Title :
Assessing the HIPAA standard in practice: PHR privacy policies
Author :
Carrión, Inmaculada ; Alemán, José Luis Fernández ; Toval, Ambrosio
Author_Institution :
Dept. of Inf. & Syst., Univ. of Murcia, Murcia, Spain
fDate :
Aug. 30 2011-Sept. 3 2011
Abstract :
Health service providers are starting to become interested in providing PHRs (Personal Health Records). With PHRs, access to data is controlled by the patient, and not by the health care provider. Companies such as Google and Microsoft are establishing a leadership position in this emerging market. A number of benefits can be achieved with PHRs, but important challenges related to security and privacy must be addressed. This paper presents a review of the privacy policies of 20 free web-based PHRs. Security and privacy characteristics were extracted and assessed according to the HIPAA standard. The results show a number of important differences in the characteristics analyzed. Some improvements can be made to current PHR privacy policies to enhance the audit and management of access to users´ PHRs. A questionnaire has been defined to assist PHR designers in this task.
Keywords :
data privacy; information resources; medical information systems; security of data; HIPAA standard assessment; PHR privacy policies; health service providers; personal health records; security; web based PHR; Data privacy; Medical services; Privacy; Security; Standards; Systematics; Web sites; Confidentiality; Electronic Health Records; Health Insurance Portability and Accountability Act; Health Records, Personal; Practice Guidelines as Topic; United States;
Conference_Titel :
Engineering in Medicine and Biology Society, EMBC, 2011 Annual International Conference of the IEEE
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4244-4121-1
Electronic_ISBN :
1557-170X
DOI :
10.1109/IEMBS.2011.6090664