Presentation is loading. Please wait.

Presentation is loading. Please wait.

MAINTAINING SECURITY AND PRIVACY OF PATIENT INFORMATION September 2, 2006 Frank E. Ferrante, MSEE, MSEPP President FEFGroup, LLC Past Chair, Medical Technology.

Published byCole McDougall Modified over 10 years ago

Similar presentations

Presentation on theme: "MAINTAINING SECURITY AND PRIVACY OF PATIENT INFORMATION September 2, 2006 Frank E. Ferrante, MSEE, MSEPP President FEFGroup, LLC Past Chair, Medical Technology."— Presentation transcript:

1 MAINTAINING SECURITY AND PRIVACY OF PATIENT INFORMATION September 2, 2006 Frank E. Ferrante, MSEE, MSEPP President FEFGroup, LLC Past Chair, Medical Technology Policy Committee IEEE-USA, Washington, DC Presented at 28th IEEE EMBS Annual International Conference Aug 30-Sept. 3, 2006, New York City, New York, USA

2 Outline Why Electronic Medical Records? Software Sample/hardware samples Barriers/Standards for EHR HIPAA Security and Privacy Regulations Medical data transmission requirements Wireline and Wireless Telecommunications Services Security Security of Patient Medical Records References

3 Why Electronic Medical Records (EMRs) Time spent filing and pulling patient charts, searching for charts Time re-creating records if destroyed by natural disaster or accident Cost of supplies to maintain charts Cost of facility space for records (can better use of space be made?) Storage and Backup Cost Transcription services cost Cost of doing nothing today Better Security/Privacy Maintainable

4 Software/Hardware Supporting Digital Medical Records Electronic Medical Record (EMR)Software –Soapware - check it out $300 Starting Price see: http://soapware.com/http://soapware.com/ –e-MDs Electronic Medical Record Support Software http://www.e- mds.comhttp://www.e- mds.com –a4Healthsystems EMR and Access systems http://www.a4healthsystems.com http://www.a4healthsystems.com Companion Technologies http://www.companiontechnologies.com http://www.companiontechnologies.com Security and Privacy - all EMRs must be protected –Sample approach: indigenous authentication of digital information (US Patent 6,757,828 B1 of June 29, 2004) by Signa2 http://www.gjtdc.com http://www.gjtdc.com –Backup routinely onto remote servers or storage offerings

5 What are the Barriers to EHR and e-Health Implementation?* Lack of a Unique Personal Identifier Lack of HIPAA Compliant Middleware Lack of Incentives No Paradigm or First Mover for Some System Components Evolving Standards Disincentives Lack of an NHIN Architecture [Fear of Cost/Benefit] * [Corr 06]

6 Barriers and Solutions Identifiers and Middleware HIPAA compliant Identification, Authentication, and Access Lack of a Unique Personal Identifier: Solutions: Voluntary Personal Healthcare Identifier ( IEEE-USA Voluntary Healthcare Identifier Position Statement, 17 June 2004 ) Center for Certification of Health Information Technology Multiple ID Approach (Provider ID + Provider Unique Personal ID) DOD Common Access Card Model Lack of HIPAA Compliant Middleware: Solutions: RHIO Contracts Marketplace Solutions Shortcomings: Public Health and Research Interfaces may not be included * [Corr 2006]

7 EHR Standards Evolution* International Statistical Classification of Diseases and Related Health Problems (ICD) from ICD-9 to ICD-10 ASCI X12 Version 4010 to ASCI X12 Version 5010 (HIPAA Business Transactions) National Council for Prescription Drug Programs Telecommunication Standards from version 5.1 to version D.0 Conversion of all standards to XML * [Corr 06]

8 HIPAA Security and Privacy Regulations Health Insurance Portability Assurance Act (HIPAA) –Security - Required stronger and more focused provision of security around medical information (supports maintaining of information privacy) –Privacy - Enforces increase in privacy protections for medical information (Not just speaking privacy- required under penalty if failure occurs)

9 Electronic Medical Record (EMR) Data Requirements Page of text for entering and storing non- image information –Less than 64 Kbytes(large file) Image Data –(Refer to estimate table)

10 Medical Images Data Transmission Requirements* *Source: Ferrante, F.E.,Evolving Telemedicine/eHealth Technology, Telemedicine and e-Health, Vol 11, Number 3, June 2005, Mary Ann Liebert, Inc Publisher, ISSN-1530-5627.

11 Wireless Telecommunications Services –Broadband Services 802.11n WiMax –Security PKI VPN Secure ID WEP/WPA/WPA2 (802.11i)

12 How New Technologies Stack Up Data Rate (megabits per second) Source: Technology Review, October 2005 EstablishedEmerging Actual performance will vary depending on factors such as how the technology is deployed, the users distance from base stations, and interference. 1,000 1 10 100 WPAN WLAN WMAN WWAN Bluetooth 1.2 Bluetooth 2.0 Ultrawideband Wi-Fi (802.11b) Wi-Fi (802.11a/g) Wi-Fi (802.11n) WiMax (802.16) WiMax mobile (802.16e) 2G cellular 2.5G cellular 3G cellular 3.5G cellular 4G cellular

13 Security of Patient Records Wireline Communications/Computer Access –Database Encryption –Public Private Key access control –Routine Password Control and Management –Isolation of Database Server from outside access except via Virtual Private Network (VPN) and Secure ID hand-held devices or Secure Private Key system Wireless Communications –Wire Equivalent Privacy (WEP) Poorly designed, vulnerable –Wireless Protocol Architecture (WPA)& WPA2 Improved Security Encoding Enterprise Security Offering(Both WPA and WPA2 now available for Wireless operations as alternate to WEP)

14 References [Corr 2006] Corrigan, Mike (Current Chair MTPC), Consumer- Centered Electronic Health Records and e-Health - Roadblocks and Opportunities, presented to GEIA Roundtable, June 29, 2006 - Available at: http://www.ieeeusa.org/volunteers/committees/mtpc/index.html http://www.ieeeusa.org/volunteers/committees/mtpc/index.html [IEEE-USA]IEEE Medical Technology Policy Committee Web Site - ttp://www.ieeeusa.org/volunteers/committees/mtpc/index.html ttp://www.ieeeusa.org/volunteers/committees/mtpc/index.html

15 Backup Slides

16 Other Healthcare System Records Payer Records or Payer EHRs Healthcare Provider or Clinical EHRs Top Level EHR Components Glue Personal Health Record (PHR) or Personal EHR

17 EMT Records Radiological Records Laboratory Records Pharmacy Office Records Dental Office Records Physician Office Records Hospital Records Personal Health Record Health Insurance Payer Records Personal EHR Provider EHRs Carrier EHR Personal Health Record Personal EHR Uncertified Demographics Allergies Medications Inoculations Certified Demographics and Identity Links to other EHR components Limited PHRFull PHR

18 Personal Health Record Lifetime Full PHR Prenatal and Pediatric Records Medicare Records Employer and Self Insurance Carrier Records Military and VA Records Research Records Public Health Records Anonymized Links with Trusted Reverse Channel Environmental Records Genomic Records Links Death Certificate and Autopsy Records

Download ppt "MAINTAINING SECURITY AND PRIVACY OF PATIENT INFORMATION September 2, 2006 Frank E. Ferrante, MSEE, MSEPP President FEFGroup, LLC Past Chair, Medical Technology."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
Mobile Computing and Commerce And Pervasive Computing

Mobile Computing and Commerce And Pervasive Computing
National HIT Agenda and HIE - 2007 John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.
September, 2005What IHE Delivers 1 Lloyd Hildebrand, M.D., American Academy of Ophthalmology, Medical Information Technology Committee Chair IHE Eye Care.

September, 2005What IHE Delivers 1 Lloyd Hildebrand, M.D., American Academy of Ophthalmology, Medical Information Technology Committee Chair IHE Eye Care.
Stark Bill Reversal: Making Hospital-Centric RHIOs Possible February 13, 2006.

Stark Bill Reversal: Making Hospital-Centric RHIOs Possible February 13, 2006.
Copyright 2001 – Wireless-Nets, Ltd.Page 1 Public Wireless LAN Hotspots Applications and Technologies September 27, 2001 Presented by: Jim Geier Principal.

Copyright 2001 – Wireless-Nets, Ltd.Page 1 Public Wireless LAN Hotspots Applications and Technologies September 27, 2001 Presented by: Jim Geier Principal.
Wireless and Mobile Technologies for Healthcare: Ensuring Privacy, Security, and Availability Thomas Jepsen Chair, IEEE-USA Medical Technology Policy Committee.

Wireless and Mobile Technologies for Healthcare: Ensuring Privacy, Security, and Availability Thomas Jepsen Chair, IEEE-USA Medical Technology Policy Committee.
The U.S. Health Information Technology Agenda – and the Web John W. Loonsk, MD Director of Interoperability and Standards Office of the National Coordinator.

The U.S. Health Information Technology Agenda – and the Web John W. Loonsk, MD Director of Interoperability and Standards Office of the National Coordinator.
Cheryl M. Stephens Executive Director Community Health Information Collaborative July 17, 2006 Community Health Information Collaborative and the Northeast.

Cheryl M. Stephens Executive Director Community Health Information Collaborative July 17, 2006 Community Health Information Collaborative and the Northeast.
Intermediate 2 Computing

Intermediate 2 Computing
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
IT in Healthcare IT Careers in Healthcare Emerging opportunities for IT professionals Prof. Vance Wilson Arizona State University.

IT in Healthcare IT Careers in Healthcare Emerging opportunities for IT professionals Prof. Vance Wilson Arizona State University.
Electronic Health Records Based on Alliance for Health Reform Toolkit on Health Information Technology Narrated by Leonel V. Baliton.

Electronic Health Records Based on Alliance for Health Reform Toolkit on Health Information Technology Narrated by Leonel V. Baliton.
The World Internet Security Company ID Management in e-Health February 2007.

The World Internet Security Company ID Management in e-Health February 2007.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Attacks and defense strategies in a wireless local area network Course: CSCI5235 Instructor: Dr. Andrew T. Yang Student: Fan Yang.

Attacks and defense strategies in a wireless local area network Course: CSCI5235 Instructor: Dr. Andrew T. Yang Student: Fan Yang.
Presentation to Minnesota Futurists “A forum for the discussion and communication of alternative futures and to assist society in understanding and creating.

Presentation to Minnesota Futurists “A forum for the discussion and communication of alternative futures and to assist society in understanding and creating.
Adoption of Electronic Healthcare Records

Adoption of Electronic Healthcare Records
SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.

SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.

Similar presentations

Ads by Google