Rebecca Ong

DOI: https://doi.org/10.1016/j.ijmedinf.2023.105193

Abstract:Background and objectives: The disclosure of personal health information in electronic health records (eHR) highlights privacy and security concerns that are complicated by the digitization and interoperability of health records. Hong Kong's Electronic Health Record Sharing System (eHRSS), introduced in March 2016, enables eHR sharing among public and private health services upon the consent of patients. Based on a September 2021 survey, this study examined the specific context of Hong Kong, patient and public perceptions on the security and privacy of eHR sharing, correlation of trust with personal privacy and security concerns, and how perceptions affect health care-related decisions. Methods: Using a random sample of householders aged 45-70 years, the study conducted a questionnaire survey on respondents' awareness, perceived benefits, and obstacles to participating in the eHRSS, and the impact of their perceptions on health care-related decisions. A focus group discussion with 13 participants further explored views on the security of Hong Kong's eHRSS and their readiness to support the system. Results: The study analyzed data from 400 responses. The findings showed a low degree of awareness of the eHRSS. Privacy and security concerns were impeding factors in the sharing of information; half of the respondents reported being concerned over their personal health information being part of the eHRSS. The majority (86.9%) expressed conditional support for the sharing of information. Despite their concerns on security and privacy, 66.5% and 77.9%, respectively, would not withhold information nor postpone the seeking of medical care based on those concerns. Participants in the focus group expressed concerns regarding eHRSS registration, data leaks, information accuracy, and the potential prejudice that may result in discrimination and inequality in health care provision. Conclusions: Satisfaction with the health care services played a role in the trust reposed in the Hospital Authority and health care providers and institutions. Security and privacy were decisive factors in respodents' refusal to seek care from physicians who had violated their privacy. Respondents expressed greater interest in sharing their information if measures were in place for anonymization and punishing data misuse. Ensuring rights of control toward information sharing would inspire greater confidence among patients.

Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

Raza Nowrozy,Khandakar Ahmed,A.S.M. Kayes,Hua Wang,Timothy R. McIntosh

DOI: https://doi.org/10.1145/3653297

IF: 16.6

2024-03-19

ACM Computing Surveys

Abstract:Building a secure and privacy-preserving health data sharing framework is a topic of great interest in the healthcare sector, but its success is subject to ensuring the privacy of user data. We clarified the definitions of privacy, confidentiality and security (PCS) because these three terms have been used interchangeably in the literature. We found that researchers and developers must address the differences of these three terms when developing electronic health record (EHR) solutions. We surveyed 130 studies on EHRs, privacy-preserving techniques, and tools that were published between 2012 and 2022, aiming to preserve the privacy of EHRs. The observations and findings were summarized with the help of the identified studies framed along the survey questions addressed in the literature review. Our findings suggested that the usage of access control, blockchain, cloud-based, and cryptography techniques is common for EHR data sharing. We summarized the commonly used strategies for preserving privacy that are implemented by various EHR tools. Additionally, we collated a comprehensive list of differences and similarities between PCS. Finally, we summarized the findings in a tabular form for all EHR tools and techniques and proposed a fusion of techniques to better preserve the PCS of EHRs.

computer science, theory & methods

Hsin-Ginn Hwang,Yun Lin

DOI: https://doi.org/10.1007/s10916-020-01579-6

2020-05-07

Abstract:To address the issue of rising expenditure of healthcare service and to fulfill the skyrocketing demand for quality healthcare, the electronic medical records (EMR) exchange has become a vital and indispensable solution for healthcare facilities in terms of being able to share medical information among healthcare providers. Hence, EMR exchange was expected to improve the quality of healthcare and reduce the cost of repetitive medical check-ups and unnecessary treatments. However, recent reports affirming EMR data leaks and compromises have ignited major worldwide privacy concerns over the security of the EMR systems. How to effectively diminish patients' concern for EMR privacy has thus become an important issue that healthcare institution managers/stakeholders have to address urgently. This study leverages the power-responsibility equilibrium perspective to investigate the antecedents and consequences of concerns for the EMR exchange. A survey using 391 responses collected from medical centers, regional and district hospitals in Taiwan was used to conduct this study. The results show that government regulations have a positive effect on hospital privacy policies. Furthermore, both government regulations and hospital privacy policy are negatively associated with concern for EMR information privacy. Additional reports gathered from this study also showed that concern for EMR information privacy could result in patients' protective responses including refusal to provide personal health information (PHI), removal of PHI, negative word of mouth, complaining directly to the hospital, or complaining indirectly to third-party organizations. These findings demonstrate the need for healthcare facilities to formulate robust privacy policies in order to alleviate patients' concern for EMR information privacy based on governmental regulations. This regulation is top-priority as the incapability of reducing patients' concern for EMR information privacy may lead to the collapse of the campaign for the full-adoption of EMR or possibly jeopardize the promotion and application of EMR among healthcare facilities.

Pasupathy Vimalachandran,Hua Wang,Yanchun Zhang,Ben Heyward,Yueai Zhao

DOI: https://doi.org/10.48550/arXiv.1802.00575

2018-02-02

Abstract:As a consequence of the huge advancement of the Electronic Health Record (EHR) in healthcare settings, the My Health Record (MHR) is introduced in Australia. However security and privacy of the MHR system have been encumbering the development of the system. Even though the MHR system is claimed as patient-cenred and patient-controlled, there are several instances where healthcare providers (other than the usual provider) and system operators who maintain the system can easily access the system and these unauthorised accesses can lead to a breach of the privacy of the patients. This is one of the main concerns of the consumers that affect the uptake of the system. In this paper, we propose a patient centred MHR framework which requests authorisation from the patient to access their sensitive health information. The proposed model increases the involvement and satisfaction of the patients in their healthcare and also suggests mobile security system to give an online permission to access the MHR system.

Computers and Society

P. Vimalachandran,H. Wang,Y. Zhang,G. Zhuo

DOI: https://doi.org/10.4108/eai.9-8-2016.151633

2017-10-21

Abstract:An Electronic Health Record (EHR) is designed to store diverse data accurately from a range of health care providers and to capture the status of a patient by a range of health care providers across time. Realising the numerous benefits of the system, EHR adoption is growing globally and many countries invest heavily in electronic health systems. In Australia, the Government invested $467 million to build key components of the Personally Controlled Electronic Health Record (PCEHR) system in July 2012. However, in the last three years, the uptake from individuals and health care providers has not been satisfactory. Unauthorised access of the PCEHR was one of the major barriers. We propose an improved access control model for the PCEHR system to resolve the unauthorised access issue. We discuss the unauthorised access issue with real examples and present a potential solution to overcome the issue to make the PCEHR system a success in Australia.

Computers and Society,Cryptography and Security

Ying He,Qiu He,Lun Li,Weihong Wang,Wenting Zha,Qian Liu

DOI: https://doi.org/10.1155/2022/5280792

IF: 4.501

2022-07-13

Journal of Oncology

Abstract:Background. China has been promoting sharing of Electronic Health Records (EHRs) data for several years. However, only a few studies have explored the views of Chinese residents on sharing personal health data, and the factors that affect sharing of EHRs have not been fully elucidated. This study sought to explore public attitudes toward sharing EHRs and the factors that affect sharing of personal health data among Chinese residents. Methods. A multi-stage stratified sampling design was adopted in this survey to select residents in Hunan province, resulting in 932 responses randomly. The investigation was carried out with the administration of a 19-item questionnaire. The measure includes items on demographics, willingness to share EHRs, experiences on EHRs, public acknowledgment of the benefits of sharing EHRs, and public awareness of potential risks of sharing EHRs. Results. The score of general willingness to share EHRs was 5.784 ± 2.031. Concerning the domain scores for the willingness, the willingness to share EHRs for research was 2.060 ± 0.942, whereas sharing anonymization EHRs for other nonmedical services was only 1.805 ± 0.877. Multiple linear regression showed that general willingness to share EHRs was related to job-related healthcare (β = 0.520), experiences on EHRs (β = 0.192), public awareness of potential risks of sharing EHRs (β = −0.130), and public acknowledgment of the benefits of sharing EHRs (β = 0.290). Conclusion. The willingness to share EHRs data with Chinese residents was not high. The willingness of Chinese residents towards data sharing in EHRs is influenced by several factors, primarily job-related to healthcare, experiences on EHRs, public acknowledgment of the benefits of sharing EHRs, and public awareness of potential risks of sharing EHRs. The results provide a basis for related research and provide information for designing public health strategies such as formulating policies to improve public acceptance of sharing EHRs and promoting EHRs-based public health services.

oncology

Shanshan Guo,Yuanyuan Dang,Bofei She,Yugang Li

DOI: https://doi.org/10.3389/fpsyg.2022.1047980

2022-12-22

Abstract:Online health communities (OHCs) have become more important to people's daily lives on the foundation of the voluntary sharing of electronic health records (EHRs). However, no in-depth investigation has been conducted concerning the influence of the perceptions of privacy protection among patients on their willingness to share EHRs. To fill the knowledge gap, by combining and modifying the theory of planned behavior (TPB) and the health belief model in the context of the privacy protection models implemented by OHCs, an empirical research method using a questionnaire approach is conducted to validate the hypotheses. The results indicate that the more positive a patient's attitude toward medical information sharing behavior is, the higher that patient's level of perceived behavioral control; in addition, the greater the social rewards obtained from this process, the more willing the patient is to share his or her EHRs after privacy protection measures are implemented by OHCs. Meanwhile, the effects of past positive experiences and disease severity have also been tested. The findings of this study can be used to promote patients' full participation in OHCs from a privacy perspective and offer theoretical and practical suggestions to promote the development of OHCs.

Mohamed Abdelhamid,Joana Gaia,G Lawrence Sanders

DOI: https://doi.org/10.2196/jmir.6877

IF: 7.076

2017-09-13

Journal of Medical Internet Research

Abstract:BACKGROUND: Health care providers are driven by greater participation and systemic cost savings irrespective of benefits to individual patients derived from sharing Personal Health Information (PHI). Protecting PHI is a critical issue in the sharing of health care information systems; yet, there is very little literature examining the topic of sharing PHI electronically. A good overview of the regulatory, privacy, and societal barriers to sharing PHI can be found in the 2009 Health Information Technology for Economic and Clinical Health Act.OBJECTIVE: This study investigated the factors that influence individuals' intentions to share their PHI electronically with health care providers, creating an understanding of how we can represent a patient's interests more accurately in sharing settings, instead of treating patients like predetermined subjects. Unlike privacy concern and trust, patient activation is a stable trait that is not subject to change in the short term and, thus, is a useful factor in predicting sharing behavior. We apply the extended privacy model in the health information sharing context and adapt this model to include patient activation and issue involvement to predict individuals' intentions.METHODS: This was a survey-based study with 1600+ participants using the Health Information National Trends Survey (HINTS) data to validate a model through various statistical techniques. The research method included an assessment of both the measurement and structural models with post hoc analysis.RESULTS: We find that privacy concern has the most influence on individuals' intentions to share. Patient activation, issue involvement, and patient-physician relationship are significant predictors of sharing intention. We contribute to theory by introducing patient activation and issue involvement as proxies for personal interest factors in the health care context.CONCLUSIONS: Overall, this study found that although patients are open to sharing their PHI, they still have concerns over the privacy of their PHI during the sharing process. It is paramount to address this factor to increase information flow and identify how patients can assure that their privacy is protected. The outcome of this study is a set of recommendations for motivating the sharing of PHI. The goal of this research is to increase the health profile of the patients by integrating the testing and diagnoses of various doctors across health care providers and, thus, bring patients closer to the physicians.

health care sciences & services,medical informatics

Junjie Huang,Yuet Yan Wong,Fung Yu Mak,Florence S W Chan,Ngai Tseung Cheung,Martin C S Wong,Wing Sze Pang,Clement S K Cheung,Wing Nam Wong

DOI: https://doi.org/10.2196/40370

IF: 7.076

2022-12-13

Journal of Medical Internet Research

Abstract:Background: In the second stage of the Electronic Health Record Sharing System (eHRSS) development, a mobile app (eHealth app) was launched to further enhance collaborative care among the public sector, the private sector, the community, and the caregivers. Objective: This study aims to investigate the factors associated with the downloading and utilization of the app, as well as the awareness, perception, and future improvement of the app. Methods: We collected 2110 surveys; respondents were stratified into 3 groups according to their status of enrollment in the eHRSS. The primary outcome measure was the downloading and acceptance of the eHealth app. We collected the data on social economics factors, variables of the Technology Acceptance Model and Theory of Planned Behavior. Any factors identified as significant in the univariate analysis ( P <.20) will be included in a subsequent multivariable regression analysis model. All P values ≤.05 will be considered statistically significant in multiple logistic regression analysis. The structural equation modeling was performed to identify interactions among the variables. Results: The respondents had an overall high satisfaction rate and a positive attitude toward continuing to adopt and recommend the app. However, the satisfaction rate among respondents who have downloaded but not adopted the app was relatively lower, and few of them perceived that the downloading and acceptance processes are difficult. A high proportion of current users expressed a positive attitude about continuing to adopt and recommend the app to friends, colleagues, and family members. The behavioral intention strongly predicted the acceptance of the eHealth app (β=.89; P <.001). Attitude (β=.30; P <.001) and perceived norm; β=.37; P <.001) played important roles in determining behavioral intention, which could predict the downloading and acceptance of the eHealth app (β=.14; P <.001). Conclusions: Despite the high satisfaction rate among the respondents, privacy concerns and perceived difficulties in adopting the app were the major challenges of promoting eHealth. Further promotion could be made through doctors and publicity. For future improvement, comprehensive health records and tailored health information should be included.

health care sciences & services,medical informatics

Junjie Huang,Sze Chai Chan,Fung Yu Mak,Yuet Yan Wong,Corey Lam,Kam Fung Chung,Luva Lui,Clement SK Cheung,Wing Nam Wong,Ngai Tseung Cheung,Martin CS Wong

DOI: https://doi.org/10.1016/j.hlpt.2024.100869

IF: 5.211

2024-05-09

Health Policy and Technology

Abstract:Background and Objectives: The Stage Two Development of eHRSS aimed to broaden the scope of sharable data and advance technical capability for sharing of Chinese Medicine (CM) information. This study aims to evaluate the adoption level and perceived difficulties of Chinese Medicine Practitioners (CMPs) towards EC Connect, and its impact on CM services. Methods: All registered or listed CMPs were recruited in study 1. Descriptive analysis included age, gender, socioeconomic status, and past medical history was performed with multiple logistic regression models. In-depth interviews were conducted among EC Connect Users and Healthcare Providers (HCP) who upload information of Chinese Medicine to eHRSS. Results: A total of 420 participants were included in this study. The majority of the respondents were in the 31-40 years age group (N=133, 31.7%) and practicing in private clinic (N=311, 74.0%). The expansion of sharing scope would be helpful to various stakeholders were 5 times more likely to be interested in joining eHRSS (aOR = 5.01, 95% CI = 2.73-9.20, p<0.001). Study 2 found that eHRSS allowed CMPs to share and record medical data, and to access patients' western medical records while inconsistence of medical system between western and Chinese medicine should be considered. Conclusions: We found that accessing and sharing medical records was important to CMPs. eHRSS helped to facilitate more accurate association between Western and Chinese medical doctors, while more efforts were needed to increase the acknowledgement among the general public.

health policy & services

Christine M O'Keefe,Donald B Rubin,Christine M. O'Keefe,Donald B. Rubin

DOI: https://doi.org/10.1002/sim.6543

2015-06-05

Statistics in Medicine

Abstract:Health and medical data are increasingly being generated, collected, and stored in electronic form in healthcare facilities and administrative agencies. Such data hold a wealth of information vital to effective health policy development and evaluation, as well as to enhanced clinical care through evidence-based practice and safety and quality monitoring. These initiatives are aimed at improving individuals&#x27; health and well-being. Nevertheless, analyses of health data archives must be conducted in such a way that individuals&#x27; privacy is not compromised. One important aspect of protecting individuals&#x27; privacy is protecting the confidentiality of their data. It is the purpose of this paper to provide a review of a number of approaches to reducing disclosure risk when making data available for research, and to present a taxonomy for such approaches. Some of these methods are widely used, whereas others are still in development. It is important to have a range of methods available because there is also a range of data-use scenarios, and it is important to be able to choose between methods suited to differing scenarios. In practice, it is necessary to find a balance between allowing the use of health and medical data for research and protecting confidentiality. This balance is often presented as a trade-off between disclosure risk and data utility, because methods that reduce disclosure risk, in general, also reduce data utility.

public, environmental & occupational health,medicine, research & experimental,medical informatics,mathematical & computational biology,statistics & probability

M Jackson

DOI: https://doi.org/10.1071/ah970001

Abstract:The Commonwealth Government and a number of State governments are proposing to introduce legislation based on the Information Privacy Principles contained in the Privacy Act 1988 (Cwlth). This will allow individuals access to any personal information held on them by an organisation or person, including private practitioners, private health facilities and State government agencies. This article discusses this proposed legislation and its implications for the health sector. Although in the public health area patients can already gain access to their medical records through the use of the various Freedom of Information Acts and, in the case of Commonwealth government agencies, the Privacy Act 1988 (Cwlth), the proposed data protection legislation will provide more than access rights to individuals. The effect of the proposed legislation on the private sector, where no obligation exists on the part of the doctor to grant a patient access to his or her records, will be substantial.

Sambhabi Patnaik,Kyvalya Garikapati,Lipsa Dash,Ramyani Bhattacharya,Arpita Mohapatra

DOI: https://doi.org/10.4108/eetpht.10.5583

2024-03-29

EAI Endorsed Transactions on Pervasive Health and Technology

Abstract:INTRODUCTION: Health information amassed during the treatment of a medical condition is termed health data. This data encompasses information gathered about a patient and their family, forming a patient history. The internet has progressively transformed communication, commerce, and information acquisition. Among the diverse domains it has influenced, the healthcare sector stands out as one of the most intricate and unique realms of integration. Big data are the results of normal online transactions and interactions that take place online, the detectors that are implanted in devices and actual locations, as well as the generation of digital contents by individuals whenever they submit data over internet. OBJECTIVES: The need of protection of health data and methods of safeguarding patient privacy. The study also helps \understand and appreciate the best practices which will help India in implementing the law more effectively. METHODS: A doctrinal method of research was employed to analyse the laws and regulations. A comparative approach of different countries gives us the understanding of the gaps and issues. The efficacy of the laws was tested as the paper explores the laws of Canada & Indonesia regarding data protection. RESULTS: In this study, we understood the generation, processing, and interchange of these massive amounts of data can now be facilitated by cloud computing technology. As India, recently enacted 'The Digital Data Protection Act 2023' which might be a ray of hope for protection of sensitive health data of individuals from misuse. CONCLUSION: The journey towards optimal data protection is ongoing, requiring continuous adaptation to the dynamic nature of technology and the ever-changing healthcare environment.

Hsiao-Hsien Rau,Yi-Syuan Wu,Chi-Ming Chu,Fu-Chung Wang,Min-Huei Hsu,Chi-Wen Chang,Kang-Hua Chen,Yen-Liang Lee,Senyeong Kao,Yu-Lung Chiu,Hsyien-Chia Wen,Anis Fuad,Chien-Yeh Hsu,Hung-Wen Chiu

DOI: https://doi.org/10.2196/jmir.7065

2017-04-27

Abstract:Background: Empowering personal health records (PHRs) provides basic human right, awareness, and intention for health promotion. As health care delivery changes toward patient-centered services, PHRs become an indispensable platform for consumers and providers. Recently, the government introduced "My health bank," a Web-based electronic medical records (EMRs) repository for consumers. However, it is not yet a PHR. To date, we do not have a platform that can let patients manage their own PHR. Objective: This study creates a vision of a value-added platform for personal health data analysis and manages their health record based on the contents of the "My health bank." This study aimed to examine consumer expectation regarding PHR, using the importance-performance analysis. The purpose of this study was to explore consumer perception regarding this type of a platform: it would try to identify the key success factors and important aspects by using the importance-performance analysis, and give some suggestions for future development based on it. Methods: This is a cross-sectional study conducted in Taiwan. Web-based invitation to participate in this study was distributed through Facebook. Respondents were asked to watch an introductory movie regarding PHR before filling in the questionnaire. The questionnaire was focused on 2 aspects, including (1) system functions, and (2) system design and security and privacy. The questionnaire would employ 12 and 7 questions respectively. The questionnaire was designed following 5-points Likert scale ranging from 1 ("disagree strongly") to 5 ("Agree strongly"). Afterwards, the questionnaire data was sorted using IBM SPSS Statistics 21 for descriptive statistics and the importance-performance analysis. Results: This research received 350 valid questionnaires. Most respondents were female (219 of 350 participants, 62.6%), 21-30 years old (238 of 350 participants, 68.0%), with a university degree (228 of 350 participants, 65.1%). They were still students (195 out of 350 participants, 56.6%), with a monthly income of less than NT $30,000 (230 of 350 participants, 65.7%), and living in the North Taiwan (236 of 350 participants, 67.4%), with a good self-identified health status (171 of 350 participants, 48.9%). After performing the importance-performance analysis, we found the following: (1) instead of complex functions, people just want to have a platform that can let them integrate and manage their medical visit, health examination, and life behavior records; (2) they do not care whether their PHR is shared with others; and (3) most of the participants think the system security design is not important, but they also do not feel satisfied with the current security design. Conclusions: Overall, the issues receiving the most user attention were the system functions, circulation, integrity, ease of use, and continuity of the PHRs, data security, and privacy protection.

Chang Xu,Ningning Wang,Liehuang Zhu,Kashif Sharif,Chuan Zhang

DOI: https://doi.org/10.1109/jiot.2019.2917186

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:The integration of wearable wireless devices and cloud computing in e-health systems has significantly improved their effectiveness and availability. Patients can upload their personal health information (PHI) files to the cloud, from where the health service providers (HSPs) can obtain appropriate information to determine the health state. This system not only reduces the costs associated to healthcare but also provides timely diagnosis to save lives. However, a number of privacy concerns arise while sharing sensitive information. In this paper, we propose a novel privacy-preserving patient health information sharing scheme, which allows HSPs to access and search PHI files in a secure yet efficient manner. We make use of the searchable encryption technique with keyword range search and multikey-word search. The proposed privacy-preserving equality test protocol allows different types of numeric comparison searches on encrypted data. We also use a variant of bloom filter and message authentication code to classify PHI files, filter false data, and check integrity of search results. The simulations on real-world and synthetic data show the feasibility and efficiency of the system, and security analysis proves the privacy-preservation properties.

Honglei Li,Xiao Yang,Hongxin Wang,Wujia Wei,Weilian Xue

DOI: https://doi.org/10.1155/2022/2058497

2022-03-04

Abstract:The sharing of electronic healthcare records (EHRs) is important to healthcare and medical research. However, institutions are faced with difficulties in privacy protection and efficiently secure data exchange. The main objective of this study is to propose a controllable secure blockchain-based EHRs sharing scheme. For this purpose, blockchain technologies are combined with interplanetary file systems (IPFS) to provide efficient secure EHRs sharing. Firstly, the IPFS-based EHR file system (IEFS) is designed to save and share large-size EHR files among medical institutions. With the high-throughput content-addressed block storage model and appropriate redundant backup of IPFS, IEFS is tamper-resistant and free of a single point of failure. Secondly, the blockchain is used to implement the blockchain-based EHR abstract system (BEAS) to manipulate EHR abstracts access. In BEAS, the EHR file addresses generated by IEFS are encrypted and saved in EHR abstracts for privacy protection. Since EHR abstracts are encrypted by patients' public keys, the sharing of EHR files is under the control of patients. In our experiment, a prototype system is developed to validate the proposed scheme. The experimental results showed that (1) EHRs are securely shared under the control of patients and (2) EHR files are retrieved at an acceptable speed supported by IPFS technology. In this paper, solutions to some important practical issues such as incapacitated patients, encryption key forgetting/missing, and efficient interaction of doctors with EHRs sharing scheme are also seriously discussed.

Xinyuan Shi

DOI: https://doi.org/10.3389/fpubh.2024.1414076

IF: 5.2

2024-07-03

Frontiers in Public Health

Abstract:While healthcare big data brings great opportunities and convenience to the healthcare industry, it also inevitably raises the issue of privacy leakage. Nowadays, the whole world is facing the security threat of healthcare big data, for which a sound policy framework can help reduce privacy risks of healthcare big data. In recent years, the Chinese government and industry self-regulatory organizations have issued a series of policy documents to reduce privacy risks of healthcare big data. However, China’s policy framework suffers from the drawbacks of the mismatched operational model, the inappropriate operational method, and the poorly actionable operational content. Based on the experiences of the European Union, Australia, the United States, and other extra-territorial regions, strategies are proposed for China to amend the operational model of the policy framework, improve the operational method of the policy framework, and enhance the operability of the operational content of the policy framework. This study enriches the research on China’s policy framework to reduce privacy risks of healthcare big data and provides some inspiration for other countries.

public, environmental & occupational health

Archana Tapuria,Talya Porat,Dipak Kalra,Glen Dsouza,Sun Xiaohui,Vasa Curcin

DOI: https://doi.org/10.1080/17538157.2021.1879810

IF: 3.082

2021-04-10

Informatics for Health and Social Care

Abstract:<span>Patient access to their own electronic health records (EHRs) is likely to become an integral part of healthcare systems worldwide. It has the potential to decrease the healthcare provision costs, improve access to healthcare data, self-care, quality of care, and health and patient-centered outcomes. This systematic literature review is aimed at identifying the impact in terms of benefits and issues that have so far been demonstrated by providing patients access to their own EHRs, via providers' secure patient portals from primary healthcare centers and hospitals. Searches were conducted in PubMed, MEDLINE, CINHAL, and Google scholar. Over 2000 papers were screened and were filtered based on duplicates, then by reading the titles and finally based on their abstracts or full text. In total, 74 papers were retained, analyzed, and summarized. Papers were included if providing patient access to their own EHRs was the primary intervention used in the study and its impact or outcome was evaluated. The search technique used to identify relevant literature for this paper involved input from five experts. While findings from 54 of the 74 papers showed positive outcome or benefits of patient access to their EHRs via patient portals, 10 papers have highlighted concerns, 8 papers have highlighted both and 2 have highlighted absence of negative outcomes. The benefits range from re-assurance, reduced anxiety, positive impact on consultations, better doctor–patient relationship, increased awareness and adherence to medication, and improved patient outcomes (e.g., improving blood pressure and glycemic control in a range of study populations). In addition, patient access to their health information was found to improve self-reported levels of engagement or activation related to self-management, enhanced knowledge, and improve recovery scores, and organizational efficiencies in a tertiary level mental health care facility. However, three studies did not find any statistically significant effect of patient portals on health outcomes. The main concerns have been around security, privacy and confidentiality of the health records, and the anxiety it may cause amongst patients. This literature review identified some benefits, concerns, and attitudes demonstrated by providing patients' access to their own EHRs. This access is often part of government strategies when developing patient-centric self-management elements of a sustainable healthcare system. The findings of this review will give healthcare providers a framework to analyze the benefits offered by promoting patient access to EHRs and decide on the best approach for their own specialties and clinical setup. A robust cost-benefit evaluation of such initiatives along with its impact on major stakeholders within the healthcare system would be essential in understanding the overall impact of such initiatives. Implementation of patient access to their EHRs could help governments to appropriately prioritize the development or adoption of national standards, whilst taking care of local variations and fulfilling the healthcare needs of the population, e.g., UK Government is aiming to make full primary care records available online to every patient. Ultimately, increasing transparency and promoting personal responsibility are key elements of a sustainable healthcare system for future generations.</span>

health care sciences & services,medical informatics

Nelson Shen,Lydia Sequeira,Michelle Pannor Silver,Abigail Carter-Langford,John Strauss,David Wiljer

DOI: https://doi.org/10.2196/13306

2019-11-13

Abstract:Background: The privacy of patients with mental health conditions is prominent in health information exchange (HIE) discussions, given that their potentially sensitive personal health information (PHI) may be electronically shared for various health care purposes. Currently, the patient privacy perspective in the mental health context is not well understood because of the paucity of in-depth patient privacy research; however, the evidence suggests that patient privacy perspectives are more nuanced than what has been assumed in the academic and health care community. Objective: This study aimed to generate an understanding on how patients with mental health conditions feel about privacy in the context of HIE in Canada. This study also sought to identify the factors underpinning their privacy perspectives and explored how their perspectives influenced their attitudes toward HIE. Methods: Semistructured interviews were conducted with patients at a Canadian academic hospital for addictions and mental health. Guided by the Antecedent-Privacy Concern-Outcome macro-model, interview transcripts underwent deductive and inductive thematic analyses. Results: We interviewed 14 participants. Their privacy concerns varied, depending on the participant's privacy experiences and health care perceptions. Media reports of privacy breaches and hackers had little impact on participants' privacy concerns because of a fatalistic belief that privacy breaches are a reality in the digital age. Rather, direct observations and experiences with the mistreatment of PHI in health care settings caused concern. Decisions to trust others with PHI depended on past experiences with the individual (or institution) and health care needs. Participants had little knowledge of patient privacy rights and legislation but were willing to participate in HIE because of perceived individual and societal benefits. Conclusions: This study introduces evidence that patients with mental health conditions would support HIE. Participants were pragmatic, supporting HIE because they wanted the best care possible. They also understood that their PHI was critical in supporting the single-payer Canadian health care system. Participant health care experiences informed their privacy perspectives, trust, and PHI sharing attitudes-all accentuating the importance of the patient experience in building trust in HIE. Their lack of knowledge about patient rights and PHI uses highlights the degree of trust they have in the health care system to protect their privacy. These findings suggest that the patient privacy discourse should extend beyond the oft-cited barrier of patient privacy concerns to include discussions about building trust, communicating the benefits of HIE, and improving patient experiences. Although our findings are in the Canadian context, this study highlights the importance of engaging patients in privacy policy discussions, regardless of jurisdiction, to ensure their nuanced perspectives are reflected in policy decisions on their PHI.