As a new era dawns in the healthcare industry, it is important to examine how removing siloed data and changing healthcare practices impact patient security. Government initiatives and healthcare information technology advances are responsible for eliminating historic data silos and developing dynamic data warehouses where patient information is readily accessible. As a result, methods such as electronic health records (EHR) and health information exchanges (HIE) have emerged to overcome the healthcare cost, quality and access conundrum.
While EHR make record keeping more efficient and improve coordinated care, the required connectedness brings its own concerns with security and privacy. Healthcare organizations with access to patient information are required to protect patient information. Thanks to the Health Information Technology for Economic and Clinical Health (HITECH) section of the American Recovery and Reinvestment Act of 2009, organizations that fail to protect patient information can be fined up to $50,000 per violation and required to report specific types of security breaches to the media. These stiff penalties have added an element of urgency to identify and address potential security risks. This paper outlines privacy and security, and then evaluates privacy and security issues associated with HIE opt-in and opt-out models.
Published: November 1, 2011
Written By: Amanda Buie