A systematic literature review on security and privacy of electronic health record systems: Technical perspectives

A systematic literature review on security and privacy of electronic health record systems: Technical perspectives

Background: Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. Objective: This article presents the results of a systematic literature review regarding frequently adopted...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Health Information Management Journal 2015, Vol.44 (3), p.23-38
Hauptverfasser: Rezaeibagha, Fatemeh, Win, Khin Than, Susilo, Willy
Format: Artikel
Sprache:eng
Schlagworte:
Cryptography
Data integration (Computer science)
Data processing
Health administration
Information storage and retrieval systems
Internetworking (Telecommunication)
Medical records
Security measures
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 38
container_issue 3
container_start_page 23
container_title Health Information Management Journal
container_volume 44
creator Rezaeibagha, Fatemeh
Win, Khin Than
Susilo, Willy
description Background: Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. Objective: This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Method: Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Results: Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. Conclusion: This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.
doi_str_mv 10.1177/183335831504400304
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1177_183335831504400304</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><informt_id>10.3316/ielapa.548633336142172</informt_id><sage_id>10.1177_183335831504400304</sage_id><sourcerecordid>1722422272</sourcerecordid><originalsourceid>FETCH-LOGICAL-c469t-d0fe3e32d2f6059142a88f5454c0a72a2a3a74bdabf2045cbfcfeb56eebc4cc53</originalsourceid><addsrcrecordid>eNqVkEtr3DAUhU1paEKaP5BF0bIbN3ranu5CaJuGQDdJtuJavsposC1XkqfMv6_mkRBIW-jKgvudD59TFOeMfmKsri9YI4RQjWCKSkmpoPJNccIE56VcMPE2vzNQbonj4izGFaWUK6nEon5XHPOKMaF4dVKESxI3MeEAyRnSu4QB0hyQBFw7_EX8SCKaObi0ITB2ZApuDWZDvCXYo0nBjzm3ROjTMmeMD91BGD-TOzTLfIaeTBjilHG3xvi-OLLQRzw7fE-L-69f7q6uy9sf375fXd6WRlaLVHbUokDBO24rqhZMcmgamytIQ6HmwEFALdsOWsupVKa1xmKrKsTWSGOUOC0-7r1T8D9njEkPLhrsexjRz1GzmnPJOa95RvkeNcHHGNDq3HOAsNGM6u3c-vXcOfTh4J_bAbvnyNO4GbjYAxEeUa_8HMbc99_Kh30iDC5p4_vtxM6PcQUp6ogQzFK70frd3YdH3Xmnod1JhWCVdtjDBFrJpsp2UeXZ2K7gzQtxJmz6q-5Z9XR4Lbv-f9mf_-s3nlvaJg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1722422272</pqid></control><display><type>article</type><title>A systematic literature review on security and privacy of electronic health record systems: Technical perspectives</title><source>SAGE Complete A-Z List</source><creator>Rezaeibagha, Fatemeh ; Win, Khin Than ; Susilo, Willy</creator><creatorcontrib>Rezaeibagha, Fatemeh ; Win, Khin Than ; Susilo, Willy</creatorcontrib><description>Background: Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. Objective: This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Method: Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Results: Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. Conclusion: This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.</description><identifier>ISSN: 1833-3583</identifier><identifier>EISSN: 1322-4913</identifier><identifier>EISSN: 1833-3575</identifier><identifier>DOI: 10.1177/183335831504400304</identifier><identifier>PMID: 26113526</identifier><language>eng</language><publisher>London, England: SAGE Publications</publisher><subject>Cryptography ; Data integration (Computer science) ; Data processing ; Health administration ; Information storage and retrieval systems ; Internetworking (Telecommunication) ; Medical records ; Security measures</subject><ispartof>Health Information Management Journal, 2015, Vol.44 (3), p.23-38</ispartof><rights>2015 Health Information Management Association of Australia Limited</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c469t-d0fe3e32d2f6059142a88f5454c0a72a2a3a74bdabf2045cbfcfeb56eebc4cc53</citedby><cites>FETCH-LOGICAL-c469t-d0fe3e32d2f6059142a88f5454c0a72a2a3a74bdabf2045cbfcfeb56eebc4cc53</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://journals.sagepub.com/doi/pdf/10.1177/183335831504400304$$EPDF$$P50$$Gsage$$H</linktopdf><linktohtml>$$Uhttps://journals.sagepub.com/doi/10.1177/183335831504400304$$EHTML$$P50$$Gsage$$H</linktohtml><link.rule.ids>314,776,780,4009,21799,27902,27903,27904,43600,43601</link.rule.ids><backlink>$$Uhttps://www.ncbi.nlm.nih.gov/pubmed/26113526$$D View this record in MEDLINE/PubMed$$Hfree_for_read</backlink></links><search><creatorcontrib>Rezaeibagha, Fatemeh</creatorcontrib><creatorcontrib>Win, Khin Than</creatorcontrib><creatorcontrib>Susilo, Willy</creatorcontrib><title>A systematic literature review on security and privacy of electronic health record systems: Technical perspectives</title><title>Health Information Management Journal</title><addtitle>Health Inf Manag</addtitle><description>Background: Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. Objective: This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Method: Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Results: Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. Conclusion: This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.</description><subject>Cryptography</subject><subject>Data integration (Computer science)</subject><subject>Data processing</subject><subject>Health administration</subject><subject>Information storage and retrieval systems</subject><subject>Internetworking (Telecommunication)</subject><subject>Medical records</subject><subject>Security measures</subject><issn>1833-3583</issn><issn>1322-4913</issn><issn>1833-3575</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2015</creationdate><recordtype>article</recordtype><recordid>eNqVkEtr3DAUhU1paEKaP5BF0bIbN3ranu5CaJuGQDdJtuJavsposC1XkqfMv6_mkRBIW-jKgvudD59TFOeMfmKsri9YI4RQjWCKSkmpoPJNccIE56VcMPE2vzNQbonj4izGFaWUK6nEon5XHPOKMaF4dVKESxI3MeEAyRnSu4QB0hyQBFw7_EX8SCKaObi0ITB2ZApuDWZDvCXYo0nBjzm3ROjTMmeMD91BGD-TOzTLfIaeTBjilHG3xvi-OLLQRzw7fE-L-69f7q6uy9sf375fXd6WRlaLVHbUokDBO24rqhZMcmgamytIQ6HmwEFALdsOWsupVKa1xmKrKsTWSGOUOC0-7r1T8D9njEkPLhrsexjRz1GzmnPJOa95RvkeNcHHGNDq3HOAsNGM6u3c-vXcOfTh4J_bAbvnyNO4GbjYAxEeUa_8HMbc99_Kh30iDC5p4_vtxM6PcQUp6ogQzFK70frd3YdH3Xmnod1JhWCVdtjDBFrJpsp2UeXZ2K7gzQtxJmz6q-5Z9XR4Lbv-f9mf_-s3nlvaJg</recordid><startdate>2015</startdate><enddate>2015</enddate><creator>Rezaeibagha, Fatemeh</creator><creator>Win, Khin Than</creator><creator>Susilo, Willy</creator><general>SAGE Publications</general><scope>NPM</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7X8</scope></search><sort><creationdate>2015</creationdate><title>A systematic literature review on security and privacy of electronic health record systems: Technical perspectives</title><author>Rezaeibagha, Fatemeh ; Win, Khin Than ; Susilo, Willy</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c469t-d0fe3e32d2f6059142a88f5454c0a72a2a3a74bdabf2045cbfcfeb56eebc4cc53</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2015</creationdate><topic>Cryptography</topic><topic>Data integration (Computer science)</topic><topic>Data processing</topic><topic>Health administration</topic><topic>Information storage and retrieval systems</topic><topic>Internetworking (Telecommunication)</topic><topic>Medical records</topic><topic>Security measures</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Rezaeibagha, Fatemeh</creatorcontrib><creatorcontrib>Win, Khin Than</creatorcontrib><creatorcontrib>Susilo, Willy</creatorcontrib><collection>PubMed</collection><collection>CrossRef</collection><collection>MEDLINE - Academic</collection><jtitle>Health Information Management Journal</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Rezaeibagha, Fatemeh</au><au>Win, Khin Than</au><au>Susilo, Willy</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A systematic literature review on security and privacy of electronic health record systems: Technical perspectives</atitle><jtitle>Health Information Management Journal</jtitle><addtitle>Health Inf Manag</addtitle><date>2015</date><risdate>2015</risdate><volume>44</volume><issue>3</issue><spage>23</spage><epage>38</epage><pages>23-38</pages><issn>1833-3583</issn><eissn>1322-4913</eissn><eissn>1833-3575</eissn><abstract>Background: Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. Objective: This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Method: Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Results: Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. Conclusion: This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.</abstract><cop>London, England</cop><pub>SAGE Publications</pub><pmid>26113526</pmid><doi>10.1177/183335831504400304</doi><tpages>16</tpages></addata></record>
fulltext fulltext
identifier ISSN: 1833-3583
ispartof Health Information Management Journal, 2015, Vol.44 (3), p.23-38
issn 1833-3583
1322-4913
1833-3575
language eng
recordid cdi_crossref_primary_10_1177_183335831504400304
source SAGE Complete A-Z List
subjects Cryptography
Data integration (Computer science)
Data processing
Health administration
Information storage and retrieval systems
Internetworking (Telecommunication)
Medical records
Security measures
title A systematic literature review on security and privacy of electronic health record systems: Technical perspectives
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-26T18%3A43%3A30IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20systematic%20literature%20review%20on%20security%20and%20privacy%20of%20electronic%20health%20record%20systems:%20Technical%20perspectives&rft.jtitle=Health%20Information%20Management%20Journal&rft.au=Rezaeibagha,%20Fatemeh&rft.date=2015&rft.volume=44&rft.issue=3&rft.spage=23&rft.epage=38&rft.pages=23-38&rft.issn=1833-3583&rft.eissn=1322-4913&rft_id=info:doi/10.1177/183335831504400304&rft_dat=%3Cproquest_cross%3E1722422272%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1722422272&rft_id=info:pmid/26113526&rft_informt_id=10.3316/ielapa.548633336142172&rft_sage_id=10.1177_183335831504400304&rfr_iscdi=true