The healthcare industry is highly regulated by a complex statutory and regulatory framework at every
level. Electronic commerce in such a highly regulated industry presents some challenges to say the least. States have approached e-commerce in a myriad of ways, leaving consumers and businesses confused as to whose law applies.
Electronic records and signatures are essential elements of many electronic transactions, particularly in healthcare. Electronic signatures that can't be forget. It is a computed digest of the text that is encrypted and sent with
the text message.
A digital signature created by use of encryption keys can provide this high level of security because it ties an originator's identity to an electronically transmitted message by means of an algorithm. The
digital signature is not a computer's "picture" of a handwritten signature, but a condensed mathematical representation of the message itself that can be created only by the originator using a private encypted key. Thus,
a digital signature provides authentication of data and user.
Signatures and Certificates
A digital signature ensures that the document originated with the person signing it and that it was not tampered with
after the signature was applied. However, the sender could still be an impersonator and not the person he or she claims to be. To verify that the message was indeed sent by the person claiming to send it requires a digital
certificate (digital ID) which is issued by a certification authority. See digital certificate. For example:
The sender uses a one-way hash function to compute a small digest of her text message. Using her private key, she
encrypts the digest, turning it into a digital signature. The signature and the message are then encrypted using the recipient's public key and transmitted. The recipient uses his private key to decrypt the text and derive the
still-encrypted signature. Using his public key, he decrypts the signature back into the sender's digest and then recomputes a new digest from the text message. If the digests match, the message is authenticated. Digital signatures
are a fundamental component of business in cyberspace. And numerous laws, state and now federal, have codified digital signatures into law. These laws are a mistake. Digital signatures are not signatures, and they can't fulfill
their promise. Understanding why requires understanding how they work.
Health cares information and its use
E-SIGN provides guidance on how records may be stored and retained electronically. If a document is
required to retain by law, an electronic version of the document will be acceptable. The electronic document accurately reflects the information in the record and is accessible to all relevant people in a form that may be
accurately reproduced at a later date, whether by printing, electronically transmitting or other means. No specific type of technology is mandated by E-SIGN. The law is technology neutral; allowing individual parties to choose the
technology that best suits their needs. The term "electronic" is defined broadly in E-SIGN and means related to technology having electrical, digital, magnetic, wireless, optical, electromagnetic or other similar
capabilities. Under E-SIGN, the term "transaction" means an action or set of actions relating to the conduct of business, consumer or commercial affairs between two or more persons. The term "electronic record"
means a contract or other record created, generated, sent, communicated, received or stored by electronic means.
Health care records (HCR) include both informations relating to the physical or mental health of patients, and
information regarding the provision of health care by health care practitioners or health care facilities. Relatives, social workers and other third parties may supplement personal health information provided by the patient. The
provision of health care is recorded in the professional notes, observations and opinions of health care practitioners and administrative staff. These data are entered into the health care record not only by the health care
practitioners caring for the patient (including physicians, dentists, nurses and professions allied to medicine) but also by professionals providing support services, non-clinical staff acting on the professionals behalf and even
by patients themselves. This diversity of origin and use of health care data present problems of security in the conventional and electronic health care records.
Issues in security of electronic health care records
EHCR are health care records that are stored, processed or transmitted using computer technology. The EHCR enables information to be used simultaneously by many individuals who may be remote from each other and from the
patient, but this can be achieved only by use of the appropriate computer equipment. Thus the user who has no access to the necessary hardware or lacks the skills to operate it may be denied the information. In contrast, it is
possible for those with the skills to examine and alter computer records without leaving any indication of their actions.
Computerised records can be stamped with the identity of the users who create or modify them, although
the mechanisms by which most computers currently confirm the user's true identity, such as through password control, leave much to be desired and impersonation is not difficult. To compound the problem, identical copies of EHCR can
be made at will, often without trace, readily transmitted over networks that now encircle the globe and linked with other data about the same individual to compile detailed profiles of their life style, health and financial status.
Ethical and legal aspects
The consequences of using an insecure information system in health care are far reaching. Patients may be embarrassed by, or socially ostracised following, disclosure of sensitive
information about mental health, sexually transmitted diseases, adolescent care, drug addiction and genetic fingerprints. Their clinical care may be compromised by inaccurate or missing data as a result of unauthorised
modification, from system malfunction or due to errors in program design. There is the potential for serious harm or death should such errors remain unrecognised. The EHCR must therefore be designed, implemented and run in such a
way that the potential to harm the patient is minimised. Information security is a complex and highly technical subject with which even computer professionals are rarely fully conversant. Very few health care professionals have
sufficient understanding of the principles of information security to confidently assume responsibility for security of information.
If properly designed, access to EHCR can be controlled more comprehensively than is
possible with the conventional HCR. The introduction of the EHCR thus offers the opportunity to comply more closely with the ethical requirement to respect the individual's right to privacy while not impeding the freedom of access
to information needed by the clinicians involved in delivery of health care.
In either case, We would suggest that the overall responsibility for security of health care data in a health care facility rest with the most
senior clinician (e.g. the medical director or Dean) or delegated authority. There is no justification for access to health care records to be controlled by the administrative staff who own or operate the computer system holding
EHCR, even though they may have the responsibility to ensure that the mechanisms controlling access are applied effectively. Regular audits of these security measures should be conducted but physical controls such as encryption may
be necessary where regular monitoring is not considered feasible.
Special Consumer Protections
The term "consumer" means an individual who obtains, through a transaction, products or services, which
are used, primarily for personal, family or household purposes. E-SIGN imposes special requirements on anyone obligated to provide written disclosures to consumers. Those special requirements are imposed to ensure that consumers
can make fully informed decisions about electronic transactions and to provide some protection for consumers. Essentially, E-SIGN provides that the consumer must have affirmatively consented to receive the required information
Under E-SIGN, threshold questions in healthcare are whether a proposed arrangement is a transaction for purposes of E-SIGN, whether the transaction is affecting or in interstate commerce, whether a consumer
is involved and what exceptions, if any, apply. If it is assumed that E-SIGN applies to electronic healthcare transactions (and in most cases that may be a reasonable assumption), there still are many unanswered questions about how
electronic commerce in healthcare should be conducted.
In sum, there is one safe rule to follow when determining which laws or regulations govern a particular healthcare transaction involving the use of
electronic records or signatures: closely consider all of them. Assuming each is consistent with E-SIGN, it is highly likely each will apply. The healthcare industry could achieve greater convenience and efficiency by adopting a
national standard regarding the use of electronic signatures. As a term, "electronic signatures" refers to any electronic means to indicate consent to the content of a transaction (eg, handwritten signatures that are
recorded electronically or digital signatures). The great potential of computerised information in health care will be realised only when health care professionals and patients alike feel confident about their personal records
being held on computer. It is imperative the health cares professions for quickly to implement such measures to create a secure environment for the electronic health care record. The time is ripe for creation of a national
electronic-signature standard. Many vendors already require that correspondence be in electronic form and have received support from state contract law that signatures need not be handwritten.
R, Steen E (Eds.) The computer based medical record: an essential technology for health care. Institute of Medicine. Washington: National Academy Press, 1991
Griesser G, Bakker A, Danielsson J, Hirel JC, Kenny DJ, Schneider
W, Wasserman AI Data Protection in Health Information Systems: considerations and guidelines. IMIA Working Group 4 1980. Amsterdam: North Holland
Bakker AR. Security in medical information systems In Yearbook of Medical
Informatics 93 1993. Stuttgart: Shattauer, pp 52-60
Rienhoff O. Digital archives and communication highways in health care require a second look at the legal framework of the seventies. Int J Biomed Comput 1994 35 (Suppl 1):
Barber B, Jensen OA, Lamberts H, Roger F, de Schouwer R, Zöllner H. The six safety principles of health information systems In Medical Informatics Europe 90 (O'Moore R et al Eds.) Lecture Notes in Medical Informatics
1990 40: 608-613
Roger France FH, Gaunt PN The need for security - a clinical views Int J Biomed Comput 1994 35 (Suppl 1): 189-194
DePotter S, Aimé F, Sauquet D, Ricour C, Degoulet P. Utilisation du minitel dans UN
service de nutrition parentrale B domicile. In: Télématique et Télémédicine (Roger France FH, Albert A. Eds.). Technologie et Santé, CNEH, Paris 1993, pp 97-99
Benhamed M, Clément G, Tournade MF Tel-HBD Suivi télématique de
patients traités á domicile. In: Télématique et Télémédicine (Roger France FH, Albert A. Eds.). Technologie et Santé, CNEH, Paris 1993, pp 100-105
Moehr JR. Privacy and security requirements of distributed computer based
patient records. Int J Biomed Comput 1994 35 (Suppl 1): 57-64
Schloerer J. Identification and retrieval of personal records from a statistical data bank. Methods of Information in Medicine 1975 14: 7-13
Katsikas S, Keklikoglou J, Tomaros A. Determining accesses rights for medical information systems. Computers and Security 1992; 11: 149-161
Roger France FH, Noothoven van Goor J, Staer Johansen K. Case-based telematic
systems towards equity in health care. Amsterdam: IOS Press. 1994
Weed LL. Medical records, medical education and patient care: the problem-oriented record as a basic tool. Case-Western Reserve University Press, 1969
Kerland LT, Molgaard CA, Weigel K M The minimum basic data set and epidemiologic research: the Mayo Clinic experience. In: Lambert PM, Roger FH (Eds) Hospital Statistics in Europe. North Holland Publishing Company, 1982, pp 25-42
Gostin LO, Turek-Brezina J, Powers M, Kozloff R, Faden R, Steinauer DD. Privacy and security of personal information in a new health care system. J Amer Med Assoc 1993 270: 2487-2493