The question of data security
in a “brave new world” of cloud-based Electronic Health Records (EHRs),
Personal Health Records, and iPhone and other smartphone apps that
could transmit personal health information, has attracted the attention
of many. Web-based services – so-called “cloud computing” – are not inherently secure.
Such technology is focused more on widespread reach and
interconnectedness rather than on making sure that the connections and
the data are foolproof. Yet much of our personal information, such as
banking information, is housed electronically and accessed through the
web – we have become so accustomed to it that we seldom think very much
about it. Personal health information, moreover, is protected by law:
HIPAA, which is focused around physician and hospital-centered
recordkeeping, and now ARRA, which extends HIPAA-like protection to
patient-centered Personal Health Records as well.In a previous blog post,
we reviewed (at a high level) the ways in which special attention to
security and privacy can create what is needed to house personal health
information in a hosted, “cloud”-based setting. In this series of
posts, we will dig a little deeper into these questions. This first
part addresses the issues of data safety, and protection against loss
and “down-time.” The second part will address the question of security
between connections (making sure “the pipes don’t leak”). The third
part will focus on privacy and ensuring that only the right people can
access the right data.
Continue reading "Medical Data in the Internet "Cloud" (part 1) – Data Safety"
Categories: Uncategorized
