Will HITECH Heal Patient Data Hemorrhages?

Author

Johnson, M. Eric ; Willey, Nicholas

Author_Institution

Tuck Sch. of Bus., Center for Digital Strategies, Dartmouth Coll., Dartmouth, NS, Canada

fYear

2011

fDate

4-7 Jan. 2011

Firstpage

1

Lastpage

10

Abstract

Hemorrhages of confidential patient health data create privacy and security concerns. While the US HIPAA legislation on privacy and security went into effect over five years ago, healthcare information security remains a significant concern as organizations migrate to electronic health records. The recent HITECH legislation aimed at accelerating this migration contained mandates for greater security, including the addition of new requirements on breach reporting. We overview this legislation and examine a recently collected sample of inadvertently disclosed files found on internet-based file-sharing networks. We characterize the security risk of these files and also present evidence of the threat by analyzing user-issued searches. Our analysis indicates that the threat and vulnerability for the healthcare sector continued, even as HITECH became effective.

Keywords

data privacy; health care; legislation; medical information systems; security of data; HITECH; Internet-based file-sharing networks; US HIPAA legislation; confidential patient health data; data privacy; data security; electronic health records; healthcare information security; patient data hemorrhages; Government; Hemorrhaging; Hospitals; Portable computers; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

System Sciences (HICSS), 2011 44th Hawaii International Conference on

Conference_Location

Kauai, HI

ISSN

1530-1605

Print_ISBN

978-1-4244-9618-1

Type

conf

DOI

10.1109/HICSS.2011.498

Filename

5718531