Skip to main content

Advertisement

SpringerLink
Log in

Challenges Associated with Privacy in Health Care Industry: Implementation of HIPAA and the Security Rules

  • Research Article
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

This paper discusses the challenges associated with privacy in health care in the electronic information age based on the Health Insurance Portability and Accountability Act (HIPAA) and the Security Rules. We examine the storing and transmission of sensitive patient data in the modern health care system and discuss current security practices that health care providers institute to comply with HIPAA Security Rule regulations. Based on our research results, we address current outstanding issues that act as impediments to the successful implementation of security measures and conclude the discussion and offer possible avenues of future research.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Volonino L, Robinson SR (2004) Principles and practice of information security: Protecting computers from Hackers and Lawyers, Prentice Hall, Inc., Upper Saddle River, NJ

    Google Scholar 

  2. Schneider J, Mercuri RT (2004) The HIPAA-potamus in health care data security. Commun ACM 47(7)

  3. Federal Register: Rules and Regulations. 65(160), August 2000

  4. Workgroup for Electronic Data Interchange (WEDI) (2004) HIPAA Security White Papers

  5. Workgroup for Electronic Data Interchange (WEDI) (2004) Security and Privacy Workgroup Introduction

  6. Washington District of Colombia Department of Health. Retreived September 17, 2005 at http://dchealth.dc.gov/hipaa/hipaaps.shtm..

  7. Kaufman JH, Edlund S, Ford DA (2002) The social contract core. Honolulu, HI, USA

  8. Hagland M. Customized automation: OB/GNY practices are finding EMR systems designed specifically for them. Healthcare Informatics Online March 2004. Available at http://www.healthcare-informatics.com/issues/2004/03_04/specialty.htm..

  9. Hooda JS, Dogdu E, Sunderraman RJ (2004) Health level-7 compliant clinical patient records system. Commun ACM 47(7)

  10. Goldberg IV (2000) Electronic medical records and patient privacy. Health Care Manager 18:3

    Google Scholar 

  11. Eddy AC (2000) Annals of health law, Annual 2000 v9 p1-72, A Critical Analysis of Health and Human Services' Proposed Health Privacy Regulations in Light of the Health Insurance Privacy and Accountability Act of 1996

  12. Essex D. The many layers of workflow automation. Healthcare Informatics Online June 2000. Available at http://www.healthcare-informatics.com/issues/2000/06_00/essex.htm

  13. Massachusetts poised to become first state with electronic medical records. Associated Press, Boston Herald.com, December 2004. Available at http://news.bostonherald.com/localRegional/view.bg? articleid=57497

  14. Brewin B. Electronic health records spread. Federal Computer Weekly December 2004. Available at http://www.fcw.com/fcw/articles/2004/1206/web-ehr-12-07-04.asp

  15. Panko R (2005) Business Data Networks and Telecommunications, 5th edn., Prentice Hall, Inc., NJ

    Google Scholar 

  16. Panko R (2004) Corporate Computer and Network Security Prentice Hall Inc., NJ

    Google Scholar 

  17. Onam PW, Hanebutte N (2005) Fundamentals—and Beyond-of Computer & Network Security. Powerpoint Slides from Proceedings of the 38th Annual Hawaii International Conference on System Sciences, Waikola, Hawaii

  18. Masys DR (2002) Effects of Current and Future Information Technologies on The Health Care Workforce; Health Care Professionals are Asuming the Role of “Tech Support” in Explaining Medical Terms to Internet-savvy Patient-Consumers The People-To-People Health Foundation Inc.

  19. Krulwich AS, McDonald BL (2001) The vulnerability of HIPAA regulations to first and fourth amendment attack: An addendum to “evolving constitutional privacy doctrines affecting healthcare enterprises.” Food Drug Law J 56

  20. Choi YB, Seo H, Blackburn JM (2005) A quantification model using P3P in privacy control for telecommunications service management. Int J Serv Stand 1(4); pp 426–445.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Information Systems and Management Science, James Madison University, Harrisonburg, Virginia, 22807-0001, USA

    Young B. Choi

  2. Communication Sciences and Disorders Program, James Madison University, Harrisonburg, Virginia, 22807-0001, USA

    Kathleen E. Capitan & Meredith M. Streeper

  3. Department of Integrated Science and Technology, James Madison University, Harrisonburg, Virginia, 22807-0001, USA

    Joshua S. Krause

Authors
  1. Young B. Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kathleen E. Capitan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joshua S. Krause
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Meredith M. Streeper
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Young B. Choi.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Choi, Y.B., Capitan, K.E., Krause, J.S. et al. Challenges Associated with Privacy in Health Care Industry: Implementation of HIPAA and the Security Rules. J Med Syst 30, 57–64 (2006). https://doi.org/10.1007/s10916-006-7405-0

Download citation

  • Received:

  • Accepted:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10916-006-7405-0

Keywords

Search

Navigation