Carrión Inmaculada, Alemán José Luis Fernández, Toval Ambrosio
Department of Informatics and System, Faculty of Computer Science, University of Murcia, Murcia, Spain.
Annu Int Conf IEEE Eng Med Biol Soc. 2011;2011:2380-3. doi: 10.1109/IEMBS.2011.6090664.
Health service providers are starting to become interested in providing PHRs (Personal Health Records). With PHRs, access to data is controlled by the patient, and not by the health care provider. Companies such as Google and Microsoft are establishing a leadership position in this emerging market. A number of benefits can be achieved with PHRs, but important challenges related to security and privacy must be addressed. This paper presents a review of the privacy policies of 20 free web-based PHRs. Security and privacy characteristics were extracted and assessed according to the HIPAA standard. The results show a number of important differences in the characteristics analyzed. Some improvements can be made to current PHR privacy policies to enhance the audit and management of access to users' PHRs. A questionnaire has been defined to assist PHR designers in this task.
医疗服务提供商开始对提供个人健康记录(PHR)产生兴趣。有了个人健康记录,数据访问由患者控制,而非医疗服务提供商。谷歌和微软等公司正在这个新兴市场确立领先地位。个人健康记录能带来诸多益处,但必须应对与安全和隐私相关的重大挑战。本文对20个基于网络的免费个人健康记录的隐私政策进行了综述。根据《健康保险流通与责任法案》(HIPAA)标准提取并评估了安全和隐私特征。结果显示在所分析的特征方面存在一些重要差异。可以对当前个人健康记录的隐私政策进行一些改进,以加强对用户个人健康记录访问的审计和管理。已制定一份调查问卷来协助个人健康记录设计者完成这项任务。
Zotero 插件