We should look to financial sector for EHR security

EHRs, or Electronic Health Records have been slowly gaining headway in the past 10 years. EHRs have been implemented in European countries, for example Estonia has established a national EHR for every citizen, which is used by 95% of physicians and 47% of the population. Of course, not all rollouts run smoothly or to-budget (I’m looking at you NHS in the UK).

One huge barrier to use and efficiency is the need for automation of records and the ability for patients to access, and contribute to, their own health records electronically. A large part of this, aside from the technological hurdles, is the security aspect: there is a need to ensure privacy of patient data and a duty of care to avoid any lapse in security.

It is well known that in the banking and financial services industry, transactions over the web and through electronic means are at risk of the same security and privacy invasion, and so measure have been taken by commerce and institutions to combat these. In online credit card transactions, measures taken include addition of the CSV number to ensure the person using the card has the card in their possession. By the same token, some institutions require a unique code for each transaction or login using a ‘dongle’ (or ‘fob’ code generator) that uses a seed code form the institution and an algorithm to determine a code generated at a specific date/time which the institution’s website would recognise when entered within a short timeframe. This kind of security has been in effect for several years, but now has been incorporated into a credit card (Currently only available in South Korea) to replace the inherently more less secure CSV.

We should consider the advances made here in the financial services industry and relate that back to how to grant patients access to their own health records in a secure manner.

Advertisements

0 Responses to “We should look to financial sector for EHR security”



  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




About me

Hi, my name is Paul Jacobs and I write the Medigital blog, as well as being the Director, Digital Strategy at Sonic Boom, a digital and social agency. I hope you enjoy reading my thoughts about the digital domain in pharma and medical communications/education.
Please note that opinions expressed in this blog are my very own and do not necessarily reflect those my employer, family or pets. Twitter: @PJ_Medigital
email: (click)
LinkedIn profile

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,004 other followers

Twitter grade


%d bloggers like this: