Privacy, Confidentiality, and Electronic Medical Records

Emerging Infectious Diseases

Volumn 3, Issue 2, 1996, Pages 139-148

  Barrows Jr , Randolph C ^a,b   Clayton, Paul D ^a  

^a Och Spine at New York Presbyterian Hospitals   (United States)

^b New York Presbyterian Hospital Columbia University Medical Center   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPARATIVE STUDY; COMPUTER SECURITY; CONFIDENTIALITY; FACTUAL DATABASE; INFORMED CONSENT; LEGAL ASPECT; MEDICAL RECORD; REVIEW; STANDARD;

COMPUTER SECURITY; CONFIDENTIALITY; DATABASES, FACTUAL; INFORMED CONSENT; MEDICAL RECORDS;

EID: 57349200762     PISSN: 10806040     EISSN: None     Source Type: Journal    
DOI: 10.1136/jamia.1996.96236282     Document Type: Review

References (42)

1. Curran WJ, Steams B, Kaplan H. Privacy, confidentiality and other legal considerations in the establishment of a centralized health-data system. N Engl J Med. 1968;281:241-8.
2. Picciotto J. The design of an effective auditing subsystem. Proceedings of the 1987 IEEE Symposium on Security and Privacy. Washington, DC: IEEE Computer Society Press.
3. Brannigan V, Beier B. Standards for privacy in medical information systems: a technico-legel revolution. In: Miller RA, ed. Proceedings of the Fourteenth Annual Symposium for Computer Applications in Medical Care. Los Alamitas, CA: IEEE Computer Society Press, 1990:266-70.
4. Marshall VH. Intrusion detection in computers: a summary of the Trusted Information Systems (TIS) Report on Intrusion Detection Systems (TIS report #348). McLean, VA: Booz, Allen & Hamilton, January 29, 1991.
5. American Health Information Management Association. Position Statement. Chicago: AHIMA, March 1992:1.
6. Clayton PD, Sideli RV, Sengupta S. Open architecture and integrated information at Columbia-Presbyterian Medical Center. MD Comput. 1992;9:297-303.
7. Murphy G. System and data protection. In: Ball MJ, Collen MF, eds. Aspects of the Computer-based Patient Record. New York: Springer-Verlag, 1992:201-13.
8. Orr GA, Brantley BA. Development of a model of information security requirements for enterprise-wide medical information systems. In: Frisse ME, ed. Proceedings of the Sixteenth Annual Symposium for Computer Applications in Medical Care. New York: McGraw-Hill, 1992:287-91.
9. Shea S, Sengupta S, Crosswell A, Clayton PD. Network information security in a Phase III Integrated Academic Information Management System (IAIMS). In: Frisse ME, ed. Proceedings of the Sixteenth Annual Symposium for Computer Applications in Medical Care. New York: McGraw-Hill, 1992:283-6.
10. Bakker AR. Security in medical information systems. In: van Bemmel JH, McCray AT, eds. Yearbook of Medical Informatics. New York: Shattauer, 1993:52-60.
11. Gostin LO, Turek-Brezina J, Powers M, Kozloff R, Faden R, Steinauer DD. Privacy and security of personal information in a new health care system. JAMA. 1993;270:2487-93.
12. Henkind SJ, Orlowski JM, Skarulis PC. Application of a mulilevel access model in the development of a security infrastructure for a clinical information system. In: Safran C, ed. Proceedings of the Seventeenth Annual Symposium on Computer Applications in Medical Care. New York McGraw-Hill, 1993: 64-8.
13. Lincoln TL. Privacy: a real-world problem with fuzzy boundaries. Methods Inf Med. 1993;32:104-7.
14. Lunt LT. A survey of intrusion detection techniques. Comput Security, 1993;12:405-18.
15. U.S. Government, Office of Technology Assessment. Medical Privacy Report, 1993. Chapter 1: Introduction, Summary and Options. Washington, DC, 1993.
16. U.S. Government, Office of Technology Assessment. Medical Privacy Report, 1993. Chapter 3: Computerized Health Care Information. Washington, DC, 1993.
17. U.S. Government, Office of Technology Assessment. Medical Privacy Report, 1993. Appendix A: Selected Topics in Computer Security. Washington, DC, 1993.
18. American Civil Liberties Union. Toward a New Health Care System: The Civil Liberties Issues. An ACLU Public Policy Report (ISBN 0-914031-24-4); New York, February 1994.
19. Barber B, Bakker A, Bengtsson S. Conclusions and recommendations. Int J Biomed Comput. 1994;35(suppl 1):221-9.
20. Bengtsson S. Clinical requirements for the security of the electronic patient record. Int J Biomed Comput. 1994;35(suppl 1): 29-31.
21. Bleumer G. Security for decentralized health information systems. Int J Biomed Comput. 1994;35(suppl 1):140-5.
22. Brannigan VM. A framework for "need to know" authorizations in medical computer systems: responding to the constitutional requirements. In: Ozbolt JG, ed. Proceedings of the Eighteenth Annual Symposium on Computer Applications in Medical Care, JAMIA. 1994 suppl:392-6.
23. Dargahi R, Classen DW, Bobroff RB, et al. The development of a data security model for the collaborative social and medical services system. In: Ozbolt JG, ed. Proceedings of the Eighteenth Annual Symposium on Computer Applications in Medical Care. JAMIA. 1994 suppl:349-53.
24. France FH, Gaunt PN. The need for security - a clinical view. Int J Biomed Comput 1994;35(suppl 1):189-94.
25. Frank J. Artificial intelligence and Intrusion Detection: Current and Future Directions. Davis, CA: Division of Computer Science, University of California-Davis, June 9, 1994.
26. Hayam A. Security audit center - a suggested model for effective audit strategies in health care informatics. Int J Biomed Comput. 1994;35(suppl 1):116-27.
27. Information Security Subcommittee, Mayo Clinic/Foundation. Data Security Policies and Standards; September 1994 (provided by Dr. Christopher D. Chute, Section of Medical Information Resources, Mayo Clinic/Foundation, Rochester, MN).
28. Institute of Medicine. Confidentiality and privacy of personal data. In: Donaldson MS, Lohr KN, eds. Health Data in the Information Age: Use, Disclosure, and Privacy. Washington, DC: National Academy Press, 1994.
29. Kowalski S. An accountability server for health care information systems. Int J Biomed Comput. 1994;35(suppl 1):130-8.
30. Kumar S, Spafford EH. An application of pattern matching in intrusion detection. Technical Report CSD-TR-94-013. COAST Project, Dept of Computer Sciences, Purdue University, West Lafayette, IN, June 17, 1994.
31. Lawrence LM. Safeguarding the confidentiality of automated medical information. Jt Comm J Qual Improv. 1994;20:639-46.
32. New York State CHMIS Executive Policy Committee. NYS CHMIS Confidentiality and Data Security Policy, Draft. Albany, NY, December 21, 1994.
33. Robinson DM. Health information policy: without confidentiality. Int J Biomed Comput 1994;35(suppl 1):97-104.
34. Shea S. Security versus access: trade-offs are only part of the story. JAMIA. 1994;1:314-5.
35. Shneir B. Applied Cryptography. New York: John Wiley & Sons, 1994.
36. Szolovits P, Kohane I. Against simple universal health-care identifiers. JAMIA. 1994;1:316-9.
37. American Civil Liberties Union of Massachusetts. Statement of opposition to S. 1360, the so-called "Medical Records Confidentiality Act of 1995." Boston, November 4, 1995.
38. Davis R. Online medical records raise privacy fears. USA Today. March 22, 1995:A:1.4.
39. Latham L. Network security, part 2: policy should come first Inside Gartner Group This Week. April 26, 1995.
40. Safran C, Rind D, Citroen M, Bakker AR, Slack WV, Bleich HL. Protection of confidentiality in the computer-based patient record. MD Comput. 1995;12:187-92.
41. Senate Bill 1360: The Medical Records Confidentiality Act of 1995. 104th Congress, 1st Session.
42. Paskavitz MR, ed. Briefings on the JCAHO. Information management (IM). Special Report Review and Analysis: 1996 JCAHO Standards. Marblehead, MA: Opus Communications, 1995; 16-18 (ISBN 1-885829-14-0).