Topic: Security, Privacy and Confidentiality

Presenter:     William Lober, M.D., M.S.

Objectives:

• To understand basic issues regarding security and confidentiality of medical data

• To understand basic PC-based security issues and some solutions to physical security, viruses, bots, etc.

• To understand basic network security issues and some solutions such as secure protocols, firewalls, etc.

Introduction:

New technologies have vastly improved the ability to electronically record, store, transfer and share medical data. While these new advances have potential for improving health care delivery, they also create serious questions about who has access to this information and how it is protected. Additionally, this technology is threatened by potential unauthorized intrusion, such as computer hackers who have been known to tap illegally into private information on computer networks. Computer hackers could possibly gain access to and even alter patient records.

Clearly, privacy and security concerns are not unique to telemedicine. Protection of personally identifiable information--whether health information, banking records or employment history data, must be ensured before consumers, patients and other users are willing to participate in electronic commerce or the NII.

However, the challenge for telemedicine policy makers lies in identifying emerging concerns that are unique to telemedicine. Lack of privacy and security standards do play an important role in the legal challenges facing telemedicine (e.g. malpractice) and have profound implications for the acceptance of telemedicine services. This is of particular concern in the use of telemedicine technologies for treating mental illness, substance abuse, and other conditions that carry a social stigma. Given the volume of work on general privacy issues generated by the Federal Government, we will only touch upon some of the general issues related to protecting sensitive patient information as well as potential concerns raised by the use of telemedicine.

This project is a joint effort of the University of Washington School of Public Health and Community Medicine
and the United States Centers for Disease Control. It is an approved APEC project.