skip to main content
10.1145/2093698.2093755acmotherconferencesArticle/Chapter ViewAbstractPublication PagesisabelConference Proceedingsconference-collections
research-article

Comparing security and privacy issues of EHR: Portugal, the Netherlands and the United Kingdom

Published: 26 October 2011 Publication History

Abstract

Health information technologies are becoming more common in the health care practice and electronic health records are considered a keystone. However, there is also an increasing concern of keeping secure the patient's data and assure privacy. The aim of this paper was to perceive and illustrate by what means Portugal, the Netherlands and the United Kingdom intend to keep their electronic health information secure and assure patient privacy. Based in official documents collected in the health department's websites of the three selected countries, it was used an analysis model framework previously published that includes 14 topic areas of health records security policies. Analyzing 14 official documents of the subject countries, it was possible to design an illustrative table of the 14 topic areas regarding security and privacy issues. This table allows comparing the different security measures adopted by the three countries to keep the patient privacy, such as a network security and access control to system resources. Given the analysis of the official documents of the three countries, it was verified that none of them has a very thorough approach of how electronic health records should be implemented with regard to privacy and security.

References

[1]
Vijay Vaitheeswaran, "Business: A very big HIT", The Economist. {Online}. Available: http://www.economist.com/node/17493417?story_id=17493417. {Accessed: 16-fev-2011}.
[2]
"The Need for Technical Solutions for Maintaining the Privacy of EHR", in 28th IEEE EMBS Annual International Conference, New York City, 2006.
[3]
Laurie A Rinehart-Thompson, Beth M Hjort, Bonnie S Cassidy, "Redefining the Health Information Management Privacy and Security Role", Redefining the Health Information Management Privacy and Security Role, no. 6, p. 1--11, Summer. 2009.
[4]
Bruce Vielmetti, "Suits filed over Aurora's use of medical data in bankruptcy cases", Journal Sentinel, 03-jan-2010.
[5]
Floor Cornelissen, "Electronic Patient Records and Patients' Privacy in Three Western European Countries", 27-jul-2009.
[6]
Pan American Health Organization, "The Regulation of Privacy and Data Protection in the Use of Electronic Health Information". Washington DC: Pan American Health Organization, 2001.
[7]
R. C. Barrows e P. D. Clayton, "Privacy, Confidentiality, and Electronic Medical Records", Journal of the American Medical Informatics Association, vol. 3, no. 2, p. 139--148, mar. 1996.
[8]
José Luis Monteagudo, Oscar Moreno, ISCIII, "eHealth strategy and implementation activities in Portugal". eHealth ERA, 01--jun-2007.
[9]
Ministério da Saúde - ACSS, "Documento de Estado da Arte". 2009.
[10]
Ministério da Saúde - ACSS, "Orientações para Especificação Funcional e Técnica do Sistema de RSE". 2009.
[11]
Hans Hofman, "National Archives of the Netherlands Report". National Archives of the Netherlands.
[12]
J. C. de Graaf, A. E. Vlug, G. J. van Boven, "Dutch virtual integration of healthcare information", Methods of Information in Medicine, vol. 46, no. 4, p. 458--462, 2007.
[13]
Ministry of Health Welfare and Support, "ICT in Dutch Healthcare - An International Perspective". 2006.
[14]
MPA, Drs Ellen Maat, "EHR in The Netherlands - The Dutch approach to nation-wide information interchange in health-care". Ministry of Health, Welfare and Sport, 2008.
[15]
Department of Health, Confidentiality: NHS Code of Practice. 2003.
[16]
House of Commons, The Electronic Patient Record, vol. 1. London: Health Committee, 2007.
[17]
National Health Service, "Your health information, confidentiality and the NHS Care Records Service". {Online}. Available: www.nhscarerecords.nhs.uk. {Accessed: 10-fev-2011}.
[18]
National Health Service, "Confidentiality". Department of Health, 2003.
[19]
National Health Service, "Information Security Management: NHS Code of Practice". Department of Health, 2007.
[20]
National Health Service, "Health Informatics Review: Report". Department of Health, 2008.
[21]
The Joint General Practice Information Technology Committee of the General Practitioners Committee and the Royal College of General Practitioners, "Good practice guidelines for general practice electronic patient records (version 3.1)". Department of Health & Royal College of General Practitioners, 2005.

Cited By

View all
  • (2022)Patient-Controlled Mechanism Using Pseudonymization Technique for Ensuring the Security and Privacy of Electronic Health RecordsInternational Journal of Reliable and Quality E-Healthcare10.4018/IJRQEH.29707611:1(1-15)Online publication date: Jan-2022
  • (2022)Blockchain-Enabled Electronic Health Records for Healthcare 4.0International Journal of E-Health and Medical Communications10.4018/IJEHMC.30943813:4(1-13)Online publication date: 11-Aug-2022
  • (2022)Protecting Personal Health Data through Privacy AwarenessProceedings of the ACM on Human-Computer Interaction10.1145/34928306:GROUP(1-22)Online publication date: 14-Jan-2022

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ISABEL '11: Proceedings of the 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies
October 2011
949 pages
ISBN:9781450309134
DOI:10.1145/2093698
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

  • Universitat Pompeu Fabra
  • IEEE
  • Technical University of Catalonia Spain: Technical University of Catalonia (UPC), Spain
  • River Publishers: River Publishers
  • CTTC: Technological Center for Telecommunications of Catalonia
  • CTIF: Kyranova Ltd, Center for TeleInFrastruktur

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 October 2011

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Netherlands
  2. Portugal
  3. United Kingdom
  4. data security
  5. electronic health record

Qualifiers

  • Research-article

Conference

ISABEL '11
Sponsor:
  • Technical University of Catalonia Spain
  • River Publishers
  • CTTC
  • CTIF

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)5
  • Downloads (Last 6 weeks)2
Reflects downloads up to 26 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Patient-Controlled Mechanism Using Pseudonymization Technique for Ensuring the Security and Privacy of Electronic Health RecordsInternational Journal of Reliable and Quality E-Healthcare10.4018/IJRQEH.29707611:1(1-15)Online publication date: Jan-2022
  • (2022)Blockchain-Enabled Electronic Health Records for Healthcare 4.0International Journal of E-Health and Medical Communications10.4018/IJEHMC.30943813:4(1-13)Online publication date: 11-Aug-2022
  • (2022)Protecting Personal Health Data through Privacy AwarenessProceedings of the ACM on Human-Computer Interaction10.1145/34928306:GROUP(1-22)Online publication date: 14-Jan-2022

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media