This seminar, by UNU-IIST Post-Doctoral Fellow Dr. Nafees Qamar, focuses on an understanding of privacy and security issues in electronic health records (EHRs) and their features discrepant to ordinary information systems.
The challenging issues to be addressed in EHRs fall outside the scope of applying general information security principles and, thus, demand innovative solutions coping with centralized and distributed EHRs. For example, confidentiality, integrity and availability of EHRs have become a legal requirement instead an ordinary system development goal. Moreover, a general practice in the healthcare domain expects high ethical standards from medical professionals, which is however contradicted by the involvement of other stakeholders such as insurance companies. There is a need to differentiate between the terms security and privacy of EHRs that often mislead and are used interchangeably.
The seminar also investigates risks to EHRs, including internal threats (i.e., system users) and external threats (i.e., cryptographic vulnerabilities), and briefly discusses an approach to mitigate internal threats usually considered more crucial for the reported medical data breaches from within. The speaker also will share some insights and future guidelines related to privacy and security of EHRs.
UNU-IIST Seminar Room