How to Secure Health Information Systems?

tecezeadmin

Comments are off for this post

Nowadays, there is a change in the volume of information. Some level of IT maturity is needed in the backdrop of COVID-19 where massive volumes of Health records (patient data) are being handled. This is a prerequisite to ensure the privacy of the patient. Most health care organizations with reasonable levels of awareness would have deployed controls to ensure the integrity of software, server hardening, proper redundancy of systems/ auto-recovery capabilities. Prudent network security measures to ensure dedicated connections, encryption in communications, logging, and detection of intrusive activities are also used commonly. Physical security considerations for hardware are often addressed. Identity management is implemented to avoid impersonation attacks.

Most Health Information Systems (‘HIS’) have users as the weakest link, here the authentication mechanisms need to be stronger. Many countries have tried to issue smart cards which sought to maintain an identity repository of its citizens. We can try to understand if such implementation can be used in HIS and explore the underlying security implications. Secure access and handling of HIS data is often a legal requirement in most developed countries. Consider the Health Insurance Portability and Accountability Act (HIPAA) of the USA.

Presently with COVID – 19 internets, Bluetooth have been the mechanisms that are in use to transmit HIS data and this inherently increases the need for security controls around such transmissions. Cryptography and Steganography come to the rescue. With encryption, proper controls around data transmission include making the text message unreadable, protecting the key, and using a strong cipher. This also assures authentication. Steganography is an additional layer of control which makes the message look nondescript, so an attacker may not suspect anything sensitive or worthwhile in it. Yet, cryptoanalysis refers to a series of attacks that can be used to tamper with encrypted communication. It may obstruct or modify the informational flow. This encompasses mathematical knowledge to break algorithms or technical knowledge to detect code weaknesses.

To be more precise, HIS security mandates defining an access control list, as in who can access which patient record. Any access by persons other than health professionals needs explicit consent of the patient. Proper controls around the modification of data are also required. Responsibilities in terms of who may modify what should be established. Role-based access control helps in this regard. It facilitates group access policies based on the profession.

A proper audit trail must be maintained for the creation and modification of new records. This includes deletion as well. In case of any unauthorized deletion, it allows for the reconstruction of such data. Besides this, chances of accidental leakage of data must be factored and prevented. Also, some controls around monitoring the flow of data to unnecessary areas are required. Information aggregation is another problem wherein a person with access to various sources or aspects of data is given access to the main data.

Communications security is another aspect of HIS security. Checksum, hashes help in establishing the integrity of data. Electronic Health Records are part of HIS security and record management, data governance aspects of crucial in this facet. Before making connections with new systems in the internet proper verification procedures to ensure that the certificates are trustworthy is important. Using IPV6 is also a more secure option, though it has been commonly observed that the adoption rate has been rather slow.

Smart cards in HIS

Many countries have started issuing cards for patients to gain access to health care facilities. Electronic health records are easily accessible online. This requires proper controls over the issue and retention of cards. France was once such a country which successfully implemented this system to facilitate access to health care facilities and administer reimbursements. It was highly successful in reducing fraud as well. ISO/IEC 7186 deals with using smart cards with encryption.

Germany was another country which succeeded in implementing a health care system based on smart cards. As per a business analysis study commissioned in early 2000 about 700 million euros was the predicted savings from this initiative. Patients need to consent to the usage of the cards by providing a PIN.

Back up arrangements of Hardware Security Modules are also pretty important while using encryption arrangements in smart cards. There is a need to maintain considerable IS governance when implementing such initiatives. Certain drivers of successful implementation are:

Create a pragmatic goal for the health project, ensure a human centered design which aims at meeting user requirements.
Make investments in tranches, ensure user involvement with hospitals and pharmacies being at the forefront of making decisions. Ensure there is government sponsorship.
In such smart card implementations ensure unique identification methods, digital signatures and encryption methodologies are in place. Link this to the citizenship of persons.
Proper awareness campaigns and positive public image allays fears of people. A good level of cooperation between market players is also important for facilitating smooth implementation. Periodic reviews of the project success also helps in ensuring it meets the milestone needs.
User and functional training is of great importance to ensure increased turnaround times.
Proper HIS Security plan, integration testing and acceptance procedures are also important. Security audits help in mitigating the risk of compromise of such systems.

Electronic Health Records

This includes information of patients which can be retrieved for understanding details relating to diagnosis, observations, and conclusions to undertake research. These are computerized records that are digitized and are usually in the form of ‘information islands’. The paradigm of information makes it harder to retrieve. Ideally, large integrations between different departmental systems pave the way for the ubiquity of health information. Needless to say, the security of such systems need to be in place. Many data exchange standards are being used for this purpose. They define the interface requirements, securing user identification. The main purpose of these standards is to establish the interoperability of systems. These standards include archetypes which are specifications of clinical content.

Data ownership is often a hotly debated matter in health records. In some cases, the patient data may be subject to joint ownership that is usually between the patient and the hospital receiving this information. This leads to confusion regarding who can access/ use /store or destroy the data. There is no clarity regarding the applications of data. Data ownership relates to intellectual property rights, using data for clinical studies and marketing, etc. There are quite a several legal and ethical issues around such applications.

Data aggregation is common in many countries. For instance, ‘Health Connect’ in Australia provides for ease of information retrieval and significant cost savings. Canada is piloting the implementation of HER, Germany is trying to link the smart cards with health records. The architecture of such deployments mandates some levels of centralization. User consent, proper authentication, and access rights management. The usage of medical information can be monitored to ensure it is not used for epidemiological research purposes. The information integration gives caregivers the ability to retrieve it from different sources. This may facilitate the maintenance of medical messaging systems, progress updates, etc. There is some potential to reduce the cost of traveling to meet the doctor.

The UK is not far behind in this drive to improve healthcare using technology. Health Space is a free online personal health organizer that is used to manage, store important health records.

The need for risk assessment, billing facilities, report creation, and clinical research makes an electronic health tracking system a mandate. This is bound to be the future regardless of whether it is at a mature phase or not. Nevertheless, a reliable Electronic Health Record system can be built and maintained using the following tenets:

OpenEHR is one such initiative that is about creating common data standards to facilitate the interoperability of records.

Digital Health Repository: Technology giants Google and Microsoft have also tried to make the management of health records easy and almost free. These services are mainly available in the USA. Google uses its browser, email, and collaboration capabilities, on the other hand, Microsoft partners with equipment providers. Their names are Google Health and Microsoft Health Vault. Interoperability has been a major concern in implementing these systems. Moreover, the fact that such systems are being operated by private players is not preferred by most people. Considering the complicated privacy laws, GDPR’s requirements, and potential for using this information for analysis and marketing, possibilities of intrusiveness or snooping such a repository is often only spoken or written about.

Conclusion

On the whole the combined use of smart card technologies and electronic health records offer certain compelling use cases though they are not free of privacy and technical risks.

The only way to protect what you’ve worked hard to build is to be vigilant when it comes to cybersecurity. If you’d like to know more about how your business can benefit from managed services, just give us a call, we are here to help.