Assessing HIPAA Compliance of Open Source Electronic Health Record Applications

2021 ◽  
Vol 15 (2) ◽  
pp. 181-195
Author(s):  
Hossain Shahriar ◽  
Hisham M. Haddad ◽  
Maryam Farhadi
Keyword(s):  
Electronic Health Record ◽  
Open Source ◽  
Medical Decision ◽  
Patient Treatment ◽  
Health Record ◽  
Technical Requirements ◽  
Patient Health ◽  
Treatment Plans ◽  
Electronic Health ◽  
Quality In Healthcare

Electronic health record (EHR) applications are digital versions of paper-based patient health information. EHR applications are increasingly being adopted in many countries. They have resulted in improved quality in healthcare, convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process. The goal of this paper is to identify HIPAA technical requirements, evaluate two open source EHR applications (OpenEMR and OpenClinic) for security vulnerabilities using two open-source scanner tools (RIPS and PHP VulnHunter), and map the identified vulnerabilities to HIPAA technical requirements.

Compliance of Electronic Health Record Applications With HIPAA Security and Privacy Requirements

2018 ◽  
pp. 199-213 ◽  
Author(s):  
Maryam Farhadi ◽  
Hisham M. Haddad ◽  
Hossain Shahriar
Keyword(s):  
Electronic Health Record ◽  
Health Information ◽  
Security And Privacy ◽  
Medical Decision ◽  
Patient Treatment ◽  
Health Record ◽  
Privacy Requirements ◽  
Improper Use ◽  
Electronic Health ◽  
Quality In Healthcare

Electronic health record (EHR) applications are digital versions of paper-based patients health information. EHR applications are increasingly being adopted in many countries. They have resulted in improved quality in healthcare, convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process by doctors. EHR applications are guided by measures of the Health Insurance Portability and Accountability Act (HIPAA) to ensure confidentiality, integrity, and availability. However, there have been reported breaches of protected health identifier (PHI) data stored by EHR applications. In many reported breaches, improper use of EHRs has resulted in disclosure of patient's protected health information. The goal of this chapter is to (1) provide an overview of HIPAA security and privacy requirements; (2) summarize recent literature works related to complying with HIPAA security and privacy requirements; (3) map some of the existing vulnerabilities with HIPAA security rules.

Compliance of Electronic Health Record Applications With HIPAA Security and Privacy Requirements

2019 ◽  
pp. 1605-1618
Author(s):  
Maryam Farhadi ◽  
Hisham M. Haddad ◽  
Hossain Shahriar
Keyword(s):  
Electronic Health Record ◽  
Health Information ◽  
Security And Privacy ◽  
Medical Decision ◽  
Patient Treatment ◽  
Health Record ◽  
Privacy Requirements ◽  
Improper Use ◽  
Electronic Health ◽  
Quality In Healthcare

Electronic health record (EHR) applications are digital versions of paper-based patients health information. EHR applications are increasingly being adopted in many countries. They have resulted in improved quality in healthcare, convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process by doctors. EHR applications are guided by measures of the Health Insurance Portability and Accountability Act (HIPAA) to ensure confidentiality, integrity, and availability. However, there have been reported breaches of protected health identifier (PHI) data stored by EHR applications. In many reported breaches, improper use of EHRs has resulted in disclosure of patient's protected health information. The goal of this chapter is to (1) provide an overview of HIPAA security and privacy requirements; (2) summarize recent literature works related to complying with HIPAA security and privacy requirements; (3) map some of the existing vulnerabilities with HIPAA security rules.

scholarly journals Open MRS softwares: effective approaches in management of patients' health information

2017 ◽  
Vol 4 (11) ◽  
pp. 3948
Author(s):  
Azadeh Bashiri ◽  
Marjan Ghazisaeedi
Keyword(s):  
Electronic Health Record ◽  
Open Source ◽  
Health Information ◽  
Health Record ◽  
Web Based ◽  
Patient Health ◽  
Technical Architecture ◽  
Electronic Health ◽  
Mozilla Firefox

Today, the complexities of health issues require technologies to improve the quality of health care and maintain healthy individuals. Open source softwares such as OpenMRS are the basis for developing electronic health record systems to manage patient health information. Data model, API, and Web-based application are the three main parts of OpenMRS technical architecture. The core of the Open MRS software includes a web-based application and a number of open source softwares such as My SQL, Mozilla Firefox and Hyper net. These softwares use standards such as XML and X-Form to exchange and display data and enhance collaboration with other systems. Also, they can be manipulated and searched using SQL. Considering the high potential of OpenMRS in reducing the cost of implementation and development of electronic health record systems in developing countries, they can be used to manage information of patients and improve the quality of health services.

scholarly journals Semantic computational analysis of anticoagulation use in atrial fibrillation from real world data

2019 ◽  
Author(s):  
Daniel M. Bean ◽  
James Teo ◽  
Honghan Wu ◽  
Ricardo Oliveira ◽  
Raj Patel ◽  
...  
Keyword(s):  
Atrial Fibrillation ◽  
Natural Language Processing ◽  
Natural Language ◽  
Electronic Health Record ◽  
Open Source ◽  
Language Processing ◽  
Risk Scores ◽  
Free Text ◽  
Health Record ◽  
Electronic Health

AbstractAtrial fibrillation (AF) is the most common arrhythmia and significantly increases stroke risk. This risk is effectively managed by oral anticoagulation. Recent studies using national registry data indicate increased use of anticoagulation resulting from changes in guidelines and the availability of newer drugs.The aim of this study is to develop and validate an open source risk scoring pipeline for free-text electronic health record data using natural language processing.AF patients discharged from 1st January 2011 to 1st October 2017 were identified from discharge summaries (N=10,030, 64.6% male, average age 75.3 ± 12.3 years). A natural language processing pipeline was developed to identify risk factors in clinical text and calculate risk for ischaemic stroke (CHA2DS2-VASc) and bleeding (HAS-BLED). Scores were validated vs two independent experts for 40 patients.Automatic risk scores were in strong agreement with the two independent experts for CHA2DS2-VASc (average kappa 0.78 vs experts, compared to 0.85 between experts). Agreement was lower for HAS-BLED (average kappa 0.54 vs experts, compared to 0.74 between experts).In high-risk patients (CHA2DS2-VASc ≥2) OAC use has increased significantly over the last 7 years, driven by the availability of DOACs and the transitioning of patients from AP medication alone to OAC. Factors independently associated with OAC use included components of the CHA2DS2-VASc and HAS-BLED scores as well as discharging specialty and frailty. OAC use was highest in patients discharged under cardiology (69%).Electronic health record text can be used for automatic calculation of clinical risk scores at scale. Open source tools are available today for this task but require further validation. Analysis of routinely-collected EHR data can replicate findings from large-scale curated registries.

Macroscopic Modeling of Information Flow in an Agent-Based Electronic Health Record System

2011 ◽  
pp. 305-334
Author(s):  
Ben Tse
Keyword(s):  
Electronic Health Record ◽  
Electronic Health Record System ◽  
Health Record ◽  
Record System ◽  
Macroscopic Modeling ◽  
Agent Based ◽  
Individual Level ◽  
Patient Health ◽  
Electronic Health ◽  
The Individual

This chapter presents an architecture, or general framework, for an agent-based electronic health record system (ABEHRS) to provide health information access and retrieval among different medical services facilities. The agent system’s behaviors are analyzed using the simulation approach and the mathematical modeling approach. The key concept promoted by ABEHRS is to allow patient health records to autonomously move through the computer network uniting scattered and distributed data into one consistent and complete data set or patient health record. ABEHRS is an example of multi-agent swarm system, which is composed of many simple agents and a system that is able to self-organize. The ultimate goal is that the reader should appreciate the benefits of using mobile agents and the importance of studying agent behaviors at the system level and at the individual level.

scholarly journals How well is the electronic health record supporting the clinical tasks of hospital physicians? A survey of physicians at three Norwegian hospitals

2019 ◽  
Vol 19 (1) ◽  
Author(s):  
Thomas Roger Schopf ◽  
Bente Nedrebø ◽  
Karl Ove Hufthammer ◽  
Inderjit Kaur Daphu ◽  
Hallvard Lærum
Keyword(s):  
Health Care ◽  
Electronic Health Record ◽  
Electronic Health Record System ◽  
System Stability ◽  
Medical Decision ◽  
Health Record ◽  
Clinical Workflow ◽  
Online Questionnaire ◽  
Record System ◽  
Electronic Health

Abstract Background The electronic health record is expected to improve the quality and efficiency of health care. Many novel functionalities have been introduced in order to improve medical decision making and communication between health care personnel. There is however limited evidence on whether these new functionalities are useful. The aim of our study was to investigate how well the electronic health record system supports physicians in performing basic clinical tasks. Methods Physicians of three prominent Norwegian hospitals participated in the survey. They were asked, in an online questionnaire, how well the hospital’s electronic health record system DIPS supported 49 clinical tasks as well as how satisfied they were with the system in general, including the technical performance. Two hundred and eight of 402 physicians (52%) submitted a completely answered questionnaire. Results Seventy-two percent of the physicians had their work interrupted or delayed because the electronic health record hangs or crashes at least once a week, while 22% had experienced this problem daily. Fifty-three percent of the physicians indicated that the electronic health record is cumbersome to use and adds to their workload. The majority of physicians were satisfied with managing tests, e.g., requesting laboratory tests, reading test results and managing radiological investigations and electrocardiograms. Physicians were less satisfied with managing referrals. There was high satisfaction with some of the decision support functionalities available for prescribing drugs. This includes drug interaction alerts and drug allergy warnings, which are displayed automatically. However, physicians were less satisfied with other aspects of prescribing drugs, including getting an overview of the ongoing drug therapy. Conclusions In the survey physicians asked for improvements of certain electronic health record functionalities like medication, clinical workflow support including planning and better overviews. In addition, there is apparently a need to focus on system stability, number of logins, reliability and better instructions on available electronic health record features. Considerable development is needed in current electronic health record systems to improve usefulness and satisfaction.

scholarly journals Open-Source Electronic Health Record Systems for Low-Resource Settings: Systematic Review

2017 ◽  
Vol 5 (4) ◽  
pp. e44 ◽  
Author(s):  
Assel Syzdykova ◽  
André Malta ◽  
Maria Zolfo ◽  
Ermias Diro ◽  
José Luis Oliveira
Keyword(s):  
Systematic Review ◽  
Electronic Health Record ◽  
Open Source ◽  
Health Record ◽  
Low Resource Settings ◽  
Low Resource ◽  
Electronic Health

Macroscopic Modeling of Information Flow in an Agent-Based Electronic Health Record System

2011 ◽  
pp. 602-630
Author(s):  
Ben Tse
Keyword(s):  
Electronic Health Record ◽  
Electronic Health Record System ◽  
Health Record ◽  
Record System ◽  
Macroscopic Modeling ◽  
Agent Based ◽  
Individual Level ◽  
Patient Health ◽  
Electronic Health ◽  
The Individual

This chapter presents an architecture, or general framework, for an agent-based electronic health record system (ABEHRS) to provide health information access and retrieval among different medical services facilities. The agent system’s behaviors are analyzed using the simulation approach and the mathematical modeling approach. The key concept promoted by ABEHRS is to allow patient health records to autonomously move through the computer network uniting scattered and distributed data into one consistent and complete data set or patient health record. ABEHRS is an example of multi-agent swarm system, which is composed of many simple agents and a system that is able to self-organize. The ultimate goal is that the reader should appreciate the benefits of using mobile agents and the importance of studying agent behaviors at the system level and at the individual level.

Sign in / Sign up

Export Citation Format

Share Document