Personal health records and personal health record systems: a report recommendation from the National Committee on Vital and Health Statistics

President Bush and Secretary Leavitt have put forward a vision that, in the Secretary\ue2\u20ac\u2122s words, \ue2\u20ac\u153would create a personal health record that patients, doctors and other health care providers could securely access through the Internet no matter where a patient is seeking medical care.\ue2\u20ac? The National Health Information Infrastructure Workgroup of the National Committee on Vital and Health Statistics (NCVHS) held six hearings on personal health records (PHRs) and PHR systems in 2002-2005. On the basis of those hearings, the Workgroup developed a letter report with twenty recommendations that it sent to the Secretary in September 2005. Citing the role PHR systems could play in improving health and healthcare and furthering the broad health information technology agenda, the letter report urges the Secretary to exercise leadership and give priority to developing PHRs and PHR systems, consistent with the Committee\ue2\u20ac\u2122s recommendations. The present report is a slightly expanded version of the letter report sent to the Secretary. Although substantively unchanged, it adds clarifying information for a broader audience.Acknowledgements -- Executive summary -- Background -- Personal Health records are evolving in concept and practice (Recommendations 1-2) -- Personal health record systems\ue2\u20ac\u2122 value depends on users, sponsors, and functionality -- Privacy (Recommendations 3-7) -- Security requirements (Recommendations 8-9) -- Interoperability (Recommendations 10-14) -- Federal Roles in PHR systems, internal and external (Recommendations 15-16) -- Advancing research and evaluation on PHR systems (Recommendations 17-20) -- Next steps for NCVHS"Developed by the Workgroup on the National Health Information Infrastructure (NHII) of the National Committee on Vital and Health Statistics"--P. 2.Also available via the World Wide Web.Includes bibliographical references

Architectural Constraints on the Bootstrapping of a Personal Health Record

During the last decade we have seen a proliferation of electronic personal health record systems (PHRs) aiming to change the way people manage and receive healthcare. However, many of these initiatives have failed to take-off. We inquire into such unsatisfactory outcomes by drawing upon the perspective proposed in the information infrastructure (II) literature. This literature views the value of PHRs as dependent on the number of actors using them. This poses a challenge for designers (referred to as ‘bootstrapping’): how to persuade users to adopt a PHR when the user base is still small. To address the bootstrap- ping challenge, II literature suggests starting with a simple solution that creates immediate user value and enables users to enroll gradually. This paper seeks to explore how PHR architecture can hinder PHR bootstrapping through a longitudinal case study on the implementation of an integrated PHR. Our case analysis identifies four architectural constraints: poor data quality; coordination across heterogeneity; privacy and control; and re-configurability. This paper concludes by discussing the implications of the findings for the literature on personal and electronic health records and on the design of information infrastructures

An Overview Of Consumer Perceptions And Acceptance As Well As Barriers And Potential Of Electronic Personal Health Records

Healthcare industry leaders, government agencies and the general public are beginning to see the value that Electronic Health Records (EHR) systems bring through increased quality, reduced medical error rates, and improved care coordination. One subset of the EHR, known as the electronic personal health record (PHR), is gaining in popularity. Before PHRs will be widely adopted, many barriers to their use must be overcome. These include the costs to the developer, host, and patient. Patient access to electronic resources is a concern. Interoperability is another problem. It is not practical for physicians to convert different data formats so that different PHRs may be adopted. Finally, privacy and security concerns also impact EHR adoption. Patients want assurance that their data is secure and not used for marketing purposes. Despite these barriers, there is high consumer interest in PHR products. In future, it is expected that PHR programs will be certified, security and privacy will be enforced by legislation, and standards for interoperability will be developed. PHR will also incorporate additional decision support aids and may become part of a social network that promotes peer support for positive behavior change. This paper will provide an overview of all these issues pertaining to PHR

Usefulness and Usability of a Personal Health Record and Survivorship Care Plan for Colorectal Cancer Survivors: Survey Study

Background: As a result of improvements in cancer screening, treatment, and supportive care, nearly two-thirds of individuals diagnosed with colorectal cancer (CRC) live for 5 years after diagnosis. An ever-increasing population of CRC survivors creates a need for effective survivorship care to help manage and mitigate the impact of CRC and its treatment. Personal health records (PHRs) and survivorship care plans provide a means of supporting the long-term care of cancer survivors. Objective: The purpose of this study is to characterize the usefulness of a CRC PHR and survivorship care plan and to describe the usability of these technologies in a population of CRC survivors. To our knowledge, this is the first study to assess a PHR and survivorship care plan specifically targeting CRC survivors. Methods: Twenty-two patients with CRC were recruited from surgery clinics of an academic medical center and Veterans Affairs hospital in Indianapolis and provided access to an online Colorectal Cancer Survivor’s Personal Health Record (CRCS-PHR). Survey data were collected to characterize the usefulness of the CRCS-PHR and describe its usability in a population of CRC survivors. CRC survivors were surveyed 6 months after being provided online access. Means and proportions were used to describe the usefulness and ease of using the CRC website. Open-ended questions were qualitatively coded using the constant comparative method. Results: CRC survivors perceived features related to their health care (ie, summary of cancer treatment history, follow-up care schedule, description of side effects, and list of community resources) to be more useful than communication features (ie, creating online relationships with family members or caregivers, communicating with doctor, and secure messages). CRC survivors typically described utilizing traditional channels (eg, via telephone or in person) to communicate with their health care provider. Participants had overall positive perceptions with respect to ease of use and overall satisfaction. Major challenges experienced by participants included barriers to system log-in, lack of computer literacy or experience, and difficulty entering their patient information. Conclusions: For CRC, survivors may find the greater value in a PHR’s medical content than the communication functions, which they have available elsewhere. These findings regarding the usefulness and usability of a PHR for the management of CRC survivorship provide valuable insights into how best to tailor these technologies to patients’ needs. These findings can inform future design and development of PHRs for purposes of both cancer and chronic disease management

Adaptively Secure Computationally Efficient Searchable Symmetric Encryption

Searchable encryption is a technique that allows a client to store documents on a server in encrypted form. Stored documents can be retrieved selectively while revealing as little information as\ud possible to the server. In the symmetric searchable encryption domain, the storage and the retrieval are performed by the same client. Most conventional searchable encryption schemes suffer\ud from two disadvantages.\ud First, searching the stored documents takes time linear in the size of the database, and/or uses heavy arithmetic operations.\ud Secondly, the existing schemes do not consider adaptive attackers;\ud a search-query will reveal information even about documents stored\ud in the future. If they do consider this, it is at a significant\ud cost to updates.\ud In this paper we propose a novel symmetric searchable encryption\ud scheme that offers searching at constant time in the number of\ud unique keywords stored on the server. We present two variants of\ud the basic scheme which differ in the efficiency of search and\ud update. We show how each scheme could be used in a personal health\ud record system

Information technologies that facilitate care coordination: provider and patient perspectives

Health information technology is a core infrastructure for the chronic care model, integrated care, and other organized care delivery models. From the provider perspective, health information exchange (HIE) helps aggregate and share information about a patient or population from several sources. HIE technologies include direct messages, transfer of care, and event notification services. From the patient perspective, personal health records, secure messaging, text messages, and other mHealth applications may coordinate patients and providers. Patient-reported outcomes and social media technologies enable patients to share health information with many stakeholders, including providers, caregivers, and other patients. An information architecture that integrates personal health record and mHealth applications, with HIEs that combine the electronic health records of multiple healthcare systems will create a rich, dynamic ecosystem for patient collaboration

Secure Management of Personal Health Records by Applying Attribute-Based Encryption

The confidentiality of personal health records is a major problem when patients use commercial Web-based systems to store their health data. Traditional access control mechanisms, such as Role-Based Access Control, have several limitations with respect to enforcing access control policies and ensuring data confidentiality. In particular, the data has to be stored on a central server locked by the access control mechanism, and the data owner loses control on the data from the moment when the data is sent to the requester. Therefore, these mechanisms do not fulfil the requirements of data outsourcing scenarios where the third party storing the data should not have access to the plain data, and it is not trusted to enforce access control policies. In this paper, we describe a new approach which enables secure storage and controlled sharing of patient’s health records in the aforementioned scenarios. A new variant of a ciphertext-policy attribute-based encryption scheme is proposed to enforce patient/organizational access control policies such that everyone can download the encrypted data but only authorized users from the social domain (e.g. family, friends, or fellow patients) or authorized users from the professional\ud domain (e.g. doctors or nurses) are allowed to decrypt it

The Promise of Health Information Technology: Ensuring that Florida's Children Benefit

Substantial policy interest in supporting the adoption of Health Information Technology (HIT) by the public and private sectors over the last 5 -- 7 years, was spurred in particular by the release of multiple Institute of Medicine reports documenting the widespread occurrence of medical errors and poor quality of care (Institute of Medicine, 1999 & 2001). However, efforts to focus on issues unique to children's health have been left out of many of initiatives. The purpose of this report is to identify strategies that can be taken by public and private entities to promote the use of HIT among providers who serve children in Florida

A Type-and-Identity-based Proxy Re-Encryption Scheme and its Application in Healthcare

Proxy re-encryption is a cryptographic primitive developed to delegate the decryption right from one party (the delegator) to another (the delegatee). In a proxy re-encryption scheme, the delegator assigns a key to a proxy to re-encrypt all messages encrypted with his public key such that the re-encrypted ciphertexts can be decrypted with the delegatee’s private key. We propose a type-and-identity-based proxy re-encryption scheme based on the Boneh-Franklin Identity Based Encryption (IBE) scheme. In our scheme, the delegator can categorize messages into different types and delegate the decryption right of each type to the delegatee through a proxy. Our scheme enables the delegator to provide the proxy fine-grained re-encryption capability. As an application, we propose a fine-grained Personal Health Record (PHR) disclosure scheme for healthcare service by applying the proposed scheme