Authors:
Anja Perlich
;
Andrey Sapegin
and
Christoph Meinel
Affiliation:
Hasso Plattner Institute and University of Potsdam, Germany
Keyword(s):
Medical Documentation, Information Security, Mental Health Care, Client-Server Application, Patient Data.
Related
Ontology
Subjects/Areas/Topics:
Biomedical Engineering
;
Clinical Problems and Applications
;
Confidentiality and Data Security
;
Health Information Systems
;
Software Systems in Medicine
;
Therapeutic Systems and Technologies
Abstract:
Keeping data confidential is a deeply rooted requirement in medical documentation. However, there are increasing
calls for patient transparency in medical record documentation. With Tele-Board MED, an interactive
system for joint documentation of doctor and patient is developed. This web-based application designed for
digital whiteboards will be tested in treatment sessions with psychotherapy patients and therapists. In order to
ensure the security of patient data, security measures were implemented and they are illustrated in this paper.
We followed the major information security objectives: confidentiality, integrity, availability and accountability.
Next to technical aspects, such as data encryption, access restriction through firewall and password, and
measures for remote maintenance, we address issues at organizational and infrastructural levels as well (e.g.,
patients’ access to notes). With this paper we want to increase the awareness of information security, and promote
a sec
urity conception from the beginning of health software research projects. The measures described
in this paper can serve as an example for other health software applications dealing with sensitive patient data,
from early user testing phases on.
(More)