Table of Contents
There are several problems concerning healthcare organizations’ Internet privacy and e-mail issues, based on the patients’ inability of controlling over personal information disclosure and access to Internet-based e-Health records (Shonerigun, Dube & Mtenz, 2010). Electronic storage of patient’s sensitive information is vital for the accurate medical records, but entails internal and external Internet privacy violations (Wager, Lee & Glaser, 2009). Moreover, the Health Insurance Portability and Accountability Act of 1996 requires healthcare organizations to ensure confidentiality, integrity and availability of the electronically protected health information (Wager et.al, 2009). What’s more, Health Information Technologies become widespread among healthcare practitioners and require their precise knowledge of the framework for security of the electronically stored private medical information (Shonerigun et. al, 2010). That is why; privacy protection approach is based on education of the general public, because particular reasonable anticipated threats and hazards to security of stored information occur on all of the levels of working framework (Joos, Nelson & Smith, 2010). These harmful actions include conscious and unconscious behavior, such like identity thefts and innocent mistakes of the registered practitioners (Joos et. al, 2010).
The purpose of the research is to examine pressing problems, which concern healthcare organizations’ Internet privacy and massages exchanges and indentify, which advanced technologies help to secure proposed conceptual and processing frameworks. Research of this report includes the review of the current literature about healthcare information systems and online privacy of transmitted and received information and policy, which governs authenticity and accuracy of the healthcare working procedures.
Internet Privacy Problems of Healthcare Organizations
Legal responsibilities are imposed on healthcare organizations to ensure their protection of sensitive medical information of their customers, protected data availability and prevention of any anticipated accidents of its disclosure (Wager et. al, 2009). The technological development introduced changes to healthcare organizational process, when patients can be admitted to the facility via the Internet and perform required payment via PayPal services (Shoneringun et. al, 2010). However, Congress’ law enforcement on the Internet service providers did not reduce the cases of fraud and hacker hazards (Joos et. al, 2010). Moreover, with the introduction of the Health Information Technologies occurred the cases of identity thefts, when another person’s personality could be used as an identification of the Social Security Number with which an intruder can obtain medical care (Joos et.al, 2010). Furthermore, the cases of medical identity theft are of a special concern of the healthcare providers, because sensitive information can be used without particular individual’s awareness or consent and help illegally obtain or receive payment for medical care (Joos et. al, 2010).
There are specific threats and vulnerabilities to be considered for wireless networks:
1. Malicious entities may bypass firewall protection and gain unauthorized access to healthcare organization computer networks (Hall, 2011).
2. Sensitive unprotected information may be intercepted on its transmission between wireless networks (Brown & Brown, 2011).
3. Making protected health information unavailable for intended users may be directed for wireless connection or devices (Joos et. al, 2010). This happens when particular number of people makes efforts to suspend or interrupt services of the host connected to the Internet (Vacca, 2006).
4. Sensitive data may be corrupted during its improper integration or joining at the proper point (Wager et.al, 2009).
5. Internal attacks may be possible due to informational exchange via these transmissions (Hall, 2011).
6. Another ways of obtaining unauthorized access to wireless network are piggybacking, which means gaining access through the unsecured wireless Internet connection; and war driving, which involves searching for the Internet connection with an antenna and a wireless computer, while driving city streets (Wager et. al, 2009).
Sensitive information acceptance, maintenance and transmitting via the Internet or e-mail messages can result in healthcare privacy violation, due to the software flew and possible exposing of the private medical information (Wager et. al, 2009). There are cases when individuals’ personal information, including names and addresses, was exposed through a government-run website, when they requested drug and alcohol treatment (Wager et. al, 2009). The similar accident happened in Medical Center in Florida when medical data about 500 patients was accidently posted to the Internet by a healthcare practitioner, who had legal access to the system (Joos et. al, 2010).
These cases justify that currently enforced Internet privacy legislation did not prove to be effective, because it required complex monitoring of privacy and security by the number of registered practitioners and employees, who are responsible for storage and discloser of the patients’ information (McCreary, 2005). Therefore, conceptual and technological formalisms should be precisely studied in order to identify sufficient and effective measures for protection of the Internet privacy.
Integrity of the Conceptual Framework and Contingency Privacy Protection Plan
Security and privacy of the patients’sensative information should be handled within the generic methods and mechanisms, which include authentication, authorization, integrity, anonymisation, and pseudonymisation (Shonerigun et.al, 2010). Moreover, control chain of this mechanism requires patients’ legal consents of their data recycling (Shonerigun et.al, 2010). Therefore, pyramid structure of the informational security and privacy compliance with the required HIPAA regulations can be illustrated with the following figure:
Therefore, the process of informational exchange of the healthcare practitioners has different direction than required standard regulations (Brown & Brown, 2011). With the introduction of the web portals that provide medical services for customers, the healthcare practitioners are required to have more precise knowledge of the cyberspace processes (Meingast, Roosta & Sastry, 2006). IT staff assistance becomes relevant for securing and protecting patients’ sensitive issues (Brown & Brown, 2011).
This report suggests that a security manager will be in charge of the security management process and will be preventing unauthorized access and corruption of data to which he/she will have access (Brown & Brown, 2011). Security Socket Layer Technologies, which imply dedicated network installation, will be used for the provision of the encrypted link between a client and a healthcare facility’s computer over TCP/IP connection (Hall, 2011). An encryption link is produced with the help of an encryption key, which is not transmitted over the Internet and stored only on the user’s computer (Brown & Brown, 2011). Therefore, only the encrypted key holder maintains control of the transmitted data, eliminating the threat of unauthorized access (Brown & Brown, 2011).
Some basic terms are associated with an encryption working process (Wager et. al, 2009). These terms are: a) plaintext, which defines authenticated datum that was recorded in the computer system as original text; b) encryption algorithm, which converts these data into encrypted form; c) ciphertext, which appears after application of the algorithm data; d) key, which includes decryption procedure that converts ciphertext back to the original message (Wager et. al, 2009).
The direction of the required procedures of the conceptual framework is implemented by the concept map of the patient-practitioner informational exchange. This concept map describes importance of the security manager’s assistance and his/her major role in preventing of threats of unauthorized access. Integration of framework’s formalisms and stages of the concept map that are based on the process of encryption technology can be seen in Appendix A.
In particular cases the electronically protected health information can be accessed remotely (Brown & Brown, 2011). However, specific risks occur on the grounds of malicious behavior or operational malfunctions (Shonerigun et.al, 2010). The security manager should follow a prescribed set of recommendations when mistakes and errors are deemed to be undone (Wager et. al, 2009). There are the following among these errors and mistakes:
1. Potential unauthorized or improper access, which occurred when logon/password information had been lost or stolen (Joos et.al, 2010). In order to receive access to systems, that contain protected health information, a security manager should apply two-stage authentication process (Wager et.al, 2009).
2. Employees received access to the protected health information when not authorized to do so (Joos et. al, 2010). The security manager can execute the following steps: a) development of the proper employee’s verification and production of an appropriate staff training prior to granting remote access; b) establishment of different remote access to different users, that is based on the level of a job function; c) addressing of the issue of unauthorized access in accordance to the required sanction policy (Wager et. al, 2009).
3. The external device contaminated system by a virus, which helps an intruder to gain remote access to systems that contain the protected health information (Joos et. al, 2010). The security manager can install personal firewall software on all devices that store or access protected health information (Wager et. al, 2009).
4. Data was encrypted or modified during exchange between patient and physician (Joos et. al, 2010). The security manager can impose prohibition on transmission of protected health information via open networks and/or prohibit checking e-mails from offsite devices or wireless access points (Wager et. al, 2009). Therefore, Security Socket Layer is a minimum requirement for all systems, which manage the protected health information in any form (Hall, 2011).
Taking into account that the HIPAA regulations require agreement between healthcare institutions and providers of Internet service storage about the same level of security over data, healthcare facilities encrypt particular types of received and transmitted information (Brown & Brown, 2011; McCreary, 2005). The types are the following: a) patient billing data and exchange of information between the administration and payers on the health plans; b) utilization and referrals data of the organizational management; c) patient health information taken from the website or portal; d) electronically sent laboratory and clinical data from and to labs; e) word-processing files and patient’s reports in transcription, which are transferred through direct messages; f) e-mail exchanging between physicians and patients, and internal electronic exchanges of the facility (Brown & Brown, 2011).
This report suggests that working process framework and secure informational exchange require a data backup plan and a disaster recovery plan in the cases when unauthorized hazard occurred and sensitive data was damaged, when the system was unexpectedly crashed (Joos et.al, 2010). Initiation of the encryption technology program allows the implementation of the contingency backup and recovery plan on the grounds of this program, which meets the HIPAA requirements (Brown & Brown, 2011). The data backup plan can be described as an establishment and implementation of the procedures, which help to maintain copies of the originals of the electronically protected health information (Brown & Brown, 2011; Shonerigun et al., 2010). The disaster recovery plan is defined with an establishment and implementation of the procedures, which help to restore any loss of data (Hall, 2011). In particular cases an emergency mode operation plan is required to enable reconstruction of the critical business processes for protection of the sensitive health information, when a security manager tries to restore system in the emergency operational mode (Brown & Brown, 2011). Moreover, if the system fails completely, the full recovery of the user’s backed up data is possible with reinstallation of the software, which does not require different username and password (Joos et.al, 2010).
The proposed approach integrates standardization requirements and necessities of the privacy and security protection. Aspects of the actions, which should be taken and procedures, which should be correlated to them, do not contradict sufficiency and conveniences of health information technologies.
Opposing Current Healthcare Information Technologies’ Specifications
Nowadays not only information can be stored electronically, but patients can attend physicians without living their homes. With the introduction of the Intel Integrated Digital Hospital, patients can access to their clinical laboratory results through the patient web portals (Meingast et.al, 2006). Sensor networks of the Information Technology for Assistance Living at Home, projected by the University of California, are widely used for remote patient monitoring (Meingast et. al, 2006). With the help of these networks, patient’s and administrator’s communication is integrated into digital view of the patients’ health history (Meingast et.al, 2006). However, the effectiveness of these advanced technologies is based on the issues of the access rights to data, security of the transmitted and received data, transfer of the data analysis rights and governing policies (Herrick et. al, 2010).
Therefore, these technologies evade the following aspects of the informational processing:
- Data ownership issue. Since medical information is available on the Internet and even other practitioner from a different hospital can access it, third-party payers disagree to reimburse the payment for medical care (Meingast et.al, 2006; Herrick et.al, 2010).
Therefore, it is unclear what level of privacy and security should be maintained upon informational transmitting to the third-party (Herrick et.al, 2010).
- Volume of the stored information. These technologies do not answer the question about the precise quantity of uploaded information (Herrick et.al, 2010). It is especially true in the cases when only specific information is required for the adequate diagnosis (Herrick et.al, 2010).
- Location of the medical information. Monitoring of the medical data is simplified, because it is stored in the central data base (Meingast et.al, 2006). However, ensuring of the privacy protection is complicated, because personal information can be accessed and disclosed easily (Herrick et.al, 2010).
- Complete access of the insurance provider. In order to perform accurate reimbursement for medical expenses, a third-party is provided with the full access to all medical data and reports (Meingast et.al, 2010). However, this provision has been an object of lawsuits and congressional inquiries (Herrick et. al, 2010).
The most common disadvantage of these technologies is based on the matter of loosing revenue, if hospitals start investing in implementation of the program, taking into account that hospitals earn significant income for performing diagnostic tests (Herrick et.al, 2010). Moreover, data privacy and informational exchange are more triggered, because unselected data, in accordance to their relevance, are placed on the portals and websites without their initial protection. It should be mentioned that the Government’s support in mandating these technologies is deemed vital because the market has failed to produce a sufficient health information technology system (Herrick et.al, 2010). The Internet Security Policy dominated by statutory law enforcement should be reshaped in order to address security and privacy issues in a proper manner.
Discussion. Changes to Technical and Administrative Internet Security Policies
Personal health information may be used by covered entities to hire only healthy employees and, thereby, reduce insurance costs (McMahon, 2011). Insurance companies select medical codes of the patients that include submitted medical reports, laboratory data, and other sensitive information that is not considered as protected health information by the HIPPA (McMahon, 2011). Moreover, comprehensive authorization requirements are not specified by the Final Privacy Rule (Meigast et. al, 2006). There are various circumstances under which a healthcare practitioner can impose treatment on the patient, using indirect pressure to inquire person’s consent (McMahon, 2011). When covered entities use protected healthcare information to promote their own health-related products, a patient emerges in condition when he/she cannot remove herself/himself from a mailing list (McMahon, 2011).
Internet Security Policies should be centered on mechanisms and techniques of the data recycling via the Internet (Joos et.al, 2010). They should include basic stages of required identification and authorization and assume implementation of intrusion direction methods to be included in the effective Internet privacy protection (Vacca, 2006). These methods combining with the implementation of Internet protection programs are designed to reshape general security policy for the better Internet privacy protection (Meingast et. al, 2010). Therefore, the policies development should focus their attention on the following aspects:
1. Differentiating attributes of role-based access. Since a client, a practitioner, an insurance payer, and other parties may require access to medical data, the rules of authorization help to reduce the complexity of security administrative costs (Meingast et. al, 2010). These rules include: a) Static authentication, which provides protection against attacks of an imposter, who strives to set, insert or alter the information passed between the patient or practitioner and the server during authentication exchange and in the future session with the same password; b) Dynamic authentication, which makes authenticated data invalid for any subsequent session; and c) Continuous authentication, which prevents an imposter to access exchanged data, because it is marketed with protection signed algorithm (Vacca, 2006).
2. Across-state jurisdiction of the privacy issues. Current policy regulations are not fully effective in the Internet privacy protection because they mandate all the data to be stored electronically, but do not specify technical and administrative rules on how the accurate data storage can protect user’s privacy and security (Meingast et. al, 2010). Moreover, specific rules prescribe particular measures for different states and ignore the integrity and unity of the Internet security and protection (Herrick et.al, 2010).
3. Data mining rules and technological measures. The risk of disclosing sensitive patients’ information overweighs the chances of reducing expenses by a joint fraud detection effort (Grosskreutz, Lemmen & Ruping, 2011). The following sensitive information if threatened to be disclosed with the usage of the current Health Informational Technologies:
- Medical billing of hospitals and physicians;
- Computerized tracking of hospital’s supply accounts for profit and losses, and process payroll;
- Results of diagnostic images, which are also shared with other radiologists;
- Disease database on clinical trials (Herrick et.al, 2010).
Therefore, data mining seems to be effective, because it is based on encryption and secure evaluation of the data processing cycles between a patient and a practitioner (Grosskreutz et. al, 2011). Data mining can be processed and further assessed by the cycle’s calculation of the outcome of the data processing task (Grosskreutz et. al, 2011). Therefore, data computation is performed without revealing of the private data of any party to the other (Grosskreutz et. al, 2011).
However, the cost of the proposed techniques’ implementation stays a debatable issue, because its results could only be calculated after the introduction process.
Supporting Position of the Issue of the Cost of Additional Networks
After the Internet Engineering Task Force has promoted a new policy regarding the free sale of encryption technology, their items started to be considered harmful for national security, foreign policy, and law enforcement interests (Mariano, 2012). Moreover, the cost of this utilization, which is included into anti-virus software, can vary from $ 150,000 to $ 500,000 for a large enterprise networks (McCreary, 2005). However, the use of these technologies will greatly reduce the chances of an attack and may be a practical solution for small networks or private users (Mariano, 2012). Speed of backup and recovery time ensures safety and easy reference of the stored data (McCreary, 2005). The issue concerning the overloading of Internet networks with the amount of transmitted data can be solved by limiting such transmissions to the highly sensitive information (McCreary, 2005).
Therefore, the cost for the dedicated networks like SSL will be greatly reduced. This report suggests that companies should execute due checks of their employees’ backgrounds in order to avoid cases of international hazards (McCreary, 2005). In addition, current policy regulations require signing of the agreement between third-parties and healthcare providers on the same level of security regarding the stored data (Vacca, 2006). Despite the obscurity of the authorization requirements, it seems helpful for ethical and security monitoring issues (Brown & Brown, 2011).
Audience as a Decision-Maker on the Right of Immediate Supervision
Audience Identity and Needs.
The report addresses action-takers as primary readers, who will make decisions on the grounds of the report’s specifications. These are physicians, practitioners, and other employees. The report addresses secondary readers as well, such as IT staff, whose main concern is to advise action-takers on the sufficiency and proficiency of the proposed approach. The report studies relationships between clients and practitioners, and third-party payers, based on the policy regulations and structure of the working process. Intended use of the document is to provide informational help for healthcare practitioners and IT staff about the preferred conceptual and technological formalisms of ensuring the internet privacy protection. Barriers of understanding can be based on the lack of information about advanced encryption security technologies. Barriers of acceptance can be based on the stages of integration of the security issues with privacy of the working process. Readers have prior knowledge of the policy side of the matter, because it is directly connected to the working process. However, they do not know the background of the framework actions, which can reshape the Internet Security Policy. Readers need additional information, which is based on the practical implementations of the proposed technology jointly with the stages of the framework pyramid. Possible questions may be concerned audition of the security manager, who will hold encryption key data and what practitioners and physicians should know about privacy and security requirements of the working process. Audience’s attitude toward the topic will be considered, because they will have to value various aspects of the issue. The audience’s probable objection may concern cost of the technology implementation and time needed to prove its effectiveness. The audience's probable attitude toward this writer may be tenacious and tolerant, because of the time that was spent on the composing and production of the report. The organizational climate may be creative, because audience includes experts of the technological field, who can enforce research-proposal with proficient suggestion. The staff and healthcare practitioners are the most affected persons by this report, because their working agenda and procedures are suggested to be changed. Audience temperament will be serious, because the issue is about policy and conceptual changes. Probable reaction to the document can be curiosity, because new aspects of the policy matters will be brought to light. The report is at risk of alienating those employees, who were using advantages of the obscure authorization requirements and collected sensitive information without patient’s consent. Audience Expectations about the Document
Internet privacy problems, which concern electronically stored healthcare information threats and spyware attacks, are the reason why this document was originated. The acceptable length of details is concise, because it includes the main points of technological and legal requirements of the privacy protection issues. Material is important for this audience, because its conclusions help to deal with fraud. Most useful organizational pattern concerns framework integration of conceptual and technological working processes, described in the problem-solution. The appropriate tone of the document is businesslike, because it approaches legal, technical and ethical issues of the technological processes. Intended effect of the audience is considered to be effective for changing behavior to the practicing of the organizational processes.
The Healthcare Insurance Portability and Accountability Act of 1996 requires healthcare organizations to ensure confidentiality and availability of the electronically protected information for clients and their third-party payers. However, these covered entities’ have dominant decision on the level of privacy and security provisions. Moreover, the direct access of the third-party payers to patients’ sensitive information, which can be further used against them in the legal procedures, makes patients’ consents about prescribed treatment imposed obligatory. Vulnerabilities and threats, which violate healthcare internet privacy and security, occur because of these conditions. ,
Changes of conceptual framework processes and steps of ensuring healthcare internet security and privacy are needed to be unified. Encryption technology is assumed to be effective to prevent possible hazards and help to initiate contingency plan of the emergency recovery with the help of backed up copies of the healthcare data.
Internet Security Changes are considered to be oriented on the processes of authentication and authorization and assumed to be effective by imposing of role-based access to the data, which privacy and security requirements are the same across all the states, and data mining is an essential approach for the healthcare’s information protection.