
Digital Data Ethics: Harnessing without Hurting
 
Evaluation of the Impact of Malaria Control Interventions on All-Cause Mortal...
Evaluation of the Impact of Malaria Control Interventions on All-Cause Mortal...Evaluation of the Impact of Malaria Control Interventions on All-Cause Mortal...
Evaluation of the Impact of Malaria Control Interventions on All-Cause Mortal...
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updated
 
Fundamentals of Program Impact Evaluation
Fundamentals of Program Impact EvaluationFundamentals of Program Impact Evaluation
Fundamentals of Program Impact Evaluation
 
Lessons Learned Collecting Most Significant Change Stories in an Impact Evalu...
Lessons Learned Collecting Most Significant Change Stories in an Impact Evalu...Lessons Learned Collecting Most Significant Change Stories in an Impact Evalu...
Lessons Learned Collecting Most Significant Change Stories in an Impact Evalu...
 
Sylvia hipaa powerpoint presentation 2010(2)
Sylvia hipaa powerpoint presentation 2010(2)Sylvia hipaa powerpoint presentation 2010(2)
Sylvia hipaa powerpoint presentation 2010(2)
 
Data Quality Review (DQR) Methods and Tools: Holistic, Country-Led Data Qual...
Data Quality Review (DQR) Methods and Tools: Holistic, Country-Led Data Qual...Data Quality Review (DQR) Methods and Tools: Holistic, Country-Led Data Qual...
Data Quality Review (DQR) Methods and Tools: Holistic, Country-Led Data Qual...
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 

Ähnlich wie Standards and Best Practices for Confidentiality of Electronic Health Records

Ehr by jessica austin, shaun baker, victoria blankenship and kayla boro
Ehr by jessica austin, shaun baker, victoria blankenship and kayla boroEhr by jessica austin, shaun baker, victoria blankenship and kayla boro
Ehr by jessica austin, shaun baker, victoria blankenship and kayla boro
kayla_ann_30
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information Exchange
Trend Micro
 
Implementing The Affordable Care Act Essay
Implementing The Affordable Care Act EssayImplementing The Affordable Care Act Essay
Implementing The Affordable Care Act Essay
Michelle Love
 
Virtual Mentor American Medical Association Journal of Ethi.docx
Virtual Mentor American Medical Association Journal of Ethi.docxVirtual Mentor American Medical Association Journal of Ethi.docx
Virtual Mentor American Medical Association Journal of Ethi.docx
sheronlewthwaite
 
International Journal of Telerehabilitation • telere.docx
International Journal of Telerehabilitation • telere.docxInternational Journal of Telerehabilitation • telere.docx
International Journal of Telerehabilitation • telere.docx
tarifarmarie
 
Management information system in health care
Management information system in health careManagement information system in health care
Management information system in health care
NewNurseMaria
 
Nursing informatic'spresentation
Nursing informatic'spresentationNursing informatic'spresentation
Nursing informatic'spresentation
queeniejoy
 
PSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docx
PSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docxPSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docx
PSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docx
woodruffeloisa
 
HIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU SimplifiedHIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU Simplified
Gretchen Husted
 
Accenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-System
Accenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-SystemAccenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-System
Accenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-System
Dr.Nilesh Sudam B
 
eHealth Practice in Europe: where do we stand?
eHealth Practice in Europe: where do we stand?eHealth Practice in Europe: where do we stand?
eHealth Practice in Europe: where do we stand?
chronaki
 

Ähnlich wie Standards and Best Practices for Confidentiality of Electronic Health Records (20)

Ehr by jessica austin, shaun baker, victoria blankenship and kayla boro
Ehr by jessica austin, shaun baker, victoria blankenship and kayla boroEhr by jessica austin, shaun baker, victoria blankenship and kayla boro
Ehr by jessica austin, shaun baker, victoria blankenship and kayla boro
 
Mha 690 discussion 2 Seynabou
Mha 690 discussion 2 SeynabouMha 690 discussion 2 Seynabou
Mha 690 discussion 2 Seynabou
 
Health IT and OpenMRS
Health IT and OpenMRSHealth IT and OpenMRS
Health IT and OpenMRS
 
Security Best Practices for Health Information Exchange
Security Best Practices for Health Information ExchangeSecurity Best Practices for Health Information Exchange
Security Best Practices for Health Information Exchange
 
Nursing Informatics
Nursing InformaticsNursing Informatics
Nursing Informatics
 
ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:ELECTRONIC HEALTH RECORD SYSTEMS:
ELECTRONIC HEALTH RECORD SYSTEMS:
 
Implementing The Affordable Care Act Essay
Implementing The Affordable Care Act EssayImplementing The Affordable Care Act Essay
Implementing The Affordable Care Act Essay
 
Virtual Mentor American Medical Association Journal of Ethi.docx
Virtual Mentor American Medical Association Journal of Ethi.docxVirtual Mentor American Medical Association Journal of Ethi.docx
Virtual Mentor American Medical Association Journal of Ethi.docx
 
Security & Privacy - Lecture E
Security & Privacy - Lecture ESecurity & Privacy - Lecture E
Security & Privacy - Lecture E
 
International Journal of Telerehabilitation • telere.docx
International Journal of Telerehabilitation • telere.docxInternational Journal of Telerehabilitation • telere.docx
International Journal of Telerehabilitation • telere.docx
 
Emerose galvez
Emerose galvezEmerose galvez
Emerose galvez
 
Management information system in health care
Management information system in health careManagement information system in health care
Management information system in health care
 
Nursing informatic'spresentation
Nursing informatic'spresentationNursing informatic'spresentation
Nursing informatic'spresentation
 
PSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docx
PSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docxPSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docx
PSYC 3500 Strategies for Enhancing Learning and MemorySelf-Evalu.docx
 
HIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU SimplifiedHIPAA-HITECH-MU Simplified
HIPAA-HITECH-MU Simplified
 
Accenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-System
Accenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-SystemAccenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-System
Accenture-Singapore-Journey-to-Build-National-Electronic-Health-Record-System
 
Health Data Sharing Scene Setting
Health Data Sharing Scene Setting Health Data Sharing Scene Setting
Health Data Sharing Scene Setting
 
eHealth Practice in Europe: where do we stand?
eHealth Practice in Europe: where do we stand?eHealth Practice in Europe: where do we stand?
eHealth Practice in Europe: where do we stand?
 
Survey of open source health information systems
Survey of open source health information systemsSurvey of open source health information systems
Survey of open source health information systems
 
SURVEY OF OPEN SOURCE HEALTH INFORMATION SYSTEMS
SURVEY OF OPEN SOURCE HEALTH INFORMATION SYSTEMS SURVEY OF OPEN SOURCE HEALTH INFORMATION SYSTEMS
SURVEY OF OPEN SOURCE HEALTH INFORMATION SYSTEMS
 

Mehr von MEASURE Evaluation

Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...
Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...
Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...
MEASURE Evaluation
 
Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...
Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...
Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...
MEASURE Evaluation
 

Mehr von MEASURE Evaluation (20)

Managing missing values in routinely reported data: One approach from the Dem...
Managing missing values in routinely reported data: One approach from the Dem...Managing missing values in routinely reported data: One approach from the Dem...
Managing missing values in routinely reported data: One approach from the Dem...
 
Use of Routine Data for Economic Evaluations
Use of Routine Data for Economic EvaluationsUse of Routine Data for Economic Evaluations
Use of Routine Data for Economic Evaluations
 
Routine data use in evaluation: practical guidance
Routine data use in evaluation: practical guidanceRoutine data use in evaluation: practical guidance
Routine data use in evaluation: practical guidance
 
Tuberculosis/HIV Mobility Study: Objectives and Background
Tuberculosis/HIV Mobility Study: Objectives and BackgroundTuberculosis/HIV Mobility Study: Objectives and Background
Tuberculosis/HIV Mobility Study: Objectives and Background
 
How to improve the capabilities of health information systems to address emer...
How to improve the capabilities of health information systems to address emer...How to improve the capabilities of health information systems to address emer...
How to improve the capabilities of health information systems to address emer...
 
LCI Evaluation Uganda Organizational Network Analysis
LCI Evaluation Uganda Organizational Network AnalysisLCI Evaluation Uganda Organizational Network Analysis
LCI Evaluation Uganda Organizational Network Analysis
 
Using Organizational Network Analysis to Plan and Evaluate Global Health Prog...
Using Organizational Network Analysis to Plan and Evaluate Global Health Prog...Using Organizational Network Analysis to Plan and Evaluate Global Health Prog...
Using Organizational Network Analysis to Plan and Evaluate Global Health Prog...
 
Understanding Referral Networks for Adolescent Girls and Young Women
Understanding Referral Networks for Adolescent Girls and Young WomenUnderstanding Referral Networks for Adolescent Girls and Young Women
Understanding Referral Networks for Adolescent Girls and Young Women
 
Data for Impact: Lessons Learned in Using the Ripple Effects Mapping Method
Data for Impact: Lessons Learned in Using the Ripple Effects Mapping MethodData for Impact: Lessons Learned in Using the Ripple Effects Mapping Method
Data for Impact: Lessons Learned in Using the Ripple Effects Mapping Method
 
Local Capacity Initiative (LCI) Evaluation
Local Capacity Initiative (LCI) EvaluationLocal Capacity Initiative (LCI) Evaluation
Local Capacity Initiative (LCI) Evaluation
 
Development and Validation of a Reproductive Empowerment Scale
Development and Validation of a Reproductive Empowerment ScaleDevelopment and Validation of a Reproductive Empowerment Scale
Development and Validation of a Reproductive Empowerment Scale
 
Sustaining the Impact: MEASURE Evaluation Conversation on Maternal and Child ...
Sustaining the Impact: MEASURE Evaluation Conversation on Maternal and Child ...Sustaining the Impact: MEASURE Evaluation Conversation on Maternal and Child ...
Sustaining the Impact: MEASURE Evaluation Conversation on Maternal and Child ...
 
Using Most Significant Change in a Mixed-Methods Evaluation in Uganda
Using Most Significant Change in a Mixed-Methods Evaluation in UgandaUsing Most Significant Change in a Mixed-Methods Evaluation in Uganda
Using Most Significant Change in a Mixed-Methods Evaluation in Uganda
 
Lessons Learned In Using the Most Significant Change Technique in Evaluation
Lessons Learned In Using the Most Significant Change Technique in EvaluationLessons Learned In Using the Most Significant Change Technique in Evaluation
Lessons Learned In Using the Most Significant Change Technique in Evaluation
 
Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...
Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...
Malaria Data Quality and Use in Selected Centers of Excellence in Madagascar:...
 
Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...
Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...
Evaluating National Malaria Programs’ Impact in Moderate- and Low-Transmissio...
 
Improved Performance of the Malaria Surveillance, Monitoring, and Evaluation ...
Improved Performance of the Malaria Surveillance, Monitoring, and Evaluation ...Improved Performance of the Malaria Surveillance, Monitoring, and Evaluation ...
Improved Performance of the Malaria Surveillance, Monitoring, and Evaluation ...
 
Lessons learned in using process tracing for evaluation
Lessons learned in using process tracing for evaluationLessons learned in using process tracing for evaluation
Lessons learned in using process tracing for evaluation
 
Use of Qualitative Comparative Analysis in the Assessment of the Actionable D...
Use of Qualitative Comparative Analysis in the Assessment of the Actionable D...Use of Qualitative Comparative Analysis in the Assessment of the Actionable D...
Use of Qualitative Comparative Analysis in the Assessment of the Actionable D...
 
Sustaining the Impact: MEASURE Evaluation Conversation on Health Informatics
Sustaining the Impact: MEASURE Evaluation Conversation on Health InformaticsSustaining the Impact: MEASURE Evaluation Conversation on Health Informatics
Sustaining the Impact: MEASURE Evaluation Conversation on Health Informatics
 

Kürzlich hochgeladen

Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Krashi Coaching
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 

Kürzlich hochgeladen (20)

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 

Standards and Best Practices for Confidentiality of Electronic Health Records

  • 1. Primer: Standards and Best Practices for Confidentiality of Electronic Health Records Manish Kumar Sam Wambugu MEASURE Evaluation September28, 2015 Informatics Webinar
  • 2. Outline 1. Context 2. Situation in lower- and middle-income countries (LMIC) 3. Information systems for electronic health records (EHR) 4. Key concepts 5. Security, confidentiality, and privacy analysis 6. Global standards
  • 3. To describe key concepts, outline global standards, and suggest key steps for organizations to protect and manage access to and use of individual health information in electronic health records. Purpose
  • 4. “Ensuring the information is processed lawfully and fairly, and is kept secure, is a common value of everyone involved in health care.” − Policy Engagement Network IDRC − 2010
  • 5. Context  Strong health information systems (HIS) are critical for health systems strengthening  EHR systems are used for:  improving quality of care  reducing cost  enhancing patient mobility  better record keeping  enabling evidence-based medicine
  • 6. Context, cont.  Transition from paper-based to EHR poses challenges for privacy and confidentiality, security, and data integrity  Expertise on privacy and security aspects of eHealth systems in LMIC is lacking  Understanding of key concepts, standards, and security management practices is necessary
  • 7. Situation in LMIC  Most of the scientific literature is from developed country experiences  LMICs tend to lack legal and regulatory safeguards  International treaties and conventions may have been signed, but they are not enacted into laws  Where laws exist, regulations that give life to laws are absent  eHealth is not getting the same legislative momentum as e-Commerce and e-Government
  • 8. Method • Reviewed secondary literature • Literature search was limited to literature published in English and accessible through scientific databases. We used:  PubMed  MeSH (medical subject headings) for “Electronic Health Records” together with other pertinent keywords: privacy, security, confidentiality, protected health information, personally identifiable information
  • 9. eHealth systems 1. Electronic health records and electronic medical records that capture and store patient information 2. Laboratory information management systems 3. Prescription information systems within hospitals 4. Patient registration and scheduling systems 5. Systems for aggregating and reporting information, monitoring health programs, and tracking patients’ status 6. Clinical decision support systems 7. Patient reminder systems (for example: for prompting patients to take medications or visit a clinic) − mHealth 8. Systems for medical research Electronic systems with patient-identifiable information:
  • 10. Key concepts in EHR (1) Electronic Health Records Personal Health Information Individual Identifiable Health Information Privacy Security Confidentiality
  • 11. Key concepts in EHR (2) 1. Electronic health record (EHR) “One or more repositories, physically or virtually integrated, of information in computer processable form, relevant to the wellness, health, and healthcare of an individual, capable of being stored and communicated securely and of being accessible by multiple authorized users, represented according to a standardized or commonly agreed logical information model…” ISO 18308:2011 2. Personal health information “Personal health information is information about an identifiable person which relates to the physical or mental health of the individual, or to provision of health services to the individual…” ISO 27799
  • 12. Key concepts in EHR (3) 3. Individually identifiable health information “Information, including demographic information that relates to:  the individual’s past, present, or future physical or mental health or condition,  the provision of healthcare to the individual, or  the past, present, or future payment for the provision of healthcare to the individual…” −Health Insurance Portability and Accountability Act (HIPAA) of 1996
  • 13. Key concepts in EHR (4) 4. Privacy = individual’s right to decide about access to their personal information: what information to share, with whom to share, and how to share 5. Security = protection measures and tools that safeguards health information and health information systems from any unauthorized access to or modification of information, denial of service to authorized users, and provision of service to unauthorized users 6. Confidentiality is intertwined with privacy and security. It is a tool to protect privacy or an act of limiting disclosure of private matters.
  • 14. Security analysis Confidentiality, integrity, and availability triad of NIST
  • 15. Ensuring privacy, security, and confidentiality • Even though technology and standards are integral to security and privacy of health information in EHR, healthcare providers have the prime responsibility • Information security involves a number of non- technical factors: • organizational policy • human resources • communication networks • roles and processes • monitoring and compliance
  • 16. Global standards (1) • Health informatics standards are set by both international and national standard organizations.  ISO is the global authority for standards  European Committee for Standardization (CEN) is the European authority for standards  American National Standards Institute (ANSI), approves official national standards in the United States • Work of these standard organizations inform and influence each others’ standard development processes. • Adoption, implementation, and compliance to standards in a healthcare system is context-specific.
  • 17. Global standards (2)  Availability of international and national health informatics standards is critical but not enough to protect individual health information.  Information security involves a number of non-technical factors such as organizational policy, human resource, communication networks, roles and processes, monitoring and compliance  Inadequate identification and authentication of users, unauthorized access and inadequate monitoring of user activity, inappropriate disclosure, reporting requirements, and poor security are key sources of privacy breaches (Neame 2014)
  • 18. Conclusion • While EHR systems are vital to improved and continuity of care data privacy, security and confidentiality issues can create hurdles • To be effective, the principles of privacy, confidentiality, and security in the eHealth environment must be supported by local awareness and a strong national legal and regulatory footing • Awareness and understanding of related key concepts can create an enabling environment • National and international health informatics standards and legislation are essential
  • 19. MEASURE Evaluation is funded by the U.S. Agency for International Development (USAID) under terms of Cooperative Agreement AID-OAA-L-14-00004 and implemented by the Carolina Population Center, University of North Carolina at Chapel Hill in partnership with ICF International, John Snow, Inc., Management Sciences for Health, Palladium Group, and Tulane University. The views expressed in this presentation do not necessarily reflect the views of USAID or the United States government. www.measureevaluation.org For more information on MEASURE Evaluation’s work in health informatics, visit: www.cpc.unc.edu/measure/publications/fs-15-141