Health is a major concern for everyone in this world. The implementation of Information and Communication Technologies in the medical field has modified the present definition of health care. It suggested the solution that can benefit both patient as well as health care professionals. eHealth provides solutions in a wide spectrum and it includes various health care products, systems and services. It includes tools for health professionals as well as for patients and citizens. Various services or systems that are covered under eHealth are; health information networks, electronic health records, telemedicine services, Consumer health informatics, Healthcare Information Systems, Health knowledge management.
Patient’s share their health information with their physician in order to improve their health treatment. Patient’s Information is stored in Electronic Health Record. It has been observed from a survey conducted in Sweden that 95% of all documentation in primary care is made in electronic healthcare records (1). Almost 55% of the Pharmaceutical prescriptions are issued digitally in Sweden and transmitted directly to the pharmacy store (1).
The challenging issue which is associated with the eHealth system is the protection of Medical Records. Since the data is transmitted over the network from one place to another so it is suffering from the major security concern. An electronic medical record (EMR) stores personal data which includes medical test results, prescription, hospitalizations, etc.
Privacy in the ehealth system can be classified into two categories; Content oriented privacy and contextual privacy (2). So eHealth system can be termed as a secure system if it can deal with both these aspects of privacy. Content oriented privacy indicates the capability or authority of the health care stakeholders in disclosing the patients’ personal information to other parties (marketing, insurance) whereas contextual privacy indicates the ability of a malicious entity to guess the disease of a patient correctly by identifying the field/domain of his physician.
In earlier days physicians used to use paper charts for recording the encounters with the patient. Details about medications, lab tests, X-rays etc the patient has taken, needs to be recorded in the chart for future reference. As the medical care became more and more complex, it became tedious for physicians to maintain a good patient record on these paper charts. They needed new technologies to help them to cope up with the increasing needs.
With the advancement in the information and communication technologies, the idea of storing the patient records electronically came in around 1960’s, when Dr. Lawrence Weed introduced the concept of Electronic Health Record. Weed’s innovation allowed a third party to verify the diagnosis to avoid any errors. In 1972, Regenstreif Institute developed first medical record system which combined both inpatient and outpatient data recording (3). Electronic Health Records (EHR) Systems stores the entire health and medical history of a patient in a computerized, electronic format. The record includes the details about patient demographics, progress notes, medications, past medical history, vital signs, laboratory data, immunizations and radiology reports. Keeping these vast records in this organized manner, makes it more efficient to retrieve and maintain, when compared to the paper charts (4).
As the medical care and the information technology became more and more complex, it became necessary to share the patient records among the various medical departments like clinical, nursing, laboratory, radiology, hospital administration etc in order to maintain a proper medical record about the patient. When the health records including sensitive data about the patient were shared electronically among the different departments, privacy and security problems became a major challenge to the EHR systems.
The recent studies on security and privacy concerns in EHR systems shows that, there is increasing number of threats resulting from the distributed and decentralized implementations of EHR Systems, and also the use of communication over open and insecure internet. Unauthorized accesses, Denial of service are to name a few. Lack of standardization among these systems made it very difficult for the system administrators to implement a secure system (5).
The main problem associated with an eHealth system is the privacy, security and confidentiality of Electronic Health data (EHD). EHD stores private and sensitive data of the patient and data of EHD is used by physicians, nursing, laboratory, and pharmacy. The publication of personal sensitive data can seriously compromise the patient privacy. Due to this reason many individual does not go for eHealth treatment since they are afraid of the loss of their Health record including information about their illness or disability. In a survey conducted in Canada, it has been found out that 11-13% of Canadians have held back information from a health provider because they were afraid of the privacy of their data (6). In a survey conducted in America, 77% of the population is concerned about their medical information being used for marketing purposes (7). We are trying to figure out the people’s concern about the privacy of their health care record at Stockholm. We will examine the opinion of public regarding the privacy of their health information and accessing eHealth service.
The research questions drawn from the above problem set are:
To what extent, privacy of health care records affects the individual’s decision of accessing eHealth service?
Are there certain groups of people for whom the privacy is a major issue while accessing the eHealth service?
The purpose of conducting this research is to examine the present scenario of the Health care system in Sweden. Research result will be helpful for patient, health care professionals and health care organizations. How the present scenario related to the privacy and the confidentiality of the Health care data is affecting the decision of accessing the eHealth Service. This survey will help to reveal the importance of Security in this field.
In this section, we presented the description of the research methodology conducted in this paper, followed by the limitations of the research carried out and the reasons of such limitation.
We are going to select inductive reasoning method for our research work. We will draw generalized conclusions from a finite collection of specific observations.
Literature Review & previous studies: we will study different literatures in the form of research reports and surveys which is conducted on EHR privacy in different parts of the world and then we will identify the present challenges related to patient privacy in Electronic health.
Survey: we will formulate a questionnaire based on the identified privacy challenges and conduct a survey among the public to collect data. The questionnaire will be around 10-15 questions which will mainly focus on the awareness of e-health privacy among patients. The sample size for our survey will be around 100-150. Also we are planning to use the facts and figures available in the Internet as a secondary data source for our research. Suggested below are some of samples
Do you think that your doctor should be able to access all your medical record in order to provide the best care?
Are you willing to share your personal medical information to help government officials to research on disease outbreaks?
Do you think that you should be able to access all of your medical records to verify the correctness of the medical record?
How concerned are you about your medical records being used by marketing agencies?
Formulating the Guidelines: Analyze the data collected, to derive a statistics on the research questions. We will be using IBM’s SPSS tool to analyze the data collected and derive the statistics based on it. This statistics will help to find out how much the people are concerned about the privacy in EHR systems.
Revising the guidelines: Based on the statistics, draw a conclusion and suggest ways to improve the privacy of patient’s sensitive data in e-Health.
Report writing: The report will be constructed detailing the privacy challenges in EHR system and will point out the feasible suggestions.
Because of the time constraint, the population that we are targeting for this survey includes only undergraduates, graduates, post graduates and post doctoral students (age group 18-35) in KTH (both Main Campus and Kista Campus).
We are conducting this survey on limited range of age group, so the result will not include the opinion of elder citizens.