Indian Electronic Health Records(EHR) Standards – Part 3: Security and Privacy guidelines in designing a Cloud EHR

EHR standards for security and privacy of health dataDiscussions about privacy and security of personal data has been holding centre stage recently in light of the many high profile data theft and misuse of personal data that involves some of the most prominent technology companies in the world. With technology taking centre stage in almost all areas of human endeavour, countries across the world are racing against time to bring out regulations to safeguard personal data. The European GDPR is a case in point.

This is even more important in the case of intensely personal and private data such as EHR. EHR systems requires safeguards to ensure that the data is available when needed and that the information is not used, disclosed, accessed, altered, or deleted inappropriately while being stored or retrieved or transmitted. Given the pace at which technology adoption is evolving in healthcare, the only acceptable strategy for an enduring solution is to follow some basic design guidelines while designing EHR systems.

From the beginning the Indian EHR standards has made it point to treat data security and privacy as integral to the core of the standards. It attempts to do this through the following strategies:

  • Establish the person as the owner of their health data
  • Provide guidelines on the design of technology systems that manage EHR data to ensure that the data is inherently secure
  • Include administrative and physical access standards to protect the data falling into the hands of unauthorized users within an organisation

Ownership of EHR

By giving the person ownership of their EHR, the standard renders providers and any other agency holding EHR as only custodians of the data and thus limit the rights on the data. This reduces the chances of such agencies wilfully using anybody’s personal health data for purposes other than to provide care to the person.

The providers are also required to maintain the data in an interoperable format and make it available to the person in a pre-defined electronic form for use in future care situations.

Building security into the design of EHR systems

The standards include a wide range of recommendations to follow while designing EHR systems so that they remain inherently secure over a wide use case situations. At a generic level these include all the common security strategies employed by modern technology solutions including user authentication, authorization, access privileges, access control, automatic log-off, data encryption and transit data integrity. As these involve implementation specific strategies which are discussed in detail in many easily available articles, we will not be explaining them further in this post.

Apart from the above common domain agnostic guidelines, the Indian EHR standards include some guidelines which are very specific to the Healthcare domain. These are discussed in more detail below:

Segregation of personal and EHR data

The EHR standards recommends a complete segregation of the Demographic and EHR data in any EHR system. A person’s privacy in breached when a compromised EHR is identifiable as belonging to them. Any system where these data are managed separately and brought together as required in a usage context remains inherently secure. For such systems to be compromised, multiple services (a minimum of 3 including EHR, Demographics and Integration service) have to be compromised, making it difficult for an attacker.

Versioning of EHR data

Given the critical nature of health data, the standards mandate that health data should never deleted or destroyed completely. It further requires the systems to ensure that the older version of any data that has been modified are always available for review. The recommended strategy to address the above requirements is to version all EHR data. Any modifications to the data should create a newer version of the data, while all the previous versions are still maintained and available as required. Deletion of any data should create an new version with empty data set which co-exists with the previous versions. This ensures that the integrity of data is maintained and verifiable at all times.

Audit log

The Indian EHR standards require systems to maintain a detailed audit trail of all activities that happen. Such audit information should record date, time, record identification, user identification and the particulars of the action, whenever any electronic health information is created, modified, deleted or accessed(view & print). These should in turn be available to be electronically displayed or printed for user/administrative review. Further EHR information shared between organisations should contains sufficient identity information such that the receiver can make access control decisions and produce detailed and accurate security audit trails.

As you can see from the above privacy and security of health data is one of the cornerstones of the Indian EHR standards and provides a high level of guarantee to the end user regarding cloud based EHR solutions that are aligned to standards. Cloud based solutions now provide a very attractive option owing to their ease of access, lower cost and continuous improvement. Thanks to the Indian EHR standards, you now have a firm set of guidelines to ensure that the systems that you select are designed with security for your customers’ data.

Healthelife’s EHR.Network repository and AyushEHR are designed in line with the EHR standards and will continue to evolve with them. To know more about how we can help you get the best cloud EHR solution for your organisation, please contact us.

Leave a Reply

Your email address will not be published. Required fields are marked *