Security, privacy, and confidentiality issues on the Internet
- PMID: 12554559
- PMCID: PMC1761937
- DOI: 10.2196/jmir.4.2.e12
Security, privacy, and confidentiality issues on the Internet
Abstract
We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.
Conflict of interest statement
None declared.
Figures
Similar articles
-
HCFA issues Internet security policy, requires authentication and identification procedures.J AHIMA. 1999 Jan;70(1):suppl 2 p. following 16. J AHIMA. 1999. PMID: 10338996 No abstract available.
-
Legislating patient privacy.Nurs Econ. 1999 Jul-Aug;17(4):222-4. Nurs Econ. 1999. PMID: 10711167 No abstract available.
-
Virtually exposed: privacy and e-health.Health Aff (Millwood). 2000 Nov-Dec;19(6):140-8. doi: 10.1377/hlthaff.19.6.140. Health Aff (Millwood). 2000. PMID: 11192397 No abstract available.
-
Patient confidentiality, data security, and provider liabilities in diabetes management.Diabetes Technol Ther. 2003;5(4):631-40. doi: 10.1089/152091503322250659. Diabetes Technol Ther. 2003. PMID: 14511418 Review.
-
Stopping science: the case of cryptography.Health Matrix Clevel. 1999 Summer;9(2):253-87. Health Matrix Clevel. 1999. PMID: 10787473 Review. No abstract available.
Cited by
-
Physician office readiness for managing Internet security threats.AMIA Annu Symp Proc. 2006;2006:981. AMIA Annu Symp Proc. 2006. PMID: 17238600 Free PMC article.
-
The Safe and Effective Use of Shared Data Underpinned by Stakeholder Engagement and Evaluation Practice.Yearb Med Inform. 2018 Aug;27(1):25-28. doi: 10.1055/s-0038-1641194. Epub 2018 Apr 22. Yearb Med Inform. 2018. PMID: 29681039 Free PMC article.
-
Clinicians' perspectives on a Web-based system for routine outcome monitoring in old-age psychiatry in the Netherlands.J Med Internet Res. 2012 May 30;14(3):e76. doi: 10.2196/jmir.1937. J Med Internet Res. 2012. PMID: 22647771 Free PMC article.
-
Developing mobile health applications for neglected tropical disease research.PLoS Negl Trop Dis. 2018 Nov 1;12(11):e0006791. doi: 10.1371/journal.pntd.0006791. eCollection 2018 Nov. PLoS Negl Trop Dis. 2018. PMID: 30383809 Free PMC article. Review.
-
Practical guidelines for qualitative research using online forums.Comput Inform Nurs. 2012 Nov;30(11):604-11. doi: 10.1097/NXN.0b013e318266cade. Comput Inform Nurs. 2012. PMID: 22918135 Free PMC article.
References
-
- British Medical Association (UK), authors Confidentiality and disclosure of health information. 1999. Oct, [2001 Apr 19]. http://web.bma.org.uk/public/ethics.nsf/webguidelinesvw?openview.
-
- Her Majesty's Stationery Office (UK), authors The Data Protection Act (1998) 1998. [2001 Apr 19]. http://www.hmso.gov.uk/acts/acts1998/19980029.htm.
-
- General Medical Council (UK), authors Confidentiality: Protecting and Providing Information. 2000. Sep, [2001 Apr 19]. http://www.gmc-uk.org/standards/secret.htm.
-
- NHS Executive's Security and Data Protection Programme, authors. Ensuring security and confidentiality in NHS organisations (E5501 v1.1) 1999. [2001 Sep 22]. http://194.101.83.13/library/cards/c0000365.htm.
-
- British Standards Institution (UK), authors BS ISO/IEC 17799:2000 (BS 77991:2000) Information technology: code of practice for information security management. London: BSI; 2000. http://www.bsi-global.com/
Publication types
MeSH terms
LinkOut - more resources
Full Text Sources
Miscellaneous
