The roles of policy and professionalism in the protection of processed clinical data: A literature review

International Journal of Medical Informatics

Volumn 76, Issue 4, 2007, Pages 261-268

  de Lusignan, Simon ^a   Chan, Tom ^b   Theadom, Alice ^a   Dhoul, Neil ^a  

^a Hunter Wing   (United Kingdom)

^b SURREY AND BORDERS PARTNERSHIP NHS FOUNDATION TRUST   (United Kingdom)

Author keywords

Code of ethics; Computerised medical records; Data security; Medical informatics; Organizational policy; Professional role

Indexed keywords

DATABASE SYSTEMS; PROFESSIONAL ASPECTS; PUBLIC POLICY; SOCIETIES AND INSTITUTIONS;

CODE OF ETHICS; COMPUTERIZED MEDICAL RECORDS; MEDICAL INFORMATICS; ORGANIZATIONAL POLICY; PROFESSIONAL ROLE;

SECURITY OF DATA;

ARTICLE; BIBLIOGRAPHIC DATABASE; CHRONOLOGY; COMPARATIVE STUDY; EUROPE; EUROPEAN UNION; HEALTH CARE ORGANIZATION; HEALTH CARE PERSONNEL; HEALTH CARE POLICY; INFORMATION PROCESSING; INFORMATION TECHNOLOGY; INTERNET; MEDICAL ETHICS; MEDICAL INFORMATICS; MEDICAL LITERATURE; PRIORITY JOURNAL; PRIVACY; PROFESSIONALISM; STANDARD;

CONFIDENTIALITY; GREAT BRITAIN; MEDICAL INFORMATICS; MEDICAL RECORDS SYSTEMS, COMPUTERIZED; POLICY MAKING; PROFESSIONAL ROLE;

EID: 33847280457     PISSN: 13865056     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.ijmedinf.2005.11.003     Document Type: Article

References (45)

1. de Lusignan S., Hague N., and Brown A. An educational intervention to improve data recording in the management of ischaemic heart disease in primary care. J. Public Health 26 1 (2004) 34-37
2. de Lusignan S., Dzregah B., Hague N., and Chan T. Cholesterol management in patients with ischaemic heart disease: an audit-based appraisal of progress towards clinical targets in primary care. Br. J. Cardiol. 10 (2003) 223-228
3. de Lusignan S., Chan T., Stevens P., O'Donoghue D., Hague N., Dzregah B., Van Vlymen J., Walker M., and Hilton S. Identifying patients with chronic kidney disease from general practice computer records. Fam. Pract. 22 3 (2005) 234-241
4. Rector A.L. Clinical terminology: why is it so hard?. Meth. Inform. Med. 38 4-5 (1999) 239-252
5. Sweeney L. k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzz. Knowl. Syst. 10 5 (2002) 557-570
6. Department of Health. NHS Confidentiality Code of Practice (2003), Department of Health, London
7. Council of Europe, European convention for the protection of human rights and fundamental freedoms, Artcile 8, Council of Europe, Rome, 1950. URL: http://conventions.coe.int/treaty/en/Treaties/Html/005.htm.
8. Council of Europe, About conventions and agreements in the European Treaty Series (ETS), Council of Europe, Strasburg, 1974. URL: http://conventions.coe.int/.
9. Council of Europe, Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data European Treaty Series (ETS) No. 108, 1985. URL: http://conventions.coe.int/.
10. European Union Directive 95/46/EC, On the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJL281/31-50, October 24, 1995. URL: http://europa.eu.int/comm/internal_market/privacy/law_en.htm.
11. Bakker A. Security in perspective; luxury or must?. Int. J. Med. Inform. 49 (1998) 31-37
12. Kluge E.H. A Handbook of Ethics for Health Informatics Professionals (2003), British Computer Society, Swindon
13. Lin A., and Brown R. The application of security policy to role-based access control and the common data security architecture. Comput. Commun. 23 (2000) 1584-1593
14. Chalmers J., and Muir R. Patient privacy and confidentiality. Br. Med. J. 326 (2003) 725-726
15. Anderson J.G. Security of the distributed electronic patient record: a case-cased approach to identifying policy issues. Int. J. Med. Inform. 60 (2000) 111-118
16. Gounaris A., and Theodoulidis B. Data base management systems (DBMSs): meeting the requirements of the EU data protection legislation. Int. J. Inform. Manage. 23 (2003) 185-199
17. Behlen F.M., and Johnson S.B. Multicenter patient records research: security policies and tools. J. Am. Med. Inform. Assoc. 6 6 (1999) 435-443
18. Blobel B., and Roger-France F. A systematic approach for analysis and design of secure health information systems. Int. J. Med. Inform. 62 (2001) 51-78
19. Blobel B. Advanced tool kits for EPR security. Int. J. Med. Inform. 60 (2000) 169-175
20. Gaunt N. Practical approaches to creating a security culture. Int. J. Med. Inform. 60 (2000) 151-157
21. Barcelo R.J., and Vinje T. Towards a European framework for digital signatures and encryption. Comput. Law Secur. Rep. 14 2 (1998) 79-86
22. F. Burns, Information for Health: an information strategy for a modern NHS, 1998-2005.
23. Barber B. Patient data and security: an overview. Int. J. Med. Inform. 49 (1998) 19-30
24. Carey P., and Berry D. Data security-the key to privacy. Comput. Law Secur. Rep. 18 2 (2002) 112-113
25. Kaihara S. Realisation of the computerised patient record: relevance and unsolved problems. Int. J. Med. Inform. 49 (1998) 1-8
26. L. Sweeney, Navigating computer science research through waves of privacy concerns, Tech Report, Carnegie Mellon University, School of Computer Science, Pittsburgh, 2003.
27. Patel V.L., Arocha J.F., and Shortliffe E.H. Cognitive models in training health professionals to protect patients confidential information. Int. J. Med. Inform. 60 (2000) 143-150
28. Louwerse K. The electronic patient record; the management of access-case study: Leiden University Hospital. Int. J. Med. Inform. 49 (1998) 39-44
29. Jewell D. How to change clinical behaviour: no answers yet. Br. J. Gen. Pract. 53 489 (2003) 266-267
30. Polanyi M. The Tacit Dimension (1966), Routledge, London
31. Smith J. Towards a secure EPR: cultural and educational issues. Int. J. Med. Inform. 60 (2000) 137-142
32. Kluge EH.W. Fostering a security culture: a model code of ethics for health information professionals. Int. J. Med. Inform. 49 (1998) 105-110
33. Gell G. Safe, controllable technology?. Int. J. Med. Inform. 66 (2002) 69-73
34. Kluge E.H.W. Professional codes for electronic HC record protection: ethical, legal, economic and structural issues. Int. J. Med. Inform. 60 (2000) 85-96
35. Sen B.A. Research governance: implications for health library and information professionals. Health Inform. Libr. J. 20 (2003) 3-14
36. UK Council for Health Informatics Professionals (UKCHIP), 2004. URL: http://www.ukchip.org/.
37. Fugelli P. Trust-in general practice. Br. J. Gen. Pract. (2001) 575-579
38. Sadan B. Patient data confidentiality and patient rights. Int. J. Med. Inform. 62 (2001) 41-49
39. Rohm A.J., and Milne G.R. Just what the doctor ordered. The role of information sensitivity and trust in reducing medical information privacy concern. J. Business Res. 5757 (2002) 1-12
40. Gaunt N. Installing an appropriate information security policy. Int. J. Med. Inform. 49 (1998) 131-134
41. Berg M. Implementing information systems in health care organisations: myths and challenges. Int. J. Med. Inform. 64 (2001) 143-156
42. NHS Information Standards Board, Glossary. URL: http://isb.nhs.uk/pages/glossary/detail.asp?gl_id=24.
43. van Bemmel J.H., and Musen M.A. Handbook of Medical Informatics (1997), Springer, The Netherlands
44. The American Heritage, Dictionary of the English Language. 4th ed. (2000), Houghton Mifflin Company
45. The European Parliament and of the Council, Directive 2002/58/EC, Official Journal of the European Communities, Brussels, 2002. URL: http://europa.eu.int/smartapi/cgi/sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=en&numdoc=32002L0058&model=guichett.