Impact of Electronic Health Records (EHR)

This era has been radically transformed by digital technology-smart phones, tablets, and web-enabled devices have transformed the daily lives and the way we communicate. Medicine is an information-rich enterprise.

A greater and more seamless flow of information within a digital health care infrastructure, created by electronic health records (EHRs), encompasses and leverages digital progress and can transform the way care is delivered and compensated. 

With EHR, information is available whenever and wherever it is needed.

    Thus it leads to,

·       Improved Patient Care.

·       Increase Patient Participation

·       Improved care coordination

·       Practice efficiencies and cost savings

SECURITY CONCERNS IN ADOPTING EHR

There has been very little activity in policy development involving the numerous significant privacy issues raised by a shift from a largely disconnected, paper-based health record system to one that is integrated and electronic. Moreover, the advances in Information and Communications Technologies has led to a situation in which patients health data are confronting new security and privacy threats. The three fundamental security goals are :

·       Confidentiality

·       Integrity and

·       Availability  

The protection and security of personal information is critical in the health sector, and it is thus necessary to ensure the CIA of personal health information.

·       Confidentiality -Process that ensures that information is accessible only to those authorized to have access to it.

Confidentiality is roughly equivalent to privacy. Measures were undertaken to ensure confidentiality is designed to prevent sensitive information from reaching the wrong people while making sure that the right people can, in fact, get it: Access must be restricted to those authorized to view the data in question. It is common, as well, for data to be categorized according to the amount and type of damage that could be done should it fall into unintended hands. More or less stringent measures can then be implemented according to those categories.

Sometimes safeguarding data confidentiality may involve special training for that privacy to such documents. Such training would typically include security risks that could threaten this information. Training can help familiarize authorized people with risk factors and how to guard against them. Further aspects of training can include strong passwords and password-related best practices and information about social engineering methods, to prevent them from bending data-handling rules with good intentions and potentially disastrous results.

A good example of methods used to ensure confidentiality is an account number or routing number when banking online. Data encryption is a common method of ensuring confidentiality. User IDs and passwords constitute a standard procedure; two-factor authentication is becoming the norm. Other options include biometric verification and security tokens, key fobs or soft tokens. In addition, users can take precautions to minimize the number of places where the information appears and the number of times it is transmitted to complete a required transaction. Extra measures might be taken in the case of extremely sensitive documents, precautions such as storing only on-air gapped computers, disconnected storage devices or, for highly sensitive information, in hard copy form only.