An Assessment on Various Information Security and Privacy In Healthcare Information System

Rajesh Sonkar, International Journal of Information Technology and Management


Information security andprivacy in the healthcare sector is an issue of growing importance. Theadoption of digital patient records, increased regulation, providerconsolidation, and the increasing need for information between patients,providers, and payers, all point towards the need for better informationsecurity. We critically survey the research literature on information securityand privacy in healthcare, published in both information systems,non-information systems disciplines including health informatics, publichealth, law, medicine, and popular trade publications and reports. In this paper,we provide a holistic view of the recent research and suggest new areas ofinterest to the information systems community. With the recent developmentsin information and communication technology, healthcare is constantlyundergoing changes with new medical technologies, business models and research findings.It has evolved as a new data-centric, more precise, productive, accurate andtimely system which can make the difference of life and death in acute situations known as Electronic HealthRecords (EHRs). The requirements for security and privacy are also verycritical and very difficult to satisfy in case of EHRs data as compared to anyother data. This is due to the conflicting needs of clinicians (who demand openand easy access to EHRs) and the patients (who prefer closed and private accessto EHRs). Patient Health Record (PHR) systems offer greatpromise but raise significant philosophical, cultural, legal, and technicalchallenges. In hopes of furthering debate on key issues, we explain some centralquestions about the role, purpose, and policies associated with these systems.We also propose a framework for addressing policy questions and candidatetechnology that we