Cybersecurity in healthcare: Comparing cybersecurity maturity and experiences across global healthcare organizations (Preprint)

BACKGROUND Health systems around the world are increasingly reliant on digital technology. Such reliance requires that healthcare organizations consider effective cybersecurity and digital resilience as a fundamental component of patient safety, with recent cyberattacks highlighting the risks to patients and targeted organizations. OBJECTIVE The purpose of this study was to explore the current global cybersecurity landscape and maturity in healthcare. METHODS We developed and administered a survey to examine the current cybersecurity landscape and preparedness level across global healthcare organizations. RESULTS Cyber threats were a common concern for the 17 healthcare organizations who participated. The principal concerns highlighted were data security, including the manipulation or loss of electronic health records; loss of trust in the organization; and risks of service disruption. Cybersecurity maturity scoring showed that despite the majority of organizations having established cybersecurity practices, levels of awareness and education were universally poor. CONCLUSIONS Policymakers should consider raising awareness and improving education/training on cybersecurity as a fundamental tenet of patient safety.

Download Full-text

A Global Socio-economic-medico-legal Model for the Sustainability of Longitudinal Electronic Health Records

Methods of Information in Medicine ◽

10.1055/s-0038-1634081 ◽

2006 ◽

Vol 45 (03) ◽

pp. 240-245 ◽

Cited By ~ 21

Author(s):

A. Shabo

Keyword(s):

Electronic Health Records ◽

Healthcare Providers ◽

Financial Assets ◽

Healthcare Organizations ◽

Health Records ◽

Record Keeping ◽

Proposed Model ◽

Legal Model ◽

Electronic Health

Summary Objectives: This paper pursues the challenge of sustaining lifetime electronic health records (EHRs) based on a comprehensive socio-economic-medico-legal model. The notion of a lifetime EHR extends the emerging concept of a longitudinal and cross-institutional EHR and is invaluable information for increasing patient safety and quality of care. Methods: The challenge is how to compile and sustain a coherent EHR across the lifetime of an individual. Several existing and hypothetical models are described, analyzed and compared in an attempt to suggest a preferred approach. Results: The vision is that lifetime EHRs should be sustained by new players in the healthcare arena, who will function as independent health record banks (IHRBs). Multiple competing IHRBs would be established and regulated following preemptive legislation. They should be neither owned by healthcare providers nor by health insurer/payers or government agencies. The new legislation should also stipulate that the records located in these banks be considered the medico-legal copies of an individual’s records, and that healthcare providers no longer serve as the legal record keepers. Conclusions: The proposed model is not centered on any of the current players in the field; instead, it is focussed on the objective service of sustaining individual EHRs, much like financial banks maintain and manage financial assets. This revolutionary structure provides two main benefits: 1) Healthcare organizations will be able to cut the costs of long-term record keeping, and 2) healthcare providers will be able to provide better care based on the availability of a lifelong EHR of their new patients.

Download Full-text

Reviewing the Benefits and Costs of Electronic Health Records and Associated Patient Safety Technologies

Journal of Medical Systems ◽

10.1007/s10916-005-7988-x ◽

2006 ◽

Vol 30 (3) ◽

pp. 159-168 ◽

Cited By ~ 55

Author(s):

Nir Menachemi ◽

Robert G. Brooks

Keyword(s):

Patient Safety ◽

Electronic Health Records ◽

Health Records ◽

Electronic Health ◽

Benefits And Costs

Download Full-text

Electronic Health Records and Patient Safety

Patient Safety in Surgery ◽

10.1007/978-1-4471-4369-7_19 ◽

2014 ◽

pp. 265-298

Author(s):

Michael S. Victoroff

Keyword(s):

Patient Safety ◽

Electronic Health Records ◽

Health Records ◽

Electronic Health

Download Full-text

Hierarchy Similarity Analyser-An Approach to Securely Share Electronic Health Records

Data Analytics in Medicine ◽

10.4018/978-1-7998-1204-3.ch074 ◽

2020 ◽

pp. 1485-1501

Author(s):

Shalini Bhartiya ◽

Deepti Mehrotra ◽

Anup Girdhar

Keyword(s):

Access Control ◽

Electronic Health Records ◽

Control Policy ◽

Healthcare Organizations ◽

Health Records ◽

Role Hierarchy ◽

Access Control Policies ◽

Electronic Health ◽

Policy Testing ◽

Organizational Rules

Health professionals need an access to various dimensions of Electronic Health Records (EHR). Depending on technical constraints, each organization defines its own access control schema exhibiting heterogeneity in organizational rules and policies. Achieving interoperability between such schemas often result in contradictory rules thereby exposing data to undue disclosures. Permitting interoperable sharing of EHRs and simultaneously restricting unauthorized access is the major objective of this paper. An Extensible Access Control Markup Language (XACML)-based framework, Hierarchy Similarity Analyser (HSA), is proposed which fine-grains access control policies of disparate healthcare organizations to achieve interoperable and secured sharing of EHR under set authorizations. The proposed framework is implemented and verified using automated Access Control Policy Testing (ACPT) tool developed by NIST. Experimental results identify the users receive secured and restricted access as per their authorizations and role hierarchy in the organization.

Download Full-text

The Impact of the Global, Extensible Electronic Health Record

Managing Healthcare Information Systems with Web-Enabled Technologies ◽

10.4018/978-1-878289-65-0.ch001 ◽

2011 ◽

pp. 3-13 ◽

Cited By ~ 2

Author(s):

David W. Forslund ◽

David G. Kilman

Keyword(s):

Electronic Health Records ◽

Negative Impact ◽

Global Scale ◽

Global Perspective ◽

Health Records ◽

Technological Advances ◽

The World ◽

Electronic Health ◽

The Impact

With the arrival of the “World Wide Web,” we have witnessed a transition toward a truly global perspective with respect to electronic health records. In recent years, much more discussion has focused on the potential for international virtual electronic health records and what is required for them to become a reality in the world today (Kilman & Forslund, 1997). As the Internet becomes more ubiquitous and Web-enabled, we see access to electronic health records using these technologies becoming more commonplace. Even so, these Web-enabled health records still remain technologically isolated from other medical records in the distributed continuum of care; much of the standardization challenge still stands before us. We have witnessed startling technological advances, but we still face considerable obstacles to the goal of having globally standardized electronic health records. In this chapter we describe some of the issues associated with Web-enabled health records, the role of standards in the evolution of Web-enabled health records, and some of the barriers to the development of globally accessible electronic health records. We discuss possible ways to overcome these barriers and the kinds of benefits and opportunities that global health records will help provide. The global scale perspective makes more evident the very real and potentially tragic consequences of prolonged and unnecessary delays in deploying these technologies. Therefore, in an effort to promote a fuller consciousness of health safety, the chapter concludes with a comparative look at the negative impact of impediments in the movement toward global extensible electronic health records.

Download Full-text

Secure Exchange of Medical Data Using a Novel Real-Time Biometric-Based Protection and Recognition Method

Electronics ◽

10.3390/electronics9122013 ◽

2020 ◽

Vol 9 (12) ◽

pp. 2013

Author(s):

Shams Ud Din ◽

Zahoor Jan ◽

Muhammad Sajjad ◽

Maqbool Hussain ◽

Rahman Ali ◽

...

Keyword(s):

Electronic Health Records ◽

Real Time ◽

Signal To Noise Ratio ◽

Security And Privacy ◽

The Internet ◽

Healthcare Organizations ◽

Health Records ◽

Clinical Notes ◽

Electronic Health ◽

Value Decomposition

Security and privacy are essential requirements, and their fulfillment is considered one of the most challenging tasks for healthcare organizations to manage patient data using electronic health records. Electronic health records (clinical notes, images, and documents) become more vulnerable to breaching patients’ privacy when shared with an external organization in the current arena of the internet of medical things (IoMT). Various watermarking techniques were introduced in the medical field to secure patients’ data. Most of the existing techniques focus on an image or document’s imperceptibility without considering the watermark(logo). In this research, a novel technique of watermarking is introduced, which supersedes the shortcomings of existing approaches. It guarantees the imperceptibility of the image/document and takes care of watermark(biometric), which is further passed through a process of recognition for claiming ownership. It extracts suitable frequencies from the transform domain using specialized filters to increase the robustness level. The extracted frequencies are modified by adding the biomedical information while considering the strength factor according to the human visual system. The watermarked frequencies are further decomposed through a singular value decomposition technique to increase payload capacity up to (256 × 256). Experimental results over a variety of medical and official images demonstrate the average peak signal-to-noise ratio (PSNR 54.43), and the normal correlation (N.C.) value is 1. PSNR and N.C. of the watermark were calculated after attacks. The proposed technique is working in real-time for embedding, extraction, and recognition of biometrics over the internet, and its uses can be realized in various platforms of IoMT technologies.

Download Full-text

Electronic Health Records and Patient Safety

Applied Clinical Informatics ◽

10.4338/aci-2014-11-ra-0099 ◽

2015 ◽

Vol 06 (01) ◽

pp. 136-147 ◽

Cited By ~ 10

Author(s):

D. Gans ◽

J. White ◽

R. Nath ◽

J. Pohl ◽

C. Tanner

Keyword(s):

Primary Care ◽

Patient Safety ◽

Electronic Health Records ◽

Medication Management ◽

Health Records ◽

Safety Practices ◽

Care Practices ◽

Electronic Health ◽

Primary Care Practices ◽

Promote Patient Safety

Summary Background: The role of electronic health records (EHR) in enhancing patient safety, while substantiated in many studies, is still debated. Objective: This paper examines early EHR adopters in primary care to understand the extent to which EHR implementation is associated with the workflows, policies and practices that promote patient safety, as compared to practices with paper records. Early adoption is defined as those who were using EHR prior to implementation of the Meaningful Use program. Methods: We utilized the Physician Practice Patient Safety Assessment (PPPSA) to compare primary care practices with fully implemented EHR to those utilizing paper records. The PPPSA measures the extent of adoption of patient safety practices in the domains: medication management, handoffs and transition, personnel qualifications and competencies, practice management and culture, and patient communication. Results: Data from 209 primary care practices responding between 2006–2010 were included in the analysis: 117 practices used paper medical records and 92 used an EHR. Results showed that, within all domains, EHR settings showed significantly higher rates of having workflows, policies and practices that promote patient safety than paper record settings. While these results were expected in the area of medication management, EHR use was also associated with adoption of patient safety practices in areas in which the researchers had no a priori expectations of association. Conclusions: Sociotechnical models of EHR use point to complex interactions between technology and other aspects of the environment related to human resources, workflow, policy, culture, among others. This study identifies that among primary care practices in the national PPPSA database, having an EHR was strongly empirically associated with the workflow, policy, communication and cultural practices recommended for safe patient care in ambulatory settings. Citation: Tanner C, Gans D, White J, Nath R, Pohl J. Electronic health records and patient safety – co-occurrence of early EHR implementation with patient safety practices in primary care settings. Appl Clin Inf 2015; 6: 136–147http://dx.doi.org/10.4338/ACI-2014-11-RA-0099

Download Full-text

Hierarchy Similarity Analyser-An Approach to Securely Share Electronic Health Records

International Journal of E-Health and Medical Communications ◽

10.4018/ijehmc.2016040102 ◽

2016 ◽

Vol 7 (2) ◽

pp. 14-29 ◽

Cited By ~ 1

Author(s):

Shalini Bhartiya ◽

Deepti Mehrotra ◽

Anup Girdhar

Keyword(s):

Access Control ◽

Electronic Health Records ◽

Control Policy ◽

Healthcare Organizations ◽

Health Records ◽

Role Hierarchy ◽

Access Control Policies ◽

Electronic Health ◽

Policy Testing ◽

Organizational Rules

Download Full-text

Analysis of the Development of Residents Electronic Health Records

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.926-930.1069 ◽

2014 ◽

Vol 926-930 ◽

pp. 1069-1072

Author(s):

Liu Ning

Keyword(s):

Data Mining ◽

Electronic Health Records ◽

Vital Role ◽

Application Process ◽

Health Records ◽

The World ◽

Electronic Health

The popularity and improvement of resident’s electronic health records plays a vital role in the improvement of human’s overall health. The basic situation of the construction of residents electronic health records and the implementation of the project progress in a few representative countries all over the world in recent years were been summarized and analyzed in this paper after thorough investigation and research. Some problems existing in the construction and Application process of residents electronic health records were been pointed out, and the development focus of residents electronic health records project in next few years were been pointed out to be the popularize and strengthen of the application of data mining.

Download Full-text