Data protection and security is the most critical success factor for an electronic health records (EHR) application. Storing health information in electronic form raises concerns about patient privacy and data security. A secure EHR solution must guarantee adequate protection of the confidentiality and integrity of patient information.
While patient information needs to be shared between different stakeholders for providing satisfying care, the sharing of such information should protect personally identifiable information (PII) as it moves through the healthcare system.
For a secure healthcare EHR application, the following security controls need to be in place:
These controls are intended to reduce attacks. These should include warnings and signs informing potential attackers that there will be adverse consequences for them if they proceed - such as legal action etc. These controls reduce security threats.
These controls prevent security breaches. These include authentication and authorization mechanisms and removing software and system vulnerabilities against known attacks.
These controls detect and react to security incidents. These controls include monitoring system wide events, detecting intrusions by matching events against attack patterns, etc.
Corrective controls correct the security breaches and aim at limiting the damage. These include restoring data from a backup in the event of data loss or corruption, blocking users from access to the system that are suspicious, changing encryption keys and passwords, etc.
Data, both in transit and at rest, needs to be protected. Critical patient information needs to be stored in encrypted form and transmitted in secure connections such as SSL/TLS. The secure connection needs be end-to-end. Data backups also need to be stored in encrypted form.