Secure transmission of shared electronic health records
Faculty of Computing, Health and Science
School of Computer and Information Science / Centre for Security Research
Paper-based health records together with electronic Patient Management Systems remain the norm for hospitals and primary care practices to manage patient health information in Australia. Although the benefits of recording patient health information into an electronic format known as an electronic health record (EHR) are well documented, the use of these systems has not yet been fully realised. The next advancement for EHRs is the ability to share health records for the primary purpose of improved patient care. This may for example enable a primary care physician, with the patient's consent, to electronically share pertinent health information with a specialist, providing timely information transfer and reducing the need for replicated testing. Australia is in the process of adopting a national approach to an integrated health records solution. The Australian National Ehealth Transition Authority (NEHTA) has released their lnteroperability Framework together with specifications and standards for secure messaging in E-health. This is expected to promote an environment in which vendors competing for market share will develop medical applications that are interoperable. With an aging population and the baby boomers preparing for retirement, it is anticipated that these initiatives may Indirectly help to reduce the anticipated strain on the health care budget. Anticipated secondary benefits include the collection of de-identified information for public health research and the development of health management strategies. This paper discusses NEHTA's secure transmission initiatives and the resultant security issues related to the transfer of shared EHRs.