Affiliation:
1. Department of Computer Networks & Communications, CCSIT, King Faisal University, Al Hassa 31982, Saudi Arabia
Abstract
The healthcare industry has been shifting toward electronic health records to improve operations, reduce overhead expenditure, and provide better healthcare. Electronic health records (EHRs) are supposed to offer the same levels of confidentiality and privacy as paper records, which have been used for decades. However, this is not the case, as the technology used to access, transmit, and store records poses a high risk to patients and healthcare organizations. Employees are a big risk to EHRs, as they use their devices to access information about a patient and discuss such records with other employees. Healthcare professionals also access patients’ records illegally. Such security loopholes have a high impact on EHRs, as people with malicious intent can use the records to access their financial records or blackmail them. External access to EHRs by cyber attackers poses the highest risk to the records and patients, as attackers are primarily driven by financial gain. On the contrary, internal access to data, though unethical, does not pose a grave danger to patients, as the employees mainly discuss the cases within themselves without any financial incentive to access the data. The current research provides a risk analysis of EHRs, the source of security problems, the impact of the risks involved, and risk management best practices that healthcare organizations can use to protect patients’ data.
Funder
Deanship of Scientific Research, Vice Presidency for Graduate Studies and Scientific Research, King Faisal University, Saudi Arabia
Reference25 articles.
1. Tsai, C.H., Eghdam, A., Davoody, N., Wright, G., Flowerday, S., and Koch, S. (2020). Effects of electronic health record implementation and barriers to adoption and use: A scoping review and qualitative analysis of the content. Life, 10.
2. Privacy in electronic health records: A systematic mapping study;Tertulino;J. Public Health,2023
3. Fox, A. (2024, May 10). Community Health Systems reports Go Anywhere hacked. Healthcare IT News, Feburary 2023. Available online: https://www.healthcareitnews.com/news/community-health-systems-reports-goanywhere-hacked.
4. Alder, S. (2024, May 10). 11.27 Million HCA Healthcare Patients Affected by Recent Cyberattack. HIPAA J. July 2023. Available online: https://www.hipaajournal.com/hca-healthcare-cyberattack-data-breach-2023/.
5. Security and privacy of electronic health records: Concerns and challenges;Keshta;Egypt. Inform. J.,2021