Professional Documents
Culture Documents
Some of these theories talk about the different places patient information may go and how
everyone with access to a patients medical record doesnt necessarily need to know all of their
information. Chapter five of Anonymization of Electronic Medical Records to Support Clinical
Analysis, states that a way to solve this is to use Anonymized diagnosis codes, in other words
diagnosis would be given special codes that can only be read by people who need to read them
(2013). Most of these solutions are upscaling the authorization to medical records. A book
entitled For the Record states, in pages 169-177, that for immediate reaction there would be a
need to give everyone a specific identification code and passwords and the future fix would be to
use single-session authentication codes and not individual identification and passcodes (1997).
Individual identifications and passcodes into electronic medical data bases can be dangerous.
One time authentication codes can be safer because the only people who would have those codes
would be current employees.
Places of employment have high security levels when taking care of their building,
employees, and patients so why cant we implement that into the protection of medical records.
Some places of employment have specific authentication codes to enter the building for all
employees. In addition to that, every time an employee is let go the code is changed so the
former employee cannot enter the building. I believe that this would help in the medical record
security aspect as well. If employees are given an authentication code that was changed every
day, this could cut down on hackers figuring out employees passcodes. It would also decrease
the likelihood of passcodes entering into the wrong hands such as patients family members or
corrupt employees. In the book Electronic Medical Records on page 189, it recommends that
immediately after someone is terminated all badges, keys, devices and passcodes be changed
immediately (2001). If the authentication codes to the medical records were one session usage
codes then the organization would not have to be concerned with terminating their passcode and
identification code.
People may see some problems with changing authentication codes. One possible
problem that some people may occur with the one session, daily changing authentication code
could be how everyone would know the code for that day in order to chart. At the beginning of
every shift, when you get your assignment and your report from the previous shift you would
receive the code for the day. Another problem may be with the fact that the authentication code is
only changed daily but a solution to this would be that after the last person clocks out for every
shift the next shift would be given a new code. This way nobody from the previous shift could
gain access to the records after their shift until they came into work again. The organization
would not have to worry about previous or current employers accessing patient information
outside of their working hours. Electronic medical records can be a great asset to the medical
community if you have the right security.
References
Carter, J. H., & American College of Physicians--American Society of Internal Medicine. (2001).
Electronic medical records: A guide for clinicians and administrators. Philadelphia:
American College of Physicians-American Society of Internal Medicine.
Ermakova, T., Fabian, B., Kelkel, S., Wolff, T., & Zarnekow, R. (January 01, 2015). Antecedents
of Health Information Privacy Concerns. Procedia Computer Science, 63, 376-383.
Gkoulalas-Divanis, A., & Loukides, G. (2013). Anonymization of electronic medical records to
support clinical analysis. New York: Springer.
National Research Council (U.S.). (1997). For the record: Protecting electronic health
information. Washington, D.C: National Academy Press.
Robichau, B. P. (2014). Healthcare information privacy and security: Regulatory compliance
and data security in the age of electronic health records.