Hello Everyone,

How are Electronic Health/Medical records secured? Say that if EHRs are integrated by a central system or common standards, in that case what kind of data security is expected? Also what kind of data are considered critical that would require absolute protection?


-Nandhini (MS in MIS Student)

You need to be a member of Health Informatics Forum to add comments!

Join Health Informatics Forum

Email me when people reply –


  • Hi Nandhini,

    Health data security is a complex topic. In Western Europe, a central system hosting EHRs is subject to stringent national  legal regulations covering organizational, physical, personnel, technical and logical aspects of a system aiming at demonstrating the respect of information privacy. One key issue is the management of patient consent to guarantee that specific security policies can be applied with a fine granularity. The consent is a representation of the patient relationship with his medical team. Although medical data is critical on a security standpoint, the way to achieve data protection encompasses most facets of the information system. There are many ways to secure EHRs depending on the actual deployment and operational concepts, the approach consists of the combination of legal requirements and security risk evaluations (for example using OCTAVE methodology) and implementing the appropriate measures and controls. Basically, this is a significant tasks covering a broad range of aspects, and hence there is no simple answer to your question.

    Cheers -- Christian

    • Thank You Mr. Chevalley. I can understand from your response that the data protection carried out for most of the other types of information systems is applicable to health data as well but is there anything specific to the health data that is also required on top of regular data security as you said that health data are critical?

      • What is required on top of "regular" data security is ensuring that the patient consent is applied to control accesses to health data on a need to know basis. For example, a patient enrolled into a drug addiction program consults various healthcare professionals and other staff, potentially each with different access rules depending on what the patient deems acceptable to disclose: drug abuse status, HIV, psychiatric data and other health issues, depending on who will access and in which context... That is, the access shall be discretionary for each block of information or even down to the data level on a per person to person basis (note this can be factorized). A RBAC approach does not fit this bill.

        There are also other aspects: anonymization for external data usage (this will imply some "smart" to ensure exposed data are sufficient without compromising identity), fine grained auditing of accesses and capability to erase whole patient information from the system on patient's request.

        The measures to ensure patient consent is enforced throughout the information system is the most difficult and complex issue in my opinion.

  • If you are interested in NHS data security, have a look at the NHS Information Governance Toolkit:


    In the US, HIPAA covers medical records security - http://www.hhs.gov/ocr/privacy/ contains lots of useful info.

    Best wishes,


This reply was deleted.