IMPROPER USE OF MEDICAL INFORMATION ehealth PRIVACY & SECURITY Presented at 5th Annual National Conference on Healthcare Leadership INNOVATION 2011, Bangalore 26th Jan 2011 Dr Pankaj Gupta ehealth Business Executive
Source: http://healthcareitstrategy.blogspot.com/ 2005 Dr Pankaj Gupta Slide 2 28 Feb 05
2005 Dr Pankaj Gupta Slide 3 28 Feb 05 Healthcare Data Sources Homecare Ambulance Clinicians Integrated View Hospital Emergency Diagnostic
Health Information Exchange - Chances of Data leaks galore! 2005 Dr Pankaj Gupta Slide 4 28 Feb 05 Standardized Architecture EHRS EHRS EHR SOLUTION (EHRS) EHR INFOSTRUCTURE (EHRi) EHRS EHRS EHRS EHRS EHRS EHR SOLUTION (EHRS) EHR INFOSTRUCTURE (EHRi) Standardized Data Vocabularies (encoding rules) Ancillary Data & Health Information Data Warehouse EHR Data & Registries Data & Standardized Interfaces Ancillary Data & Health Information Data Warehouse EHR Data & Registries Data & Standardized Data Structures Longitudinal Record Health Information Access Layer Longitudinal Record Health Information Access Layer Standardized Functional Behavior Point of Service Application Point of Service Application EHR Viewer Point of Service Application Point of Service Application EHR Viewer Homecare Homecare Emergency Emergency INTEGRATED VIEW INTEGRATED VIEW Clinicians Integrated View Clinicians Integrated View Hospital Emergency Hospital Emergency Diagnostic Diagnostic
HIPAA Title II Title II: Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform Data Privacy Transactions and Code Sets Data Security Unique Identifiers 2005 Dr Pankaj Gupta Slide 5 28 Feb 05
Data Privacy Protected Health Information (PHI) Right to keep personal information from outside world Hospital staff, in-house and outsourced IT staff may be authorized to see data and may disclose it inappropriately Protect sensitive information PNDT and MTP Act Positive results for sensitive Lab tests - HIV etc. Public health research - Anonymised data EMR implementation challenge - People master, Deptt master to be in sync in integrated systems 2005 Dr Pankaj Gupta Slide 6 28 Feb 05
Transactions and Code Sets Master Data integration challenge codify diagnosis, procedures and order sets Data Analytics challenge - standard terminology for clinical notes Diabetes with MI discharged with B-blocker Diabetes with Coronary Atherosclerosis discharged with B-blocker Type-II Diabetes with CHF discharged with Metoprolol 2005 Dr Pankaj Gupta Slide 7 28 Feb 05
Data Security Network security Firewalls, Data centre, IT Support Teams, Outsourcing Data Security - Encryption Public/Private keys Physical security Authentication Authority Audit 2005 Dr Pankaj Gupta Slide 8 28 Feb 05
2005 Dr Pankaj Gupta Slide 9 28 Feb 05 Physical Security Authentication - are you who you say you are? Passwords, Biometrics (finger print, retinal scan), smartcards Authority - do you have a need to know? User U in role R who satisfies constraint C has permission P Ms Ann working as Nurse in ED has r/w/x permissions; whereas she doesn t have those permissions offduty Ensure only authenticated users to perform authorized activities on authorized data Audit - record of who actually got into what Record of every entry, correction, change, over ride etc
Unique Identifiers Point-to-Point integration between 2 systems People master to be in sync Department master to be in sync Dr Om Prakash Singh in ENT vs Dr OP Singh in Otolaryngology? Health information exchange between systems Physician Registry Patient Registry Disease Registry Document Registry 2005 Dr Pankaj Gupta Slide 10 28 Feb 05
2005 Dr Pankaj Gupta Slide 11 28 Feb 05 De-Identify before Data Analytics Clinical Signs Symptoms Diagnosis Demographics Radiology Laboratory Physicians Department Pharmacy Insurance Hospital
2005 Dr Pankaj Gupta Slide 12 28 Feb 05 Summary of Privacy & Security Computing/network infrastructure can deal with security But privacy is a policy matter Anonymizing of databases helps but it isn t foolproof In general, people are the weakest security and privacy link
Soon these small steps will be a Mammoth 2005 Dr Pankaj Gupta Slide 13 28 Feb 05
Solid foundation goes a long way... 2005 Dr Pankaj Gupta Slide 14 28 Feb 05
Thanks. Dr_PankajGupta@yahoo.com LinkedIn:http://www.linkedin.com/in/drpankajgupta Blog:http://www.healthcareitstrategy.blogspot.com/ 15