The MedFriendly Blog

The MedFriendly blog is run by Dr. Dominic Carone, a board certified clinical neuropsychologist who is the founder and webmaster of the popular medical website, MedFriendly.com. Add to Technorati Favorites

About Me

My Photo
Name: Dominic Carone, Ph.D., ABPP-CN
Location: Syracuse, New York, United States

Please visit the history section of MedFriendly for a biography of Dr. Carone and MedFriendly.com

View my complete profile

Wednesday, October 24, 2007

Guest blog entry: Confidentiality of records


This week's guest blog entry is from Dr. John Halamka who authors the blog, life as a Healthcare CIO. Dr. Halamka holds numerous titles which include Chief Information Officer and Dean for Technology at Harvard Medical School. He is also practicing Emergency Physician. Please check out his website to learn more about him and his work. His posting, written exclusively for MedFriendly, is below:

Protecting patient privacy is foundational to everything we do in healthcare IT. As CIO of Beth Israel Deaconess Medical Center (BIDMC), I am responsible for the security of 3 million patient records and 146 different clinical information systems. Each of these systems has a different audit trail, different access controls, and different technical protections. I have 4 full time IT security professionals to ensure we are protecting every aspect of our infrastructure - networks, operating systems, applications and databases. Security is a journey and each year we add more and more capabilities.

I believe that patients themselves will soon be the stewards of their own data, making decisions about what data is released, when, and to whom. A very important first step toward patient control of their own records is a national set of security standards which can be used by all vendors, payers, providers, and employers in their electronic health records and personal health record systems. On October 15, 2007, the national Healthcare Information Technology Standards Panel completed a year long consensus effort to specify standards which empower the patient to record their own consent preferences and then apply these preferences electronically over a network or on transportable media (such as CD or thumb drive) to control access to records. This effort is described below

http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/10-23-2007/0004688224&EDATE=

Full details are available at http://www.hitsp.org by clicking on the link labeled

HITSP Security and Privacy Documents HERE

These standards will certainly help me to enhance my own heterogeneous clinical systems at BIDMC.

Over the next year, HITSP will publish additional interoperability specifications for personal health records, quality measurement, and clinical summaries that will enhance safety and ensure that confidentiality is protected for all uses of data.

posted by MedFriendly | 8:59 PM

0 Comments:

Post a Comment

<< Home