Enhancing Information Security and Privacy of Health Information System: A Case of Openmrs
No Thumbnail Available
Date
2015-04
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
Security is a vital part of daily life to healthcare organizations that need to ensure the information
is adequately secured. The existing infrastructure lacks the structural security and privacy
elements needed to support the evolving IT infrastructure, emerging legislative regulations, and
ever increasing threats. The problem, then, is how we can maintain the availability of the right
information at the right time and at the same time maintain the security and privacy of patient
information.
This research took a broad approach into existing information security and privacy of healthcare
domain with practical focus on Black Lion Hospital and Korean Hospital. The main theme of
this thesis is that such major paradigm shifts or using/adopting new technologies demand a
rethinking of the security and privacy aspects and solutions. The desire is to engage all parties,
including the clinicians and patients, and understand what is acceptable and desirable before the
coming generation of healthcare systems is deployed. There will certainly be tension between
security and usability, between patient privacy and the clinician convenience. The point here is,
therefore, to hit the balance between the two and come up with a system that satisfies both. Thus,
to overcome the limitations and enable the complete protection of sensitive information this
study reviews existing information security and privacy of health information system and the
available open source software that can be enhanced with such service and used to improve the
HIS.
We proposed and implemented a prototype that enhances information security and privacy of
HIS using OpenMRS. The prototype’s main security and privacy features includes
confidentiality on the server side that is ensured by a carefully placed access control mechanism,
encryption that protects the confidentiality during transfer of the data and at storage,
anonymization of patient medical record and the use of log files. The proposed prototype meets
all of our objectives. Finally, the prototype is tested using OpenMRS demo data and evaluated by
health professionals in Black Lion Hospital and Korean Hospital. The result is encouraging and
full deployment can be thought of.
Keywords: Information Security, Privacy, Health Information System, Electronic
Medical Record, OpenMRS
Description
Keywords
Information Security, Privacy, Health Information System, Electronic Medical Record, Openmrs