Health Information Technology

Overview

On April 27, 2004, the President signed Executive Order 13335 (EO) announcing his commitment to the promotion of health information technology (HIT) to lower costs, reduce medical errors, improve quality of care, and provide better information for patients and physicians. In particular, the President called for widespread adoption of electronic health records (EHRs) within 10 years so that health information will follow patients throughout their care in a seamless and secure manner.

The events and devastation of the recent hurricanes, tornadoes, and other natural disasters have underscored the need for a secure, interoperable health information technology system. In the case of Hurricane Katrina, many medical records were lost as a result of the hurricane, particularly those not computerized, and the Federal government began making medical information on evacuees available online to doctors. This marked the first time private records from pharmacies and health care providers were organized into accessible, centralized databases.

Analysis

The movement toward an EHR system is seen as a way to enhance the speed, portability and effectiveness of the health care system. Implementation will face many challenges — securing personal information, ensuring privacy, technological compatibility, interoperability, and cost chief among them. Developing a secure and reliable system is important because patients will not use a system that violates their privacy and therefore their trust.

While setting up a secure, seamless system is the first order of business, another fundamental challenge facing EHR implementation will be getting physicians’ offices to actually use the system, a challenge that will need to be dealt with on a cultural as well as technological level. National Health Information Technology Coordinator Dr. David Brailer has said, "I think health care is without a doubt the last industry to go through a broad information revolution. It's a big revolutionary change to doctors."

The Administration and the private sector, cooperatively and independently, have taken steps to move EHR implementation, and HIT in general, to the forefront of policy. Likewise, Congress has taken on HIT issues and marked them as top priority. Proposed federal legislation creates incentives to adopt HIT that comply with interoperability standards.

CSIA Recommendations

1.  Deploy strong authentication and authorization controls. These technologies answer the basic questions: “who are you” and “what can you do?” Appropriate authentication and access controls protect against not only unauthorized access, but also reduce the risk of systems being infected by malicious software (malware) spread via Trojans and worms.

2.  Encrypt data and communications when appropriate. Data residing on hard drives, hand-held computers, or other storage devices must be protected by strong cryptographic technologies. Likewise, health care data in transit must be protected from unauthorized interception or eavesdropping. The challenge will be providing strong cryptographic technologies end-to-end, where end points will range from patient’s homes to large hospitals, and often may terminate in a mobile device such as a personal digital assistant (PDA) or Internet-enabled cellular telephone.

3.  Properly dispose retired equipment and data. As data is modified, updated, or corrected, old data must be purged in a manner that prevents unauthorized users to access or recover the information. This includes proper disposal and destruction of mass storage devices, physical outputs of printers or other peripheral devices, and other locations where old information might be recovered by unauthorized users.

4.  Validate data. Web-based user interfaces should be used to support a modern health care information infrastructure, but they are vulnerable, potentially enabling an attacker to change or manipulate data. However, solutions are available to ensure the security of websites as well as the databases linked to those websites.

5.  Conduct frequent system audits. While security measures should be deployed across the information systems, all transactions must be audited to ensure only those authorized to use the system are accessing, entering, or changing information.

6.  Use digital signatures and secure date-time stamps. Use cryptographic checksums, fingerprints, or signatures to verify that data whether in transit or in a database has not been modified by unauthorized parties. Digital signatures ensure that the accompanying data is tamperproof and that signers cannot later deny access or use. Secure date-time stamping documents exactly when a record was created or modified.

7.  Provide for redundancy. As with all large data storage and retrieval systems, there will be occasions when parts of the electronic health care records system will be unavailable due to equipment failure, denial of service attacks, or scheduled down time. Redundancy in the system at the data entry, storage, and retrieval levels will reduce or eliminate most availability problems.

8.  Use a private data backbone. Network bottlenecks and outages are a continuous Internet problem due to fluctuations in data flows and the reliability and performance of various portions of the Internet. Even though access to major portions of the system by patients and health care professionals will be via the Internet, the backbone network of this system must be carried via a private data network in a manner similar to those used by banks and financial institutions.

9.  Develop a rapid incident response mechanism. Attacks, intrusions, and events affecting the security of the healthcare records system will occur. To avoid or shorten these periods of unavailability, a robust and rapid incident response mechanism should be integrated into the initial design of the system, and given high priority for action. Establish a crisis management team which includes senior-level representatives who can convene and act quickly.

10.  Sponsor information sharing networks. Rapid and trustworthy information sharing between system administrators, security professionals, and senior managers is a key component of a well designed information security plan. In recent years, Information Sharing and Analysis Centers (ISACs) have been established in all of the critical infrastructure sectors including the banking and finance, transportation, energy, and telecommunications sectors.