Confidentiality Issues within a Clinical Information System: Moving from Data-driven to Event-driven Design

P. Staccini; M. Joubert; D. Fieschi; M. Fieschi

doi:10.1055/s-0038-1634412

Methods of Information in Medicine, Table of Contents

Methods Inf Med 1999; 38(04/05): 298-302
DOI: 10.1055/s-0038-1634412

Original Article

Schattauer GmbH

Confidentiality Issues within a Clinical Information System: Moving from Data-driven to Event-driven Design

P. Staccini

¹Département d’Information Médicale, Centre Hospitalier Universitaire de Nice, Hôpital Cimiez, Nice, France

,

M. Joubert

²LERTIM, Faculté de Médecine, Université de la Méditerranée, Marseille, France

,

D. Fieschi

²LERTIM, Faculté de Médecine, Université de la Méditerranée, Marseille, France

,

M. Fieschi

²LERTIM, Faculté de Médecine, Université de la Méditerranée, Marseille, France

› Author Affiliations

Abstract

Within a hospital, the moving of medical information systems from retrospective data-gathering methods to prospective clinical information systems raises the question of the confidentiality of patient data. A method of improving the traditional matrix model usually used to achieve access controls is described. The event-driven model refers to the way a security system ensures that a given user has a valid »need-to« relationship to a given patient. Events are defined as the occurrence of specific data that trigger the creation or the updating of the relationship between the identity of a user and the identity of a patient (e. g., admission, discharge, transfer, prescription, and report). The creation and the deletion of the relationships between users and patients are based on numerous repositories and working lists of patients. This implementation requires an organization of the hospital activities which is able to manage, in a real-time manner, those repositories as closely as possible to the steps occurring during the patient’s care process. Although this approach seems to reasonably fit the dynamic of the care process, it adds significant organizational constraints.

Keywords

Confidentiality - Privacy - Medical Records Systems - Computerised Patient Records - Patient-centered Care

Full Text

References

REFERENCES
1 Griesser G. Data Protection in Hospital Information Systems: 1. Definition and Overview. In: Orthner HF, Blum BI. eds. Implementing Health Care Information Systems. New York: Springer Verlag; 1989: 222-53.
2 Kluge EH. Advanced patient record: some ethical and legal considerations touching medical information space. Method Inform Med 1993; 32: 95-103.
3 CEN/TC251/WG6. Medical Informatics: Security Categorisation and Protection for Healthcare Information Systems. Draft preENV. CEN/TC251/WG6/N95-30.
4 Murphy GF. Audit Logs – A Security Tool for CPRs. Journal of AHIMA. 1996 67 (6). http://www.ahima.org/publications/2d/june.technology.html (last visited: 11/11/1999).
5 Baldwin FD. Computerized records security: problems of policy, not technology. Pa Med 1996; 99: 22-3.
6 Williams RC. Privacy and computerized medical records. Ala Med 1995; 65: 29-37.
7 Lawrence LM. Safeguarding the confidentiality of automated medical information. Jt Comm J Qual Improv 1994; 20: 639-46.
8 Iversen KR, Heimly V, Lundgren TI. Implementing Security in Computer Based Patient Records. Clinical Experiences. Medinfo 1995; 8 Pt 1: 657-60.
9 Pangalos G, Khair M, Bozios L. An Integrated Secure Design of a Medical Database System. Medinfo 1995; 8 Pt 1: 666-70.
10 Immonen S. Developments in health care, the increasing role of information technology; security issues. Int J Biomed Comput 1996; 43: 9-15.
11 Bleumer G. Security for decentralized health information systems. Int J Biomed Comput 1994; 35, Suppl: 139-45.
12 Brannigan VM. Patient privacy in the era of medical computer networks: a new paradigm for a new technology. Medinfo 1995; 8 Pt 1: 640-3.
13 Masys DR, Baker DB. Patient-Centered Access to Secure Systems Online (PCASSO): A Secure Approach to Clinical Data Access Via the World Wide Web. Proc AMIA Symp 1997: 340-3.
14 Stodolsky DS. Automation of contagion vigilance. Method Inform Med 1997; 36: 221-32.
15 Brannigan VM. A framework for »Need to Know« authorizations in medical computer systems: responding to the constitutional requirements. Proc Annu Symp Comput Appl Med Care. 1994: 392-6.
16 Henkind SJ, Orlowski JM, Skarulis PC. Application of a Multilevel Access Model in the Development of a Security Infrastructure for a Clinical Information System. Proc Annu Symp Comput Appl Med Care. 1993: 64-8.
17 Bowen JW, Klimczak JC, Riuz M, Barnes M. Design of Access Control Methods for Protecting the Confidentiality of Patient Information in Networked Systems. Proc AMIA Annu Fall Symp. 1997: 46-50.
18 de Roulet D, Scherrer JR. Technical Means for Securing Health Information. Int J Biomed Comput 1996; 43: 39-44.