placement for flash
Home > All Blogs > Cryptography Blog
1/20/2009 1:16:00 PM

Electronical Health Records - Law and Technology

by Andrew Y. Lindell

With Barack Obama about to take office, the privacy issues related to the digitilization of health records are being heavily debated; see this New York Times article and Slashdot discussion. Most of the controls being mentioned are legal and relate to two areas. The first considers how data may be aggregated and used (this is purely legal), and the second considers the security controls that must be implemented to prevent confidential data from being stolen (this is a combination of law of technology). The technological protections considered here are passive and relate to an organization's responsibilities to prevent raw data from being accessed (e.g., by laptops being lost or stolen or by an external attacker breaking into the organization's database). A third area that is more often ignored relates to technological solutions that enforce appropriate use of the confidential data. This starts with the simple and well-known requirement of access control; only those with a reason to look at a certain piece of data should be able to do so. However, it also extends further to more advanced controls.

In order to illustrate what I mean, let us consider for a moment the issue of ensuring that conflicting medications are not prescribed to the same patient. One way to achieve this is to provide a patient's doctor with access to a list of all of the medication that they are taking. This may make sense, but it may also suffice to have the doctor input the medication he or she wishes to prescribe and then wait for an automated response saying that this medication can be prescribed or should not be, based on the other medication taken by the patient. In many cases this is enough and it reveals much less information. (Note that although it makes sense that a patient's primary physician should have access to all of their medical history, this is not necessarily the case for others. For example, I don't think that someone's dentist needs to know that they are suffering from depression, unless there is the chance of a medication clash. If such a clash can occur, then as I have described above, it can be prevented without actually providing access to the raw sensitive data.)

It is my belief that active technological controls like the above should be considered more. Strict regulations regarding the use of medical data are essential. However, they are not enough! We can use technology to ensure that even those who are willing to break the law will have a hard time getting to data (unless they really need access to the raw data in order to carry out their job).

Currently rated 4.5 by 2 people

  • Currently 4.5/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Privacy | Cryptography

emailEmail   Digg thisDigg this   del.icio.usdel.icio.us   Slashdot It!Slashdot It!
Permalink | Comments (1)

Comments

1/28/2009

A compelling alternative to the online model of shared EHR exists called Health eCard. It currently operates across the UK in both NHS and private practices.

The entire patient EHR is downloaded from the primary surgery onto a secure USB flash drive that fits neatly into a standard size wallet. The cardholder then decides who accesses their EHR. The cardholder also controls access to an 'emergency access' area on the card which contains a summary care record.

Integration costs are manageable.
Data is secure.
Data is accessible.

G. Abrahams
Health eCard
http://www.healthecard.co.uk

G. Abrahams

 
© Aladdin Knowledge Systems Ltd. 1985-2010. All rights reserved.