Ensuring security of high-risk information in EHRs.

摘要

Healthcare organizations are entrusted with the most private information of their patients and employees. They have a legal, moral, and ethical duty to protect all clinical and research information by ensuring that security and privacy safeguards are in place. A higher degree of control is necessary to prevent unauthorized access to especially sensitive information. This is particularly true within the context of the electronic health record (EHR).This practice brief identifies categories of health information that are afforded special protections under law or may otherwise require a higher degree of security. It recommends system features and practices that will help secure sensitive information in EHRs and afford organizations satisfactory assurances that sufficient safeguards shield this information from misuse.