Prospective study of clinician-entered research data in the Emergency Department using an Internet-based system after the HIPAA Privacy Rule

BACKGROUND: Design and test the reliability of a web-based system for multicenter, real-time collection of data in the emergency department (ED), under waiver of authorization, in compliance with HIPAA. METHODS: This was a phase I, two-hospital study of patients undergoing evaluation for possible pulmonary embolism. Data were collected by on-duty clinicians on an HTML data collection form (prospective e-form), populated using either a personal digital assistant (PDA) or personal computer (PC). Data forms were uploaded to a central, offsite server using secure socket protocol transfer. Each form was assigned a unique identifier, and all PHI data were encrypted, but were password-accessible by authorized research personnel to complete a follow-up e-form. RESULTS: From April 15, 2003-April 15 2004, 1022 prospective e-forms and 605 follow-up e-forms were uploaded. Complexities of PDA use compelled clinicians to use PCs in the ED for data entry for most forms. No data were lost and server log query revealed no unauthorized entry. Prospectively obtained PHI data, encrypted upon server upload, were successfully decrypted using password-protected access to allow follow-up without difficulty in 605 cases. Non-PHI data from prospective and follow-up forms were available to the study investigators via standard file transfer protocol. CONCLUSIONS: Data can be accurately collected from on-duty clinicians in the ED using real-time, PC-Internet data entry in compliance with the Privacy Rule. Deidentification-reidentification of PHI was successfully accomplished by a password-protected encryption-deencryption mechanism to permit follow-up by approved research personnel

Perception gaps and the adoption of information technology in the clinical healthcare environment

Implementation of information systems has lagged in many areas of clinical healthcare for a variety of reasons. Economics, data complexity and resistance are among the often quoted roadblocks. Research suggests that physicians play a major part in the adoption, use and diffusion of information technology (IT) in clinical settings. There are also other healthcare professionals, clinical and non-clinical, who play important roles in making decisions about the acquisition of information technology. In addition to these groups there are information technology professionals providing the services required within the healthcare field. Finally within this group are those IT professionals who have sufficient cross training to understand specific needs. Each member of these groups brings a different perspective to both needs assessments as well as implementation of clinical systems. This study considers the idea that there are preconceived differences of opinion of the information needs of clinical healthcare by the clinical community and the information technology professionals. Are these differences significant enough to create a barrier to implementation? A questionnaire was developed from preliminary data to assess multiple parameters which could impact implementation of a clinical information technology solution. A Web of System Performance (WOSP) model was created to map each of the following eight areas of concern: functionality, usability, extendibility, connectivity, flexibility, reliability, privacy and security. Responses to the questions were related to professional roles, age and experience. There were no differences seen in the perceived need for secure systems by either healthcare workers or IT professionals. The variance of perceived need was greatest among the various non-physician healthcare workers when compared to physicians or information technology professions. This was a consistent pattern for the otherparameters with the exception of the usability of the electronic health record. In this area all groups disagreed significantly. The study, though limited by its small sample, still suggests that the resistance by healthcare professionals is not a significant barrier to successful information technology implementation

An Integrated Social Actor and Service Oriented Architecture (SOA) Approach for Improved Electronic Health Record (EHR) Privacy and Confidentiality in the US National Healthcare Information Network (NHIN)

The emerging US National Healthcare Information Network (NHIN) will improve healthcare’s efficacy, efficiency, and safety. The first-generation NHIN being developed has numerous advantages and limitations. One of the most difficult aspects of today’s NHIN is ensuring privacy and confidentiality for personal health data, because family and caregivers have multiple complex legal relationships to a patient. A Social Actor framework is suggested to organize and manage these legal roles, but the Social Actor framework would be very difficult to implement in today’s NHIN. Social Actor Security Management could, however, be effectively implemented using Service Oriented Architectures (SOAs), which are rapidly becoming accepted for supporting complex information exchange across heterogeneous information systems fabrics. The Department of Defense is applying SOA to all of its enterprises. It is using customized simulation and modeling tools to achieve security and robustness goals and to reduce the intrinsic design and implementation risks for SOA’s complex Systems of Systems environment. This paper integrates all of these approaches into a next-generation NHIN-2 design based on a specific Air Force SOA named MCSOA. This NHIN-2 design uses MCSOA to create Security Management, Service Discovery, and Presence Management agents to implement Social Actor support for improved confidentiality and privacy

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs

Electronic medical records concepts and data management

Healthcare information (Clinical Data) is associated with every individual, young or old, rich or poor, belonging to any country. Clinical data is very extensive. Everyday some new diseases and new symptoms are being seen and the human race is struggling to find cures. There are many diseases whose diagnosis, symptoms, and possible treatment are known but unfortunately that rare knowledge is not available to every individual in the world. This initiates all the vision behind presenting a paper on EMR/ EHR and its Data Management. The thesis reviews the concept of EMR/ EHR thus explaining its concepts, importance, market need etc. Thesis will also explain privacy and security related to clinical data in electronic format which is a very important as any electronic data is prone to hacks and data loss. To manage and utilize such amount of data, there is need of extensive data management and so the thesis explains the concepts of Datawarehouse, its importance, ETL, Schemas etc. As part of explaining these concepts a mini EMR/EHR Datawarehouse is designed which explains various subject areas possible in any EMR Datawarehouse. Last but not the least, the thesis comments on the Future of EMR/ EHR and the World Vision on this revolutionary change

E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks

A wireless medical sensor network (WMSN) can sense humans’ physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals’ hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients’ medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs

Use of Smartphones for Clinical and Medical Education

Introduction: Smartphones for clinical and medical education have been on the rise and show contribution to healthcare and healthcare providers. Smartphones in healthcare facilities has been examined for utilization and efficacy, however, although the advantages are abundant some healthcare facilities and providers are reluctant to change due to threat of mixing personal apps with clinical care applications, distraction to the provider using the smartphone which has led to medication errors followed by errors linked to procedures, treatments, or tests. The purpose of this research was to examine the effects of smartphones in a clinical setting and for medical education to determine the impact of smartphones. Methodology: The methodology for this qualitative study was a literature review. Five electronic databases were pinpointed. The search was limited to articles published between 2010 and 2014 in the English language to keep the research study current, 41 sources were referenced for this literature review. Results: This literature review examined several studies and states’ the implementation and barriers of the use of smartphones for clinical and medical educational environment. Smartphones was demonstrated to have more positive effects than negative on the ability to enhance patient care and medical education. An abundance of resources were able to support the results to the findings. Discussion/Conclusion: Utilization of smartphones is discussed as the newest and most effective and efficient method of patient care and medical education in the healthcare industry. Benefits of increased access and quality of care are further discussed

Mobile Applications for Diabetes Self-Management: Status and Potential

Background:Advancements in smartphone technology coupled with the proliferation of data connectivity has resulted in increased interest and unprecedented growth in mobile applications for diabetes self-management. The objective of this article is to determine, in a systematic review, whether diabetes applications have been helping patients with type 1 or type 2 diabetes self-manage their condition and to identify issues necessary for large-scale adoption of such interventions.Methods:The review covers commercial applications available on the Apple App Store (as a representative of commercially available applications) and articles published in relevant databases covering a period from January 1995 to August 2012. The review included all applications supporting any diabetes self-management task where the patient is the primary actor.Results:Available applications support self-management tasks such as physical exercise, insulin dosage or medication, blood glucose testing, and diet. Other support tasks considered include decision support, notification/alert, tagging of input data, and integration with social media. The review points to the potential for mobile applications to have a positive impact on diabetes self-management. Analysis indicates that application usage is associated with improved attitudes favorable to diabetes self-management. Limitations of the applications include lack of personalized feedback; usability issues, particularly the ease of data entry; and integration with patients and electronic health records.Conclusions:Research into the adoption and use of user-centered and sociotechnical design principles is needed to improve usability, perceived usefulness, and, ultimately, adoption of the technology. Proliferation and efficacy of interventions involving mobile applications will benefit from a holistic approach that takes into account patients\u27 expectations and providers\u27 needs