Jeffrey CL Looi,Stephen Allison,Tarun Bastiampillai,Paul A Maguire,Steve Kisely,Sharon Reutens,Richard CH Looi

DOI: https://doi.org/10.1177/10398562241291340

2024-10-16

Australasian Psychiatry

Abstract:Australasian Psychiatry, Ahead of Print. ObjectiveThe Vastaamo psychotherapy data breach in Finland is perhaps the largest cybersecurity incident in mental healthcare to date, resulting in significant patient harm. There are specific lessons for mental healthcare providers from an analysis of the incident.MethodCase study of this specific electronic health record data breach, based on detailed media reporting.ResultsThe issues raised include: the importance of governance of the cybersecurity of sensitive personal patient data, such as compliance with legislative requirements on privacy and data security; specific security measures such as de-identification of data, data protection via passwords, multi-factor authentication, firewalls and encryption; and timely and effective communication, and support of those who have been affected.ConclusionsThe implications for mental healthcare providers, including psychiatrists and trainees, are that, within their capability, providers need to assess the efficacy and robustness of cybersecurity of electronic health record systems they use, and carefully consider the information that is recorded to minimise exposures such as in the Vastaamo breach.

psychiatry

Golnar Aref-Adib,Gabriella Landy,Michelle Eskinazi,Andrew Sommerlad,Nicola Morant,Sonia Johnson,Richard Graham,David Osborn,Alexandra Pitman

DOI: https://doi.org/10.2196/19008

2020-07-29

JMIR Mental Health

Abstract:Background The use of digital technology can help people access information and provide support for their mental health problems, but it can also expose them to risk, such as bullying or prosuicide websites. It may be important to consider internet-related risk behavior (digital risk) within a generic psychiatric risk assessment, but no studies have explored the practice or acceptability of this among psychiatrists. Objective This study aimed to explore psychiatry trainees’ experiences, views, and understanding of digital risk in psychiatry. We predicted that clinician awareness would be highest among trainees who work in child and adolescent mental health services. Methods We conducted a cross-sectional survey of psychiatry trainees attending a UK regional trainees’ conference to investigate how they routinely assess patients’ internet use and related risk of harm and their experience and confidence in assessing these risks. We conducted focus groups to further explore trainees’ understandings and experiences of digital risk assessment. Descriptive statistics and chi-squared tests were used to present the quantitative data. A thematic analysis was used to identify the key themes in the qualitative data set. Results The cross-sectional survey was completed by 113 out of 312 psychiatry trainees (response rate 36.2%), from a range of subspecialties and experience levels. Half of the trainees (57/113, 50.4%) reported treating patients exposed to digital risk, particularly trainees subspecializing in child and adolescent psychiatry (17/22, 77% vs 40/91, 44%;P=.02). However, 67.3% (76/113) reported not feeling competent to assess digital risk. Child and adolescent psychiatrists were more likely than others to ask patients routinely about specific digital risk domains, including reckless web-based behavior (18/20, 90% vs 54/82, 66%; P=.03), prosuicide websites (20/21, 95% vs 57/81, 70%; P=.01), and online sexual behavior (17/21, 81% vs 44/81, 54%; P=.02). Although 84.1% (95/113) of the participants reported using a proforma to record general risk assessment, only 5% (5/95) of these participants prompted an assessment of internet use. Only 9.7% (11/113) of the trainees had received digital risk training, and 73.5% (83/113) reported that they would value this. Our thematic analysis of transcripts from 3 focus groups (comprising 11 trainees) identified 2 main themes: barriers to assessment and management of digital risk, and the double-edged sword of web use. Barriers reported included the novelty and complexity of the internet, a lack of confidence and guidance in addressing internet use directly, and ongoing tension between assessment and privacy. Conclusions Although it is common for psychiatrists to encounter patients subject to digital risk, trainee psychiatrists lack competence and confidence in their assessment. Training in digital risk and the inclusion of prompts in standardized risk proformas would promote good clinical practice and prevent a potential blind spot in general risk assessment.

psychiatry

Julie Myers,Thomas R Frieden,Kamal M Bherwani,Kelly J Henning

DOI: https://doi.org/10.2105/AJPH.2006.107706

Abstract:Public health agencies increasingly use electronic means to acquire, use, maintain, and store personal health information. Electronic data formats can improve performance of core public health functions, but potentially threaten privacy because they can be easily duplicated and transmitted to unauthorized people. Although such security breaches do occur, electronic data can be better secured than paper records, because authentication, authorization, auditing, and accountability can be facilitated. Public health professionals should collaborate with law and information technology colleagues to assess possible threats, implement updated policies, train staff, and develop preventive engineering measures to protect information. Tightened physical and electronic controls can prevent misuse of data, minimize the risk of security breaches, and help maintain the reputation and integrity of public health agencies.

Eileen Yu,Alexis Adams-Clark,Alison Riehm,Caroline Franke,Ryoko Susukida,Melissa Pinto,Steven Arenberg,Dominique Tosi,Abbey Hughes,Amanda Montague,Anupama Kumar,Kay Jamison,Adam Kaplin

DOI: https://doi.org/10.21203/rs.3.rs-16332/v1

2020-03-09

Abstract:Abstract Background: Electronic medical records (EMRs) have transformed the way healthcare professionals manage and share patient data while providing integrated and comprehensive care. However, the rate of EMR use among psychiatrists is generally lower compared to physicians in other medical disciplines, in part due to concerns over patients’ experience of stigma surrounding mental health. This paper explores the willingness to share medical records among people with multiple sclerosis (MS), who experience higher rates of psychiatric comorbidities compared to the general population. It also examines the role that stigma plays in patients’ preferences regarding the sharing of their electronic medical records. Methods: MS patients were surveyed regarding their co-occurring psychiatric and non-psychiatric diagnoses, willingness to share their health information electronically among their treating doctors, and levels of self and societal stigma associated with their various co-occurring diagnoses. Results: 96.44% and 87.14% of participants were willing to share their non-psychiatric and psychiatric diagnoses, respectively; 97.70% and 92.78% were willing to share non-psychiatric and psychiatric medications, respectively. MS patients with a psychiatric co-occurring diagnosis, compared to those without, were significantly more likely to share their psychiatric diagnosis (AOR = 2.59) and psychiatric medications (AOR = 3.19). Those with both non-psychiatric and psychiatric co-occurring diagnoses were significantly more likely to share their psychiatric diagnosis (AOR = 3.84) and psychiatric medications (AOR = 7.02) than patients with no co-occurring diagnosis other than MS. Five (substance use, personality, eating, psychotic, and neurodevelopmental disorders) of the top six diagnoses for which societal stigma was greater than self stigma, and three (sexual, anxiety, and mood disorders) of the top five diagnoses for which self stigma was greater than societal stigma were psychiatric diagnoses. High levels of societal stigma correlated with decreased likelihood in sharing non-psychiatric medications, while high levels of self stigma were associated with a greater decrease in patient willingness to share psychiatric medications. Conclusions: Despite the presence of stigma decreasing patient willingness to share medical records, people with MS who had psychiatric disorders, compared to those without, endorsed greater willingness to share their health records electronically.

Tasha Glenn,Scott Monteith

DOI: https://doi.org/10.1007/s11920-014-0494-4

Abstract:Increasing quantities of medical and health data are being created outside of HIPAA protection, primarily by patients. Data sources are varied, including the use of credit cards for physician visit and medication co-pays, Internet searches, email content, social media, support groups, and mobile health apps. Most medical and health data not covered by HIPAA are controlled by third party data brokers and Internet companies. These companies combine this data with a wide range of personal information about consumer daily activities, transactions, movements, and demographics. The combined data are used for predictive profiling of individual health status, and often sold for advertising and other purposes. The rapid expansion of medical and health data outside of HIPAA protection is encroaching on privacy and the doctor-patient relationship, and is of particular concern for psychiatry. Detailed discussion of the appropriate handling of this medical and health data is needed by individuals with a wide variety of expertise.

Rebecca Ong

DOI: https://doi.org/10.1016/j.ijmedinf.2023.105193

Abstract:Background and objectives: The disclosure of personal health information in electronic health records (eHR) highlights privacy and security concerns that are complicated by the digitization and interoperability of health records. Hong Kong's Electronic Health Record Sharing System (eHRSS), introduced in March 2016, enables eHR sharing among public and private health services upon the consent of patients. Based on a September 2021 survey, this study examined the specific context of Hong Kong, patient and public perceptions on the security and privacy of eHR sharing, correlation of trust with personal privacy and security concerns, and how perceptions affect health care-related decisions. Methods: Using a random sample of householders aged 45-70 years, the study conducted a questionnaire survey on respondents' awareness, perceived benefits, and obstacles to participating in the eHRSS, and the impact of their perceptions on health care-related decisions. A focus group discussion with 13 participants further explored views on the security of Hong Kong's eHRSS and their readiness to support the system. Results: The study analyzed data from 400 responses. The findings showed a low degree of awareness of the eHRSS. Privacy and security concerns were impeding factors in the sharing of information; half of the respondents reported being concerned over their personal health information being part of the eHRSS. The majority (86.9%) expressed conditional support for the sharing of information. Despite their concerns on security and privacy, 66.5% and 77.9%, respectively, would not withhold information nor postpone the seeking of medical care based on those concerns. Participants in the focus group expressed concerns regarding eHRSS registration, data leaks, information accuracy, and the potential prejudice that may result in discrimination and inequality in health care provision. Conclusions: Satisfaction with the health care services played a role in the trust reposed in the Hospital Authority and health care providers and institutions. Security and privacy were decisive factors in respodents' refusal to seek care from physicians who had violated their privacy. Respondents expressed greater interest in sharing their information if measures were in place for anonymization and punishing data misuse. Ensuring rights of control toward information sharing would inspire greater confidence among patients.

Chukwuka Elendu,Eunice K. Omeludike,Praise O. Oloyede,Babajide T. Obidigbo,Janet C. Omeludike

DOI: https://doi.org/10.1097/md.0000000000039887

IF: 1.6

2024-09-29

Medicine

Abstract:In recent years, integrating digital technologies in healthcare has revolutionized medical practice, enhancing patient care, data management, and operational efficiency. However, this digital transformation has also exposed healthcare systems to significant cybersecurity threats, leading to legal and ethical challenges for clinicians. [ 1–3 ] The increasing frequency and sophistication of cyber-attacks, such as ransomware, data breaches, and hacking incidents, pose substantial risks to patient privacy, data integrity, and overall healthcare delivery. [ 1–3 ] These incidents jeopardize patient safety and implicate healthcare professionals in potential legal liabilities. Emerging technologies, including artificial intelligence (AI) and quantum computing, are at the forefront of cybersecurity innovations and challenges. AI, for instance, offers promising applications in detecting and mitigating cyber threats through advanced algorithms and machine learning (ML) techniques. However, deploying AI systems in healthcare raises concerns regarding data security, privacy, and ethical implications. If not properly managed, AI systems can introduce biases that may result in discriminatory practices or inaccurate decision-making. [ 4 , 5 ] Moreover, quantum computing, potentially breaking traditional encryption methods, further complicates the cybersecurity landscape, necessitating new cryptographic approaches and legal frameworks to safeguard sensitive health information. [ 6 ] The global nature of cybersecurity threats underscores the importance of international cooperation and regulatory harmonization. Countries have adopted varying approaches to managing cybersecurity incidents in healthcare, influenced by their legal systems, cultural values, and technological infrastructures. For example, the European Union's General Data Protection Regulation (GDPR) imposes stringent data protection requirements, including reporting data breaches within 72 hours. [ 7 ] In contrast, the United States has a more fragmented regulatory landscape, with laws such as the Health Insurance Portability and Accountability Act (HIPAA) providing a framework for protecting patient information. Still, varying state laws complicate compliance. [ 8 ] A comparative analysis of these international regulations reveals best practices and highlights areas where further harmonization is needed to protect healthcare data globally. The legal implications of cybersecurity incidents extend beyond compliance with data protection regulations. As custodians of patient data, clinicians may face legal consequences in data breaches or unauthorized access to sensitive information. These legal responsibilities necessitate a thorough understanding of cybersecurity best practices and implementing robust security measures. For instance, clinicians must ensure secure communication channels, regular updates to software systems, and adherence to data encryption standards. [ 9 ] Furthermore, clinicians should be aware of their obligations to report cybersecurity incidents and cooperate with investigations, as failure can result in legal penalties and damage to professional reputations. [ 10 ] Ethical considerations are also paramount in the context of cybersecurity in healthcare. The principle of patient autonomy, which underpins informed consent and confidentiality, is challenged when cybersecurity incidents compromise patient data. Healthcare professionals must navigate these ethical dilemmas, balancing the need to protect patient information with the necessity of using digital tools for medical care. [ 11 ] Moreover, deploying AI in healthcare introduces questions about the transparency and accountability of decision-making processes. Ensuring that AI systems are transparent, explainable, and free from biases is crucial to maintaining public trust and ensuring equitable healthcare outcomes. [ 12 ] Case studies of cybersecurity incidents in healthcare provide valuable insights into the practical challenges and consequences clinicians face. For example, the WannaCry ransomware attack in 2017 severely disrupted the UK's National Health Service (NHS), affecting numerous hospitals and clinics and leading to the cancelation of thousands of appointments. [ 13 ] This incident highlighted the vulnerability of healthcare systems to cyber threats and underscored the importance of proactive cybersecurity measures. Similarly, the breach of patient data at Ant -Abstract Truncated-

medicine, general & internal

Cartwright, Anthony James

DOI: https://doi.org/10.1007/s10877-023-01013-5

IF: 1.977

2023-04-24

Journal of Clinical Monitoring and Computing

Abstract:Cybersecurity has seen an increasing frequency and impact of cyberattacks and exposure of Protected Health Information (PHI). The uptake of an Electronic Medical Record (EMR), the exponential adoption of Internet of Things (IoT) devices, and the impact of the COVID-19 pandemic has increased the threat surface presented for cyberattack by the healthcare sector. Within healthcare generally and, more specifically, within anaesthesia and Intensive Care, there has been an explosion in wired and wireless devices used daily in the care of almost every patient—the Internet of Medical Things (IoMT); ventilators, anaesthetic machines, infusion pumps, pacing devices, organ support and a plethora of monitoring modalities. All of these devices, once connected to a hospital network, present another opportunity for a malevolent party to access the hospital systems, either to gain PHI for financial, political or other gain or to attack the systems directly to cause erroneous monitoring, altered settings of any device and even to access the EMR via this IoMT window. This exponential increase in the IoMT and the increasing wireless connectivity of anaesthesia and ICU devices as well as implantable devices presents a real and present danger to patient safety. There has, at the same time, been a chronic underfunding of cybersecurity in healthcare. This lack of cybersecurity investment has left the sector exposed, and with the monetisation of PHI, the introduction of technically unsecure IoT devices for monitoring and direct patient care, the healthcare sector is presenting itself for further devastating cyberattacks or breaches of PHI. Coupled with the immense strain that the COVID-19 pandemic has placed on healthcare and the changes in working patterns of many caregivers, this has further amplified the exposure of the sector to cyberattacks.

anesthesiology

Rebecca Yoke Chan Ong,Sandy Sabapathy

DOI: https://doi.org/10.1177/1473779520914290

2020-03-01

Common Law World Review

Abstract:While it is true that the expanded use of health information and electronic health records (eHRs) can help deliver better healthcare, there remains the need to reconcile citizens’ legitimate concerns for privacy protection and confidentiality in the use of their personal health data, and the potential for violation of their privacy. Under the Hong Kong’s Electronic Health Record Sharing System (eHRSS), the eHR of the individual patient can be accessed and shared between healthcare providers for healthcare-related purposes. Although the Electronic Health Record Sharing System Ordinance (Cap 625) (the ‘eHRSSO’) and the Personal Data (Privacy) Ordinance (Cap 486) (the ‘PD(P)O’) provide protection for personal data and patients’ privacy, the eHRSS has come under greater scrutiny given the rise in data breaches experienced globally and in Hong Kong. The article’s objective is twofold. It first examines the eHRSS specifically with regard to some of the more pertinent provisions of the eHRSSO and the PD(P)O, to critically evaluate the extent to which these provisions ensure and protect patient privacy. Thence it offers suggestions and recommendations as to how protection for patient privacy can be enhanced and, indeed, altogether better ensured.

Megha M. Moncy,Sadia Afreen,Saptarshi Purkayastha

2023-11-07

Abstract:This research examines the pivotal role of human behavior in the realm of healthcare data management, situated at the confluence of technological advancements and human conduct. An in-depth analysis of security breaches in the United States from 2009 to the present elucidates the dominance of human-induced security breaches. While technological weak points are certainly a concern, our study highlights that a significant proportion of breaches are precipitated by human errors and practices, thus pinpointing a conspicuous deficiency in training, awareness, and organizational architecture. In spite of stringent federal mandates, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, breaches persist, emphasizing the indispensable role of human factors within this domain. Such oversights not only jeopardize patient data confidentiality but also undermine the foundational trust inherent in the healthcare infrastructure. By probing the socio-technical facets of healthcare security infringements, this article advocates for an integrated, dynamic, and holistic approach to healthcare data security. The findings underscore the imperative of augmenting technological defenses while concurrently elevating human conduct and institutional ethos, thereby cultivating a robust and impervious healthcare data management environment.

Computers and Society,Cryptography and Security

Alexis Bourla,Florian Ferreri,Laetitia Ogorzelec,Charles-Siegfried Peretti,Christian Guinchard,Stephane Mouchabac

DOI: https://doi.org/10.2196/10240

2018-12-14

JMIR Mental Health

Abstract:Background Recent discoveries in the fields of machine learning (ML), Ecological Momentary Assessment (EMA), computerized adaptive testing (CAT), digital phenotype, imaging, and biomarkers have brought about a new paradigm shift in medicine. Objective The aim of this study was to explore psychiatrists’ perspectives on this paradigm through the prism of new clinical decision support systems (CDSSs). Our primary objective was to assess the acceptability of these new technologies. Our secondary objective was to characterize the factors affecting their acceptability. Methods A sample of psychiatrists was recruited through a mailing list. Respondents completed a Web-based survey. A quantitative study with an original form of assessment involving the screenplay method was implemented involving 3 scenarios, each featuring 1 of the 3 support systems, namely, EMA and CAT, biosensors comprising a connected wristband-based digital phenotype, and an ML-based blood test or magnetic resonance imaging (MRI). We investigated 4 acceptability domains based on International Organization for Standardization and Nielsen models (usefulness, usability, reliability, and risk). Results We recorded 515 observations. Regarding our primary objective, overall acceptability was moderate. MRI coupled with ML was considered to be the most useful system, and the connected wristband was considered the least. All the systems were described as risky (410/515, 79.6%). Regarding our secondary objective, acceptability was strongly influenced by socioepidemiological variables (professional culture), such as gender, age, and theoretical approach. Conclusions This is the first study to assess psychiatrists’ views on new CDSSs. Data revealed moderate acceptability, but our analysis shows that this is more the result of the lack of knowledge about these new technologies rather than a strong rejection. Furthermore, we found strong correspondences between acceptability profiles and professional culture profiles. Many medical, forensics, and ethical issues were raised, including therapeutic relationship, data security, data storage, and privacy risk. It is essential for psychiatrists to receive training and become involved in the development of new technologies.

psychiatry

P. Vimalachandran,H. Wang,Y. Zhang,G. Zhuo

DOI: https://doi.org/10.4108/eai.9-8-2016.151633

2017-10-21

Abstract:An Electronic Health Record (EHR) is designed to store diverse data accurately from a range of health care providers and to capture the status of a patient by a range of health care providers across time. Realising the numerous benefits of the system, EHR adoption is growing globally and many countries invest heavily in electronic health systems. In Australia, the Government invested $467 million to build key components of the Personally Controlled Electronic Health Record (PCEHR) system in July 2012. However, in the last three years, the uptake from individuals and health care providers has not been satisfactory. Unauthorised access of the PCEHR was one of the major barriers. We propose an improved access control model for the PCEHR system to resolve the unauthorised access issue. We discuss the unauthorised access issue with real examples and present a potential solution to overcome the issue to make the PCEHR system a success in Australia.

Computers and Society,Cryptography and Security

Andrea Parziale,Deborah Mascalzoni

DOI: https://doi.org/10.3389/fpsyt.2022.873392

IF: 4.7

2022-06-10

Frontiers in Psychiatry

Abstract:Psychiatric research traditionally relies on subjective observation, which is time-consuming and labor-intensive. The widespread use of digital devices, such as smartphones and wearables, enables the collection and use of vast amounts of user-generated data as "digital biomarkers." These tools may also support increased participation of psychiatric patients in research and, as a result, the production of research results that are meaningful to them. However, sharing mental health data and research results may expose patients to discrimination and stigma risks, thus discouraging participation. To earn and maintain participants' trust, the first essential requirement is to implement an appropriate data governance system with a clear and transparent allocation of data protection duties and responsibilities among the actors involved in the process. These include sponsors, investigators, operators of digital tools, as well as healthcare service providers and biobanks/databanks. While previous works have proposed practical solutions to this end, there is a lack of consideration of positive data protection law issues in the extant literature. To start filling this gap, this paper discusses the GDPR legal qualifications of controller, processor, and joint controllers in the complex ecosystem unfolded by the integration of digital biomarkers in psychiatric research, considering their implications and proposing some general practical recommendations.

psychiatry

Bo Wang,Eli Kristiansen,Asbjørn Johansen Fagerlund,Paolo Zanaboni,Maria Hägglund,Annika Bärkås,Sari Kujala,Åsa Cajander,Charlotte Blease,Anna Kharko,Isto Huvila,Bridget Kane,Monika Alise Johansen

DOI: https://doi.org/10.2196/47840

2023-12-25

Abstract:Background: Patient-accessible electronic health records (PAEHRs) hold promise for empowering patients, but their impact may vary between mental and somatic health care. Medical professionals and ethicists have expressed concerns about the potential challenges of PAEHRs for patients, especially those receiving mental health care. Objective: This study aims to investigate variations in the experiences of online access to electronic health records (EHRs) among persons receiving mental and somatic health care, as well as to understand how these experiences and perceptions vary among those receiving mental health care at different levels of point of care. Methods: Using Norwegian data from the NORDeHEALTH 2022 Patient Survey, we conducted a cross-sectional descriptive analysis of service use and perceptions of perceived mistakes, omissions, and offensive comments by mental and somatic health care respondents. Content analysis was used to analyze free-text responses to understand how respondents experienced the most serious errors in their EHR. Results: Among 9505 survey participants, we identified 2008 mental health care respondents and 7086 somatic health care respondents. A higher percentage of mental health care respondents (1385/2008, 68.97%) reported that using PAEHR increased their trust in health care professionals compared with somatic health care respondents (4251/7086, 59.99%). However, a significantly larger proportion (P<.001) of mental health care respondents (976/2008, 48.61%) reported perceiving errors in their EHR compared with somatic health care respondents (1893/7086, 26.71%). Mental health care respondents also reported significantly higher odds (P<.001) of identifying omissions (758/2008, 37.75%) and offensive comments (729/2008, 36.3%) in their EHR compared with the somatic health care group (1867/7086, 26.35% and 826/7086, 11.66%, respectively). Mental health care respondents in hospital inpatient settings were more likely to identify errors (398/588, 67.7%; P<.001) and omissions (251/588, 42.7%; P<.001) than those in outpatient care (errors: 422/837, 50.4% and omissions: 336/837, 40.1%; P<.001) and primary care (errors: 32/100, 32% and omissions: 29/100, 29%; P<.001). Hospital inpatients also reported feeling more offended (344/588, 58.5%; P<.001) by certain content in their EHR compared with respondents in primary (21/100, 21%) and outpatient care (287/837, 34.3%) settings. Our qualitative findings showed that both mental and somatic health care respondents identified the most serious errors in their EHR in terms of medical history, communication, diagnosis, and medication. Conclusions: Most mental and somatic health care respondents showed a positive attitude toward PAEHRs. However, mental health care respondents, especially those with severe and chronic concerns, expressed a more critical attitude toward certain content in their EHR compared with somatic health care respondents. A PAEHR can provide valuable information and foster trust, but it requires careful attention to the use of clinical terminology to ensure accurate, nonjudgmental documentation, especially for persons belonging to health care groups with unique sensitivities.

Tim Jacquemard,Colin P. Doherty,Mary B. Fitzsimons

DOI: https://doi.org/10.1186/s12910-020-00514-1

2020-08-24

BMC Medical Ethics

Abstract:Abstract Background Electronic patient record (EPR) technology is a key enabler for improvements to healthcare service and management. To ensure these improvements and the means to achieve them are socially and ethically desirable, careful consideration of the ethical implications of EPRs is indicated. The purpose of this scoping review was to map the literature related to the ethics of EPR technology. The literature review was conducted to catalogue the prevalent ethical terms, to describe the associated ethical challenges and opportunities, and to identify the actors involved. By doing so, it aimed to support the future development of ethics guidance in the EPR domain. Methods To identify journal articles debating the ethics of EPRs, Scopus, Web of Science, and PubMed academic databases were queried and yielded 123 eligible articles. The following inclusion criteria were applied: articles need to be in the English language; present normative arguments and not solely empirical research; include an abstract for software analysis; and discuss EPR technology. Results The medical specialty, type of information captured and stored in EPRs, their use and functionality varied widely across the included articles. Ethical terms extracted were categorised into clusters ‘privacy’, ‘autonomy’, ‘risk/benefit’, ‘human relationships’, and ‘responsibility’. The literature shows that EPR-related ethical concerns can have both positive and negative implications, and that a wide variety of actors with rights and/or responsibilities regarding the safe and ethical adoption of the technology are involved. Conclusions While there is considerable consensus in the literature regarding EPR-related ethical principles, some of the associated challenges and opportunities remain underdiscussed. For example, much of the debate is presented in a manner more in keeping with a traditional model of healthcare and fails to take account of the multidimensional ensemble of factors at play in the EPR era and the consequent need to redefine/modify ethical norms to align with a digitally-enabled health service. Similarly, the academic discussion focuses predominantly on bioethical values. However, approaches from digital ethics may also be helpful to identify and deliberate about current and emerging EPR-related ethical concerns.

ethics,medical ethics,social sciences, biomedical

Pasupathy Vimalachandran,Hua Wang,Yanchun Zhang,Ben Heyward,Yueai Zhao

DOI: https://doi.org/10.48550/arXiv.1802.00575

2018-02-02

Abstract:As a consequence of the huge advancement of the Electronic Health Record (EHR) in healthcare settings, the My Health Record (MHR) is introduced in Australia. However security and privacy of the MHR system have been encumbering the development of the system. Even though the MHR system is claimed as patient-cenred and patient-controlled, there are several instances where healthcare providers (other than the usual provider) and system operators who maintain the system can easily access the system and these unauthorised accesses can lead to a breach of the privacy of the patients. This is one of the main concerns of the consumers that affect the uptake of the system. In this paper, we propose a patient centred MHR framework which requests authorisation from the patient to access their sensitive health information. The proposed model increases the involvement and satisfaction of the patients in their healthcare and also suggests mobile security system to give an online permission to access the MHR system.

Computers and Society

Raul Luna,Emily Rhine,Matthew Myhra,Ross Sullivan,Clemens Scott Kruse

DOI: https://doi.org/10.3233/THC-151102

Abstract:Background: Recent legislation empowering providers to embrace the electronic exchange of health information leaves the healthcare industry increasingly vulnerable to cybercrime. The objective of this systematic review is to identify the biggest threats to healthcare via cybercrime. Objective: The rationale behind this systematic review is to provide a framework for future research by identifying themes and trends of cybercrime in the healthcare industry. Methods: The authors conducted a systematic search through the CINAHL, Academic Search Complete, PubMed, and ScienceDirect databases to gather literature relative to cyber threats in healthcare. All authors reviewed the articles collected and excluded literature that did not focus on the objective. Results: Researchers selected and examined 19 articles for common themes. The most prevalent cyber-criminal activity in healthcare is identity theft through data breach. Other concepts identified are internal threats, external threats, cyber-squatting, and cyberterrorism. Conclusions: The industry has now come to rely heavily on digital technologies, which increase risks such as denial of service and data breaches. Current healthcare cyber-security systems do not rival the capabilities of cyber criminals. Security of information is a costly resource and therefore many HCOs may hesitate to invest what is required to protect sensitive information.

Alexandra Mullins,Renee O’Donnell,Heather Morris,Michael Ben-Meir,Kostas Hatzikiriakidis,Lisa Brichko,Helen Skouteris

DOI: https://doi.org/10.1186/s12911-022-01920-8

IF: 3.298

2022-07-08

BMC Medical Informatics and Decision Making

Abstract:The emergency department has been a major focus for the implementation of Australia's national electronic health record, known as My Health Record. However, the association between use of My Health Record in the emergency department setting and patient care is largely unknown. The aim of this study was to explore the perspectives of emergency department clinicians regarding My Health Record use frequency, the benefits of My Health Record use (with a focus on patient care) and the barriers to use.

medical informatics

Danielle Newby,Niall Taylor,Dan W. Joyce,Laura M. Winchester

DOI: https://doi.org/10.1038/s41398-024-02911-1

2024-06-02

Translational Psychiatry

Abstract:The explosion and abundance of digital data could facilitate large-scale research for psychiatry and mental health. Research using so-called "real world data"—such as electronic medical/health records—can be resource-efficient, facilitate rapid hypothesis generation and testing, complement existing evidence (e.g. from trials and evidence-synthesis) and may enable a route to translate evidence into clinically effective, outcomes-driven care for patient populations that may be under-represented. However, the interpretation and processing of real-world data sources is complex because the clinically important 'signal' is often contained in both structured and unstructured (narrative or "free-text") data. Techniques for extracting meaningful information (signal) from unstructured text exist and have advanced the re-use of routinely collected clinical data, but these techniques require cautious evaluation. In this paper, we survey the opportunities, risks and progress made in the use of electronic medical record (real-world) data for psychiatric research.

psychiatry

Julian Schwarz,Cosima Hoetger,Lena-Sophie Pluschke,Felix Muehlensiepen,Michael Schneider,Samuel Thoma,Tobias Esch

DOI: https://doi.org/10.1186/s12888-024-05845-6

IF: 4.144

2024-06-12

BMC Psychiatry

Abstract:In a growing list of countries, patients are granted access to their clinical notes ("open notes") as part of their online record access. Especially in the field of mental health, open notes remain controversial with some clinicians perceiving open notes as a tool for improving therapeutic outcomes by increasing patient involvement, while others fear that patients might experience psychological distress and perceived stigmatization, particularly when reading clinicians' notes. More research is needed to optimize the benefits and mitigate the risks.

psychiatry