Automated healthcare information privacy and security: UAE case

Information Privacy and Security issues are serious matters that organizations from all industries have to deal with. Healthcare industry is no exception. Personally identifiable healthcare information automated by the healthcare industry can be stolen, intercepted, altered, and misused. Acceptable safeguards, therefore, have to be in place in order to ensure the privacy and protection of this information. Without governmental intervention however, it seems unlikely that the healthcare industry will voluntarily implement such safeguards. Specific laws and ePHI security rules does not exist at this point of time in the UAE. The qualitative investigation in this paper was aimed at finding out if healthcare authorities are in the process of formulating and imposing healthcare privacy and security rules and standards. If healthcare institutions adhere to these privacy and security rules. Also, if lack of specific laws open the door to none compliance and adherence to healthcare privacy and security rules and standards imposed by regulatory bodies. This research study revealed that while Health Authorities are doing their best to improve healthcare standards through data standards, implementation of EHR and ePHI protection, data collected revealed mixed results. While some healthcare institutions are striving to meet some recommendations, others are less responsive. Therefore, a detailed privacy and security rule and enforcing mechanisms are required.