Authentication, 10, 86-92, 115, 161, 169-170, 217.

See also Encryption

biometric, 92

of EMR creators, 10, 89, 101, 106, 177

of EMR users, 8, 62, 88-89, 140

reauthentication, 121

recommended improvements in, 89-92, 176-177

at remote locations, 8, 89, 104, 133, 171-172

token-based, 10, 88-89, 91-92, 125, 163

Authorization forms, 135-137

improving, 9, 174-175

Availability of data, In, 61, 65, 82, 93-94, 117n, 129

B

Backups, 8, 111-112, 116, 171, 218-219

recommended improvements in, 112

Backup tape disposal. See Degaussing

Bastion host, 103

Billing systems, 2, 160

Bill of rights, patient, 136

Biometric technologies. See Authentication, biometric

Blackmail, 57n

Break-in scripts. See Access controls, monitoring

C

Capitation system, 23

CERT. See Computer emergency response team (CERT)

College of Health Information Management Executives, 13n, 183n

Committees, 138-139.

See also Institutional review boards (IRBs);

Security and confidentiality committees

Common law protections, 39, 46

Common Object Request Broker Architecture (CORBA), 111

Complaints. See Patient privacy, complaints about

Compliance issues, 4, 33, 239-241

Computer-based Patient Record Institute (CPRI), 13n, 48, 150-151, 178, 183n

Computer disposal. See Degaussing

Computer emergency response team (CERT), 11, 106, 113-114, 179-180

Computer failure. See Backups

Computer Security Institute (CSI), 55

Confidentiality, 9, 11

defined, 1n, 20n

policies for, 130-131

warning screens, 146-147

Confidentiality agreements, 149-151

Confidentiality committees. See Security and confidentiality committees

Congress, recommendations for action by

for funding, 11, 179-180

for legislation, 12, 52-53, 186-187

Consensus-style decision making, 139

Consequences, adverse. See Privacy, interests at stake

Constitutional protections, 38-39, 42-43

Consumer awareness initiatives, 13

Consumer concerns, 45, 164.

See also U.S. Office of Consumer Affairs

Continuing medical education courses, 144

Controls. See Access controls;

Audit trails;

Linkage of records, controlling;

Rights management technologies;

Secondary use, controlling;

Software discipline

CORBA. See Common Object Request Broker Architecture (CORBA)

Core dump analyses, 121

CPRI. See Computer-based Patient Record Institute (CPRI)

Critiquing engines, 26

Cryptography. See Encryption

CSI. See Computer Security Institute (CSI)



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement