Patient Data Security and Privacy

Lecture # 7

PHCL 498

Amar Hijazi, Majed Alameel, Mona AlMehaid

Agenda

Defining Information Security

Information Security Goals

Security Risks

Defining Information Privacy

Introduction

In medical practice patients are unlikely to share sensitive information unless they trust that you will honor their confidentiality

Ponemon Institute released a 2011 research report on patient privacy and security with the following key findings:

Healthcare data breaches are on the rise; 32 % rise over the previous years

Widespread use of mobile technology is putting data at risk

In spite of breaches, many organizations have not set data privacy and security as a priority

Financial consequences of data breaches are very significant

Medical identity theft is a major problem

Why does it Matter?

Ensuring Privacy and Security of health information, including information in EHR is the key component to

building the trust required to realize the potential benefits of electronic health information capture and

exchange

Defining Information Security

Refers to protecting information and information systems from unauthorized:

Access

Use

Disclosure

Disruption

Modification

Destruction

Information Security Pillars/Goals

Availability Confidentiality

Integrity

Confidentiality

Is the avoidance of the unauthorized disclosure of information

Involves:

Protection of data

Providing access for those who are allowed to see the data

Disallowing non-allowed from learning anything about the data

Tools for Confidentiality

Encryption

Access Control

Authentication

Authorization

Physical security

Encryption

The transformation of information using a secret, called an encryption key, so that the transformed information can only be read using another secret, called the decryption key

Allowing two parties to establish confidential communication over an insecure channel that is subject to eavesdropping

Access Control

Rules and policies that limit access to confidential information to those people and /or systems with a “need to know”

This need to know may be determined by identity, such as a person’s name or a computer’s serial number, or by a role that a person has, such as being a manager or a computer security specialist

Authentication

The determination of the identity or role that someone has

Could be performed by different ways and usually based on a combination of:

Something a person has (e.g. Smart cards)

Something a person knows (e.g. Password)

Something a person is (e.g. Fingurprint)

Authorization

The determination if a person or system is allowed access to resources, based on access control policy

Physical Security

The establishment of physical barriers to limit access to protected computational resources

Such barriers include locks on cabinets and doors, the placement of computers in windowless rooms and even the construction of buildings or rooms with walls incorporating copper meshes so that electromagnetic signals cannot enter or exit enclosures

Integrity

Ensuring that information has not been altered in an unauthorized way

Tools:

Backups

Capturing Data Correction

Availability

Ensuring that information is accessible and modifiable in a timely manner by those authorized to do so

Tools:

Physical protection: infrastructure meant to keep information available

Computational redundancies: computers and storage devices that serve as fallbacks in the case of failure

Safeguards Required by HIPPA Security Rule

Administrative

Physical

Technical

Security Risks needed to be Analyzed

Vulnerabilities: weaknesses in a system that could be used to cause harm (e.g. user access controls are not properly configured allowing staff to inappropriately view patient information)

Threats: sets of circumstances with the potential to cause harm (e.g. theft of portable device that stores or can access patient information)

Attacks: occur when vulnerabilities are deliberately exploited

Defining Information Privacy

Is a set of rules and standards for the use and disclosure of individually identifiable health information – often referred to as protected health information – by specific entities, as well as standards for providing individuals with privacy rights helping them controlling how their health information is used The patient has the right to:

Examine and obtain a copy of their health records

Have corrections added to their health information

Receive a notice that discusses how health information can be used or shared for certain purposes

Provide permission on whether health information can be used or shared

Get reports on when and why health information was shared

File a complaint if rights are being denied or health information is not being protected

HIPPA Privacy Rule

There is a method that can be employed to use and release data without restrictions

The privacy rule mandates that organizations de-identify the data by removing:

Names

Geographic subdivisions smaller than a state

Birth dates, admission date, discharge date, date of death

Telephone number

Facsimile numbers

Medical record number

HIPPA Information Privacy, Con’d

Health plan beneficiary number

Account number

Certificate/license number

Vehicle identifiers

Device identifiers

URL (web Universal Recourse Locator)

IP (internet protocol) address number

Biometric identifier (fingerprint)

Photographic images

Any other unique identifier

Properly Configured HER should Provide

Unique passwords and user names

User and role based access controls

Backup and recovery

Encryption

Appropriate and properly installed wireless capabilities