Analysis of the Security and Privacy Requirements of CloudBased Electronic Health Records Systems

From Digital Culture & Society

Contents 1 Find article online: 2 Context 3 Overview 4 Strengths and Weaknesses 5 Assessment

[edit] Find article online:

Rodrigues, J. J. P. C., de la Torre, I., Fernández, G., & López-Coronado, M. (2013). Analysis of the security and privacy requirements of cloud-based electronic health records systems. Journal of Medical Internet Research, 15(8), e186–e186.

D.O.I: https://doi.org/10.2196/jmir.2494

[edit] Context

This article focuses on considering how Cloud Computing paradigms affect the privacy and security of eHealth systems. Cloud computing systems have been used before for various storage and archiving purposes of information online. In the realm of eHealth, it serves a similar purpose to manage ongoing influxes of patient data. It offers on-demand availability for information like Electronic Health Records to be hosted and distributed on Cloud servers. However, when dealing with such private information by platform migration, the concern is whether it is secure enough to protect such information. Cloud service providers need ways to guarantee protection for patient privacy by ensuring that the security mechanisms placed are reliable. Health companies need security precautions that allow only authorized users to access their cloud databases to prevent giant breaches of sensitive information. The government requires Cloud service providers to have fulfilled various security requirements to ensure the safety of the patient’s privacy. Security laws differ between countries, but legal frameworks provide a basic idea of how Cloud service systems should work to regulate and safeguard medical records. Precaution still needs to be made when using these Cloud Computing platforms to know if their security is reliable enough for patients to trust.

[edit] Overview

The article's main question addresses whether cloud computing systems can guarantee patient data security, confidentiality, and privacy. It also addresses the security and privacy considerations for healthcare organizations. It queries if deploying cloud computing systems to handle EHRs. The article's first part elaborates on the issues and quotas for EHR security. The second part describes the requirements for Cloud-based EHR management systems to ensure security. The paper also provides suggestions for healthcare personnel to understand the process. The research consisted of reviewing published articles from mostly Medline sources. It contained information about security and privacy protocols different Cloud computing providers use for creating their platforms. The main worry for healthcare providers in moving patient data to Cloud systems is the information's influence by a third party. A solution the article provides is that cloud clients should be aware beforehand of transferring data to Cloud platforms. Patients and healthcare providers should be acquainted with the security service the Cloud system provides and demand full transparency. The third party must also comply with the certifications and requirements for stored data to be trusted. Monitoring considerations are also brought through automated tools and configured notification alarms to help track information within the stored cloud system. Further information about considerations and methods for Cloud systems safely storing health data are described in the article. The main conclusion highlights that storing EHRs in the Cloud requires a transparent process to avoid unauthorized access and data breaches. The patient also should be informed about the current status and handling of their data.

[edit] Strengths and Weaknesses

Starting with the strengths, one of the main positives is that the article neatly organizes the information for the reader to view easily. Most academic article papers may be daunting for the average citizen when reading. The article's formatting is digestible including clear headings for various sections and short but clear statements. It is helpful for citizens and health personnel to understand how Cloud systems work and ultimately spread awareness of the precautions needed to keep the information that those services provide responsibly. Another strength the article discusses is the clear requirements and suggestions for electronic health records security. Definitions and examples are in a clear table within the article. It gives a brief overview of considerations to protect EHRs. The table includes authorized access, confidentiality, patient consent, and information relevance. A weakness of the article is that its publish date is 2013, so the cloud system requirements and suggestions pertain to that technological era. As of 2023, cloud systems have evolved. Quantitative data could also be useful for this article to see how cloud systems are fair with security. There could be studies with overall user satisfaction with their health data on Cloud.

[edit] Assessment

While the article is outdated by over a decade, it still provides information regarding the issues Cloud systems could have with the privacy and security of a patient's health data. The article does manage to answer its question wondering if Cloud platforms provide reliable security. Cloud systems offer EHR management a huge shift in becoming revolutionary for storing and retrieving data. However, the trust between Cloud providers needs to be apparent and transparency over data management needs to be validated. Comparing how other Cloud computing companies handle their security terms could be valuable in finding the most reliable provider for health organizations. Both patients and health providers benefit from this article because they can understand the workings and handling of EHRs. Information regarding more recent Cloud computing paradigms is required for the viewer to have a more updated understanding of how they affect data storage.

cs20tj 16:11, 08 December 2023 (EDT)