EHRs: Fear of breach? The New Zealand public's opinion
|dc.contributor.author||Chhanabhai, Prajesh Narendra||en_NZ|
|dc.identifier.citation||Chhanabhai, P. N. (2006, April 27). EHRs: Fear of breach? The New Zealand public’s opinion (Dissertation, Master of Science). Retrieved from http://hdl.handle.net/10523/1278||en|
|dc.description.abstract||Health care has entered the electronic domain. This domain has improved data collection and storage abilities while allowing almost instantaneous access and results to data queries. Furthermore it allows direct communication between healthcare providers and health consumers. The development of privacy, confidentiality and security principles are necessary to protect consumers' interests against inappropriate access. The electronic health systems vendors have dominated the transition of media, claiming it will improve the quality and coherence of the care process. However, numerous studies show that the health consumer is the important stakeholder in this process, and their views are suggesting that the electronic medium is the way forward, but not just yet. With the international push towards Electronic Health Records (EHRs) by the Health and Human Services (United States of America), National Health Service (United Kingdom), Health Canada (Canada) and more recently the Ministry of Health (New Zealand), this paper presents the role EHRs will play in the health sector. A comprehensive literature review has revealed that there is a ambiguous use of terminology in the field of electronic records. This ambiguous use of terms is an important factor leading to the lack of clearly understanding what an EHR is. This thesis investigates the benefits that are offered by EHRs as well as investigating the problems and issues that are an integral part of the EHR not being popular. The main problem is found to be consumer's lack of confidence in the security of the EHR system. This study was conducted to determine the perceptions that the New Zealand health consumer has regarding the security of an EHR. A survey was completed by 300 participants from the four major city centres; Auckland, Wellington, Christchurch and Dunedin. The sample size allowed both descriptive and statistical models to be applied to it, thus producing both valid and meaningful results. The key finding from this study is that there is a general concern about the security, privacy and confidentiality associated with health consumers medical records. However, there is only a small difference between health consumers who feel paper records are more secure than EHRs and those who feel otherwise. The findings indicate the areas that consumers are most concerned about, as well as the areas that they feel would make their EHR safer. The survey concludes that for the EHR to be fully integrating in the health sector, there are two main issues that need to be addressed. 1) The security of the EHR system has to be of the highest levels, and needs to be constantly monitored and updated. This can only happen by the development of Standards or regulations that are policed by an accreditation body to ensure total compliance and 2) The involvement of the health consumer in a more proactive role in the ownership and maintenance of their health record. The EHR aims to collect information to allow for "cradle to the grave" treatment, thus the health consumer has to be seen a major player in ensuring that this can happen correctly. The results from this study indicate the health consumer needs to be assured of the security of an electronic system before they can accept it.||en_NZ|
|dc.subject||Electronic Health Records||en_NZ|
|dc.subject.lcsh||T Technology (General)||en_NZ|
|dc.subject.lcsh||Q Science (General)||en_NZ|
|dc.title||EHRs: Fear of breach? The New Zealand public's opinion||en_NZ|
|thesis.degree.name||Master of Science|
|thesis.degree.grantor||University of Otago||en_NZ|
|dc.description.references||Abookire, S.A., Teich, J.M., Sandige, H., Paterno, M.D., Martin, M.T., Kuperman, G.J. and D. W. Bates. (2000). "Improving allergy alerting in a computerized physician order entry system". Proceedings of AMIA Symposium. pp2-6. Retrieved 23 June 2005 from http://www.amia.org/pubs/symposia/D200703.PDF Aikins, R. (2001). "Implementing HIPAA Security Standard: Opportunity for Reengineering Business Practices". 2001 HIMSS Proceedings: Volume I. Retrieved 23 October 2005 from http://www.hiniss.ora/content/files/proceedings/2001/sessions/ses018.-xif Alpert, S, A. (1998). "Health care information: access, confidentiality and good practice". In Goodman, K (Ed.) Ethics, computing and medicine: informatics and the transformation of health care. pp75-101. New York: Cambridge University Press. Amatayakul, M. (1999). "EHRs and the consumer: a new opportunity". In Murphy G.F., Hanken M.A., Waters K.A., (Eds.) Electronic Health Records Changing the Vision. pp26- 68.Philadelphia: WB Saunders Company. Anderson, R.J. (1995). "NHS wide networking and patient confidentiality. Britain seems to be headed for a poor solution". British Medical Journal. 311. pp5-6. Anderson, R.J. (1996) Security in Clinical Information Systems. British Medical Association Cambridge University Press. Retrieved 23 July 2005 from http://www.ft .cl.cam.ac.uk/ftn/users/r.a14/policvll.pdf Anguelov, C.E., Hilgert, M.A. and Hogarth J.E. (2004). "U.S consumers and electronic banking, 1995-2003". Federal Reserve Bulleting Winter 2004. ppl-18. Annas, G.J. (1989). The Rights of Patients: The Basic ACLU Guide to Patient Rights. 2nd ed. Carbondale Illinois: Southern Illinois University Press. Ash, J.S., and Bates, D.W. (2005). "Factors and forces affecting EHR system adoption: report of a 2004 ACMI discussion". Journal of American Medical Informatics Association 12. pp8-12. ASTM (2005). "WK4363 Standard specification for the continuity of care record (CCR)". AhSttTp:M// wInwtwer.ansatmtio.onrga/l.c Egil-ectronic Resource. Retrieved 10 April 2005 from bin/SoftCart.exe/DATABASE.CART/WORKITEMS/W K4363. htm?L+mystore+oaob914 8 Baker and Hostelier LLP (2005). HIPAA Security rule. Retrieved 17 October 2005 from http://www.bakerlaw.com/files/tbl s10News%5CFi1.eU load44%5C10139%5CHIPAASe curitycl20Rules.pdf Balas, E.A., Weingarten, S., Garb, C.T., Blumenthal, D., Boren, S.A. and G. D. Brown. (2000). "Improving preventive care by prompting physicians". Archives of Internal Medicine 160 (3). pp301-8. Bangay, S. (2003) Networks and Networking. Rhodes University Printing. pp 258- 270. Bates, D.W., Ebell, M., Gotlieb, E., Zapp, J. and Mullins H.C. (2003). "A proposal for electronic medical records in U.S. primary care". Journal of American Medical Informatics Association. 10 (1). pp 1-10. Bates, D.W., and Gawande, A.A. (2003). "Improving safety with information technology". New England Journal Medicine. 348 (25), pp2526-34 Bayram,C., Britt, H., Kelly, Z. and Valenti, L. (2003). "Male Consultations in General Practice in Australia 1999-00". Australian Institute of Health and Welfare. Retrieved 12 October 2005 from http://www.aihw.gov.au/publications/gep/mcgpa99-00/megpa99- 00. df Bazzoli, F. (2005). "Survey: consumers favour sharing of health information nationally". HealthcareITNews. 11 October. Retrieved 18 October 2005 from http://www.healthcareitnews.com/NewsArticleView.aspx?ContentID=3805 Beale, T., Heard, S., Kalra, D. and Lloyd D. (2006). "openEHR Architecture: Architecture overview". openEHR Foundation. Retrieved 7 April 2006 from http://www.openEHR.org Bishop, L., Holmes, B.J. and Kelley, C.M. (2005). "National consumer health privacy survey 2005". California Healthcare Foundation Retrieved 3 November 2005 from http://www.chcforg/documents/ihealth/ConsumerPrivacy2005ExecSum.pdf Blair, J. (2004). "Survey of electronic health record trends and usage for 2004". At EHR summit III: EHRs progress: quality improvement, patient safety and efficiency. 19-20 July. Medical Records Institute. Washington D. C. Brailer, D.J. and E.L. Terasawa. (2003). "Use and Adoption of Computer-Based Patient Records." California HealthCare Foundation. Retrieved April 17, 2005. from http://www.chcf.org/documents/ihealth/UseAdo tionComputerizedPatientRecords.pdf Brenner, B. (2003). "Is the provision of laboratory results via the Internet acceptable to patients? A survey of private patients in a large, specialist gynaecology practice". The New Zealand Medical Journal 116. (1187). Retrieved 15 July 2005 from http://www.nzma.org.nziourna1/116-1187/711/. Briggs, L. (2000). "A national approach to electronic health records". At Electronic Health Records 2000 Conference. 29 May – 1 June. Australia: General Practice Computing Group. Retrieved 3 July 2005 from http://www.gpcg.org/publicationsidocs/Ehrbrigg.pdf British Broadcasting Corporation (BBC). (2003). Dissident operation uncovered. BBC News. 2 July. Retrieved 4 October 2005 from http://news.bbc.co.uk/l/low/northern ireland/3038852.htm British Medical Association. (2005). "Patients not convinced new computer record system will be secure: YouGov survey results". At Annual Representative Meeting Manchester 27-30 June. Obtained from Gohil, D. Research Support Officer BMA Bush, G. (2004). State of Union Address. "Transforming health care: The President's health information technology plan". Retrieved 10 March 2005 from http://www.whitehouse.gov/infocus/technology/economic policy200404/chap3.html. Butler, S.E. and McGlone, V. (2001). "The electronic patient record – a model for the future direction of health care". Issues In Information Systems. 2. Retrieved 16 April 2005 from http://www.iacis.orgils/2001 iis/pdF/020files/BUTLER28.PDF Canada Health Infoway (2004). EHR Glossary. Electronic Resource Retrieved 5 April 2005 from http://www.canadahealthinfoway.com/ehr/glossarv.plip?lang.§ion----E Carroll, J. (2000). "Electronic medical records: If not now, when?" Managed Care Magazine 8 July. Retrieved 13 June 2005 from htt ://www.managedcaremag.com/archives/0007/0007.emr.html Chapin, M.A., Forrer, D.A. and Timinur, A. (2003). "The examination on return on investment for information technology in healthcare (hospital) industry to achieve quality of care". Proceedings of POM 2003- POM in the service Economy. Retrieved ll April 2005 from http://poms.org/POMSWebsite/Meeting2003/2003A/Papers/PER-02.2.pdf Chu, S.S., Dixon, D., Lai, P., Lewis, D. and Valdes, C. (2001) "How anti-virus software works". Computers, Ethics, and Social Responsibility Stanford University. Retrieved 27 October 2005 from http://cse.stanford.edu/class/cs201/proiects-00-01/viruses/antivirus. html Cimino, J.J., Patel, V.L. and Kushniruk A.W. (2001). "Studying the Human– Computer– Terminology Interface". Journal of the American Medical Informatics Association. 8. pp 163-173. Cody, P.M. (2003). Dynamic security for medical record sharing. Unpublished Masters Thesis. Massachusetts Institute of Technology. Retrieved 5 July 2005 from www.rnedcr.csail.mitedu/projects/share/cody2003.pdf Cohen, S. and Shabo, A. (2001). "Electronic health record (EHR) standards survey". White paper. IBM Haifa Laboratories. Retrieved 4 June 2005 from http://www.research.ibm.com/haifa/proiects/software/imr/papers/EHRSurvev.pdf Coney, S (1998). "Who's been looking at my file? Medical records and centralised databases". In Women's Health Watch. 45 Retrieved 5 July 2005 from 1=9://www.womens-health.org.nz/publications/VVHW/whwjun98.htm#Whosfile Cunningham, S. (2003). "An investigation of electronic health records". Dublin Institute of Technology, School of Computing Research Paper (ITSM). Retrieved 29 March 2005 from http://www.comp.dit.ie/rfi.tzpatrick/MSc Publications/2003 Sheena Cunningham.pdf Cyber Dialogue (2000) "Ethics Survey of Consumer Attitudes About Health Web Sites." Retrieved 22 August 2005 from http://ehealth.chcf.org/view.cfm?section,Consumer&itemID.1740 Delaware Healthcare Association. (2005). "Delaware Healthcare Association Glossary of Health Care Terms and Acronyms" Retrieved 24 March 2005 from http://www.deha.org/Glossary/GlossaryE.htm Denton, I.C. (2001). "Will patients use electronic personal health records? Responses from a real-life experience" Journal of Healthcare Information Management. 15 (3). pp251-9. Department of Commerce, (2003). Information Security Guideline for NSW Government. Office of Information and Communications Technology. Retrieved 7 October 2005 from http_://www.oit.nsw.gov.au/pdf/4.4,17.IS2,pdf Department of Health and Aging. (2005). Connecting health care to the electronic age. Australian Government Information Management Office, Retrieved 18 September 2005 from www.agimo.gov.au/publications/2005/04/enhancing productivity/partl/health Department of Health and Human Services (2003). "Health insurance reform: security standards, final rule" Federal Register Reg 8334. Retrieved 18 October 2005 from http://a2.57.g.akalnaitech.net/7/257/2422/14mar200l 0800/edocket.access.gpo,gov/2003/pd f/03-3877.pdf Dhillon, A.S., Albersheim, S.G., Alsaad, S., Pargass, N.S. and Zupancic, J.A.F. (2003). "Internet Use and Perceptions of Information Reliability by Parents in a Neonatal Intensive Care Unit". Journal of Perinatology 23. pp420-24. Dick, R.S., Steen, E.B. and Detmer, D.E. (1997). The computer-based patient record: An essential technology for health care. Revised edition. Washington D.C. National Academy Press. Didham, R., Martin, I., Wood, R. and Harrison, K. (2004). "Information Technology systems in general practice medicine in New Zealand". The New Zealand Medical Journal 117. Retrieved 15 March 2005 from http://www.nzma.org.nzfjournal/117-1198/977/. Donohue, K. (2000). "Is your personal health information really safe?" Blueprint. Retrieved 24 July 2005 from http://www.d1c.org/ndol ci.cfm?kaid=140&subid=288&contentid=1043 Dubow, J. (2005). "National Survey on Consumers' Experiences With Patient Safety and Quality Information". At the Hearing on Privacy and Health Information Technology. Washington D.C. Retrieved 17 March 2005 from http://www.ncvhs.hhs.gov/050224p4.htm Electronic Record Development and Implementation Programme (ERDIP), (2003). "Lessons learned topic summary: No 4: Patients". National Health Service Information Authority. Retrieved 5 May 2005 from http://www,nhs ia. nhs.uk/erdip/pages/publ ications/ERDIP4Pati en ts pdf Ernst, J. and Miller, J. (2005). "The virtual patient record: a vision for integrated, personal and information-rich health care enabled by the NHIN". White paper NetMesh. Retrieved 7 April 2005 from h t ://netmesh.o / a ers/nhin-rfi/NetMesh-NHN-RFI-Response.pdf Eysenbach, G. (2000). "Recent advances: Consumer health informatics". British Medical Journal. 320. pp1713-16. Finkelstein, J., Cabrera, M.R. and Hripcsak, G. (2000). "Internet-based home asthma telemonitoring: can patients handle the technology?". Chest 117 (1). pp148-55. Friedman, M. (2001), "How to cure health care". Public Interest.142 (Winter).pp3-30. Fueling, T.J. (2004). "Who owns patient records?" The Chiropractic Journal. Retrieved 20 October 2005 from http://www.worldchiropracticalliance.org/tcV2004/jan/feuling.htm Forslunci, D.W., and Kilman, D. (1996). "The Virtual patient record: a key to distributed healthcare and telemedicine". Los Alamos National Laboratory. Retrieved 20 April 2005 from ntt_p://openemed.netibackground/TeleMed/Papers/virtual.html Forslund, D.W., George, J.E., Gavrilov, E.M., Staab T.A., Weymouth, T.E. and Kotha, K. (1996). "TeleMed: development of a Java/CORBA-based virtual electronic medical record". Object Management Group First Class Magazine. Retrieved 21 April 2005 from http://openerned.net/background/TeleMed/Papers/Forslund-pacmedtek.pdf Frenkel, J. (2005) "Doctors selling medical records". Herald Sun. 25 May Retrieved 25 May 2005 from http://www.news.com.au/stor /0 10117.15400601-421,00.html Gallagher, L.A and Barrett, C.W (2004). An Assessment of HIPAA Security Preparedness: Most Health Care Organisations Remain Noncompliant. Washington D.C. URAC Publishing. Gillies, J. and Holt, A. (2003). "Anxious about electronic health records? No need to be". The New Zealand Medical Journal 116. 1182. Retrieved 17 February 2005 from http://www.nzma.owz/journal/116-1182/604/. Givens, P. (1996). "Medical records privacy: fears and expectations of patients." At Toward an Electronic Patient Record Conference. San Diego. Retrieved 17 February 2005 from http://www.privac h s or eech2.htm Glasgow, H. (2005). Personal Communication. [Communication with Helen Glasgow, 16 August 2005] Griew, A. (1999). "Security: a strategy for security of the electronic patient record". Population Health Summary System Project (PHSS).Centre for eHealth and Learning. Retrieved 5 June 2005 from http://tekki.co.uk/Publications/phss/download/AnnexBl.pdf Grimson, J. (2001). "Delivering the electronic healthcare record for the 21st century". International Journal of Medical Informatics 64.3 pp111-27. Gue, D.G.. (2004). "The HIPAA security Rule (NPRM): Overview". Phoenix HIPAAdvisory, Phoenix Health Systems. Retrieved 23 October 2005 from Intp://www.hipaadvisor .com/re cs/securit overview.htm Gurley, L. (2004). "Advantages and disadvantages of the electronic medical record". American Academy of Medical Administrators. Retrieved 4 April 2005 from http://www.aameda.org/MemberServices/Exec/Articles/sog04/Gurley%20article.pdf Hans, D. (2000). "Computer-based patient record systems: network security issues". Technical Paper. Science Applications International Corporation. Retrieved 23 September 2005 from http://www.saic.com/healthcare/computerbased.pdf Health Canada (2001). Toward electronic health records. Office of Health and the Information Highway. Hufford D.L. (1999). "Innovation in medical information management: the electronic medical record". Graduate research paper. Madigan Army Medical Centre. Uniformed Services Academy of Family Physicians. Retrieved 4 July 2005 from ht ://www,usafa.org/Fac Dev/Orig .Papers/EMR-paper.doc Harrison, R. (2004). The antivirus defense-in-depth guide. Microsoft Corporation. Retrieved 20 September 2005 from Intp://ww w .microsoft.com/downloads/details aspx?Famil yId.F24A8CE3-63A4-45 Al- 979 6-3FEF52F63ABB&displaylang=e-n HealthLink. (2002). HealthLink SecurIT service specification. HealthLink Limited HealthLink (2003). HealthLink SecurIT: An Introduction to SECURIT Practice. HealthLink Limited. HealthLink. (2005). HealthLink: Connecting the health sector. Retrieved 6 October 2005 from http://healthlink.net/index2.htm Healthcare Information and Management Systems Society (HIMMS). (2003). "Electronic medical records: no longer optional". Special Advertising Section. McGraw-Hill Healthcare Information Programs. Retrieved 10 April 2005 from http://www.pssiebel.net/docs/himms%20fin.pdf HIPAA (2005). HIPAA Security Matrix. Electronic Resource. Retrieved 10 October 2005 from htt )://www.dataensureinc.com/HIPAA/HIPPA%20Securit %20Matrix.htm Hundley, K. (2001). "How secure are your medical records?". St. Petersburg Times. 13 May. Retrieved 9 October 2005 from http://www.sptimes.com/News/webspecials/privacy/sunday3.shtml Hunter, I. (2003). "Patient attitudes to electronic medical records". Privacy Issues Forum 28th March 2003 , Office of the Privacy Commissioner: Auckland Institute of Medicine (2003). Key capabilities of an electronic health record system Letter Report Washington D.C. The National Academies Press. Jeffords, J.M. and Dodd, C.J. (1999). "Medical records privacy: Access needed for health research, but oversight of privacy protections is limited" Letter Report. United States General Accounting Office. Retrieved 6 May 2005 from www.epic.org/privacy/medical/ gao-medical-privacy-399.pdf Johnston, B., Wheeler, L., Deuser, and Sousa, K.H. (2000). "Outcomes of the Kaiser Permanente tele-home health research project". Archives of Family Medicine. 9 (1). pp40-5. Kaushal, R. and Bates, D.W. (2001). "Computerized Physician Order Entry (CPOE) with Clinical Decision Support Systems (CDSSs)." In: Tierney, W.M., (Eds). Evidence Report/Technology Assessment No. 43, Making Health Care Safer: A Critical Analysis of Patient Safety Practices, p. 59-69. San Francisco. AHRQ Publications Kaye, M.B. (2000). "Electronic medical records: taking your head out of the sand". American Society of Colon and Rectal Surgeons. Retrieved 29 April 2005 from http://www.ascrs.org/publications/ao/AEwin9emr, trnl Keet, R. (2000). "The automati oannd centralization of data results". Healthcare Technology 2. pp2-6. Kerr, K. (2004). "The electronic health record in New Zealand". Health Care and Informatics Review Online. 1 March. Retrieved 25 May 2005 from http://hcro.enigma.co.nz/website/index.cfm?fuseaction=articledisplay&FeaturelD.040304 Kohn L.T., Corrigan J.M. and Donaldson M.S. (1999). To err is human : building a safer health system. Washington, D.C. : National Academy Press. Krishna, S., Balas, E.A., Spencer, D.C., Griffin, J.Z. and S. A. Boren. (1997). "Clinical trials of interactive computerized patient education: implications for family practice".Journal of Family Practice 45 (1). pp25-33. Lansdale, M. W. and Ormrod T.C. (1994) Understanding Inteifaces: A Handbook of Human- Computer Dialogue. London: Academic Press. Levine, S.A. (2002). "Provincial approaches to regulating health care privacy". Fasken Martineau Du Moulin LLP, Retrieved 7 June 2005 from littp://www.fasken.com/WEB/FMDWEBS rf EFRENCH.NSF/0/73BB9694B7B3FDFB85 256C69005A168DL. File/PROV REG HEALTH.PDF?OpenElement Leedy, P.D. and Ormrod, J.E. (2001). Practical Research: Planning and Design. New Jersey: Merrill Prentice Hall. Limprecht, E. (2005). "Patient data taken without GP's consent". The Australian Doctor. 25 ary . Longstaff, D. (2005). "Contentious crop: harvesting information from electronic health records". Intern Paper. Australian Primary Health Care Research Institute Retrieved 13 October 2005 from h t ://www.anu.edu.ati/a hcri/Staff/Duncan Lonstaff Internshi Paper- Harvesting_ Information From Electronic Health Records.ndf McDonald, C.J.(1997) "The Barriers to Electronic Medical Record Systems and How to Overcome Them." The Journal of the American Medical Informatics Association, 4 pp213-221. Mandl, K.D., Szolovits, P. and Kohane, I.S. (2001). "Public standards and patients' control: how to keep electronic medical records accessible but private". British Medical Journal 322. pp283-87. Massachusetts Institute of Technology (2000). Hippocratic Oath (Hippocrates, 400 BC). Retrieved 10 March 2005 from htt ://classics.mit.ec Microsoft Security Centre (2005). Retrieved 14 October 2005 from http://www.microsoft.com/security/default.mspx Misys Healthcare Systems (2004). "The EHR and. CCR: a review of healthcare's challenge and national initiatives to promote widespread adoption" Whitepaper Retrieved 10 April 2005 from www.misyshealthcare.com/resourees/ehr+ccr+industry+initiatives+white+paper.pdf Mitchell, E. and Sullivan, F. (2001). "A descriptive feast but an evaluative famine: systematic review of published articles on primary care computing during 1980-97". British Medical Journal. 322. pp279-82. Mongerson, P. (1995) "A patient's perspective of medical informatics". Journal of American Medical Informatics Association. 2 (2). pp79-84. Montague, M. (1995). "Consumer access to medical records". Discussion Paper Office of the Privacy Commissioner. Retrieved 11 October 2005 from http://privacy.gov.au/publications/hrc privacy_publication.pcif file.p6 4 65.34.pdf Mohan, K. and Lintott, M. (2002). "Introduction to security policies for the Health Intranet: principles, guidelines and references". New Zealand Health Information Service. Mohan, K. (2004). "Communication & Promotion Health Intranet information sheet" New Zealand Health Information Service. Mohan, K. (2005). Interview. [Interview with Kalash Mohan, 6 June, 2005]. Moss, A. (2005). "Man accuses Prop. BB supporters of selling patient id info". North County Times. 5 January. Retrieved 14 May 2005 from http://www.patientprivacyrights.org/site/PageServer?pagename.News Stories Murphy G.F., Hanken M.A., Waters K.A. (1999). "EHR Vision, definition, and characteristics.". In Murphy G.F., Hanken M.A., Waters K.A., (Eds.) Electronic Health Records Changing the Vision. pp3-25.Philadelphia: WB Saunders Company. MyNetRecord.com (2005) Personal Health records online. Electronic Resource. Retrieved 10 April 2005 from http://mynetrecord.com/ National Health Service (1998). "Information for health: an information strategy for the modern NHS 1998-2005". NHS Executive. Crown publishing. National Health Service (NHS) (2001). "Information for Health – Supporting Patient Care" National Health Service Information Authority. _Retrieved 17 May 2005 from http://www.nhs.uk/def/pages/info4health/2.aso National Health Service (NHS) (2003). "The public view on electronic health records." Retrieved 4 January 2005 from www.nlasia.nhs.uk/confidentiality. National Health Service (2004). "National programme for information technology in the NHS. NHS care records service." Retrieved 23 January 2005 from www.npfit.nhs.uk/programmes/nhscrs. National Health Service Scotland (2002). "Public version of the web-based training package on confidentiality and data protection". Data Protection Training Package. Retrieved 10 October 2005 from www.show.scot.nhs.uldelearning/ availabletopublic/Moclule One Word.doc National Institute of Standards and Technology (NIST). (1995). An introduction to computer security: the NIST handbook. Electronic Resource. Retrieved 1 July 2005 from http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf National Library of Medicine (NLM). (2005). Unified Medical Language System. Electronic Resource. Retrieved 6 July 2005 from http://www.nlm.nih.gov/research/umls/ National Research Council. (1997). For the Record: Protecting Electronic Health Information. Washington D. C. National Academy Press. NetBSD. (2005). NetBSD Documentation: NetBSD IPsec. Electronic Resource. Retrieved 10 October 2005 from http://www.netbsd.org/Documentation/network/ipsec/ New Jersey Institute of Technology (1995). "Chapter 8: Confidentiality, privacy and security of healthcare information" Electronic Network Solutions for Rising Healthcare Costs. Retrieved 22 October from http://www.ni itedu/v2/publications/Reports/HINT/0361J.toc.html New Zealand Government (2003). Health Information Privacy Code 1994. Office of the NZ Privacy Commissioner. Government Printers. New Zealand Health Information Service (2003). Security policy for general practitioners and other health professionals in general practice. NZHIS Health Intranet. New Zealand Health Information Service (2005). Your National Health Index Number (NHI). Information Brochure. New Zealand Health Information Service (2005). "Information about the National Health Index". Retrieved 24 March 2005 from http://www.nzhis.govt.nz/nhi/ New Zealand Ministry of Health. (2001). From Strategy to Reality the WAVE Project. The WAVE Advisory Board to the Director-General of Health. Wellington. Ministry of Health. New Zealand Ministry of Health (2005). Health Information Strategy for New Zealand 2005. Health Information Strategy Steering Committee. Wellington. Ministry of Health. Niven, B.(2005). Interview. [Interview with Brian Niven, 5 May, 2005]. Oasis (2002) "Access to medical records in Ireland". Information on Public Services – an Irish Government resource Retrieved 23 September 2005 from http://www.oasis.gov.ie/health/access to medical records.html Omnisec (2004) Secure Communications Company. Retrieved 21 October 2005 from http://www.omnisec.ch. Oppliger, R. (1997) "Internet security: firewalls and beyond". Communications of the ACM. 40 (5) pp92-102. Pfleeger, C.P., and Pfleeger S.L. (2003) Security in Computing, 3rd Edition.. Upper Saddle River, New Jersey. Pearson Education Inc Pickens, S. and Solak. I. (2005). "Successful healthcare programs and projects: organization portfolio management essentials". Journal of Healthcare Information Management. 19 (1). Pollard, R. (2004). "Cash offer to GPs for information". Sydney Morning Herald 30 October. Retrieved 13 October from http://www.smh.com.au/articles/2004/10/29/1099028210610.html# Poulymenopoulou, M., and Vassilacopoulos, G. (2003). "A virtual patient record implementation for emergency medical services" At MedNet 4-7 December. Health On the Net Foundation. Geneva Privacy Commission. (2005). The Privacy Act and you. Office of the Privacy Commissioner. Retrieved 14 October from http://www.pri vacy.org.n1z/people/peotop.htm1 Protti, D. (2003a), "Local clinician involvement in clinical information systems: luxury or necessity? – a review of two international experiences". The British Journal of Healthcare Computing & Information Management. 20 (10). pp28-30. Protti, D. (2003b). Local clinician involvement in clinical information systems: luxury or necessity? – a review of two international experiences. At ASSIST, Harrogate, Preston 1-2 October. Retrieved 30 June 2005 from http://www.northwest.assist.org.uklresources/ ASS IST%20-%20Clinici an c7020In vol vement%20-%20Necessity%20or%20Luxury.ppt Public Interest Advocacy Centre (PIAC), (2003). Consumers and Financial Institutions. A Public Perspective On The Industry. Ottawa Canadian Cataloging and Publication Data Pyper, C., Amery, J., Watson, M. and Crook, C. (2004). "Patients' experiences when accessing their on-line electronic patient records in primary care." British Journal of General Practice 54. pp38-43. Redhead, S.C. (2003). "Medical records privacy: questions and answers on the HIPAA final rule". Congressional Research Service. pp 1-6. Regenstrief Institute. (2005). Logical Observation Identifiers Names and Codes (LOINC). Electronic Resource Retrieved 6 July 2005 from http://www.regenstrief.org/loins/ Robbins, B.C. and Werner, II. (2004). "What's it worth? Oncology electronic medical record and ROI Modelling". Hematology Oncology News & Issues. pp 15-37. Robertson, P.D., Curtin, M. and Ranum, M.J. (2004). "Internet firewalls: frequently asked questions". Electronic Resource Retrieved 1 October 2005 from http://www.interhack.net/pubs/fwfaq/firewalls-faq.pdf Roetors, J.M.C. (2004). A survey of health professional's compliance with minimum-security standards for health information systems in New Zealand public hospitals. Unpublished Masters thesis. University of Otago Rogers, M.A., Small, D., Buchan, D.A., Butch, C.A., Stewart, C.M., Krenzer, B.E.and Husovsky.H.L. (2001). "Home monitoring service improves mean arterial pressure in patients with essential hypertension. a randomized, controlled trial". Annals of Internal Medicine 134 (11). pp1024-32. Ross, S.E. and Lin, C.T. (2003). "The effects of promoting patient access to medical records: A review". Journal of the American Medical Informatics Association. 10 (2). pp129-138. Ross, S., Todd, J., Moore, L.A., Beaty, B.L., Wittevrongel, L. and Lin, C. (2005). "Expectations of patients and physicians regarding patient-accessible medical records". Journal of Medical Internet Research. 7 (2). Retrieved 26 May 2005 from http://www.jmir.org/2005/2/e13/ RSA Laboratories. (2005). RSA Laboratories' Frequently Asked Questions About Today's Cryptography. Electronic Resource Retrieved 10 October 2005 from http://www.rsasecurity.com/rsalabs/node.asp?id=2152 Ryan, K.M. and Boustead, A.J. (2004). "Universal electronic health records: A qualitative study of lay perspectives". New Zealand Family Physician. 31 (3). pp149-154. Sandhu, R. and Samarati, P. (1996). "Authentication, access control and audit". ACM Computing Surveys. 28 (1). Retrieved 14 October 2005 from http://www.list.gmu.edu/journals/acm/survey96(org).pdf Schiff, G.D., Klass, D., Peterson, J., Shah, G., and Bates, D.W. (2003). "Linking laboratory and pharmacy: opportunities for reducing errors and improving care". Archives of Internal Medicine. 163 (8). pp893-900. Schiffman, S. (2001). "Preventing Security Breaches" At Healthcare Informatics 2001. 18- 19 April. Healthcare Informatics. Retrieved 23 May 2005 from http://www.healthcareinformatics. corn/expo/presentations/h202.pdf Schneider, P. (1997) "SAIC and UCSD Tackle Web Security". Healthcare Informatics. Retrieved 20 October 2005 from http://www. healthcare-in formatics.com/issues/1997/03 97/net.htm Schoenberg, R. and Safran, C. (2000). "Internet based repository of medical records that retains patient confidentiality". British Medical Journal. 321. pp1199-203. Schloeffel, P., Beale, T., Heard, S. and Rowed, D. (2001). "Background and overview of the Good Electronic Health Record". openEHR Foundation, Retrieved 5 May 2005 from http://www.openehr.org/Documents/BackgroundOverview of GEHR.htm Schmall, M. (2002). "Heuristic techniques in AV solutions: an overview". Security Focus. Retrieved 7 October 2005 from http://www.securityfocus.com/infocus/1542 Shaw, N. (2001). Going paperless, a guide to computerisation of primary care. Oxford: Radcliffe Medical Press. Shaw, N. (2002) "Trust me, I'm a patient! The effect of an EHR on my consultation". Studies in Health Technology and Informatics. 87. pp10-15. Shimonski, R.J., Graham, R., Little, D., Shinder, J. and Amon, C. (2003). The best damn firewall book period. Rockland MA Syngress Publishing.. Silverman, D.D. (1998). "The electronic medical record system: health care marvel or morass?". Physician Executive. 24 (3). Pp26-32. Slane, B.H. (1999). "Health information: some issues at the close of the 20 th century". At 7th Annual New Zealand Medico-Legal Conference. Office of the Privacy Commissioner. Retrieved 24 October 2005 from htt .://www. SNOMED, (2005). SNOMED International. Electronic Resource Retrived 6 July 2005 from http://www.snomed.ord Songini, M.L., (2000). "Hospital confirms hacker stole 5000 patient files". Computerworld 18 December. Retrieved 14 October 2005 from h tip ://app001.computerworld. com/securitytopics/security/privacy/story/0,10801,55343 ,00. html Spitzner, L. (2003). "Honeypots: Catching the Insider Threat". Proceedings of the 19th Annual Computer Security Applications Conference. pp170-80. Washington D.C. I hEE Computer Society Sprague, L, (2004) "Electronic health records: How close? How far to go?" National Health Policy Forum. 800. pp2-17. Stein, L.D. (1997). "The electronic medical record: promises and threats". World Wide Web Journal, Web security: A Matter of Trust. 2 (3). Retrieved 13 June 2005 from http://www.w3joumal.com/7/s3.stein.wrap.html Stein, T. (2005). "Hack attack, how safe are your computers?" Press release Medical University of South Carolina Retrieved 7 June,2005 from httpl/www.muschealth.com/professionals/ppd/hackatt.htm Stevens, R. (1998) Medical record databases. Just What you need? Report prepared for the Office of the Privacy Commissioner. Still, T. (2005). "Electronic health records can save lives and improve medical care". Wisconsin Technology Network. Retrieved 18 February 2005 from http://wistechnology.com/printarticle.php?id=1545. Strebe, M. and Perkins, C., (2002). Firewalls 24Seven, 2nd Edition. Berkeley, California. Sybex. Tang, P.C., LaRosa, M.P. and Gorden, S.M. (1999). "Use of computer-based records, completeness of documentation, and appropriateness of documented clinical decisions". Journal of the American Medical Informatics Association. 6 (3). pp245-51. Taylor, P.T. (1996). Consumer health informatics: emerging issues. Report to the Chairman, subcommittee on Human Resources and Intergovernmental Relations. Retrieved 5 May 2005 from http://www.gao.gov/archive/1996/ai96086. df Telecom (2005) HealthExpress. Product Profile. Obtained from NZHIS. Terry, N.P. (2004). "Electronic health records: international, structural and legal perspectives". Journal of Law and Medicine. 12, pp26-39. Tessier, C. (2004) "Continuity of Care Record At Towards the Electronic Patient Record 2004 17-21 May. Medical Records Institute. Florida Tessier, C., Sullivan, T., Waegemann, C.P., Kibbe, D., Smith, D. and Brewer, P. (2005). "Continuity of care record: concept paper". Medical Records Institute Retrieved 1 May 2005 from http://www.medrecinst.com/pages/about.asp?k1=54 U.S Dept of Health and Human Services (2003). "HHS launches new efforts to promote paperless health care system". Health and Human Service News. Retrieved 17 May 2005 from http://aspe.hhs.gov/sp/nhii/News/NHIIJu11 03.htm Upham, R. (2004). "The electronic health record: will it become a reality?". Phoenix H1PAAdvisory, Phoenix Health Systems. Retrieved 10 April 2005 from http://www.hipaadvisory.com/action/ehealth/EHR-reality.htm Uzwiak, B. (2005). "Academic medical centre increases network security, reduces downtime". Case Study. Microsoft Corporation Retrieved 14 October 2005 from http://clownload.microsoft.com/documents/customerevidence/21164 Wake Forest final.d oc Van Benmel, J.H. and Musen, M.A. (1999). Handbook of medical informatics. New York: Springer Publishers. Venkatesh,V., Morris, M. G..; Davis, G.B. and Davis, F. D. (2003). "User acceptance of information technology: Toward a unified view", MIS Quarterly, 27 3 pp425-478. Waegemann, C.P. (2002). "Status report 2002: electronic health records". Medical Records Institute. Retrieved 2 April 2005 from http://www.medrecinst.com/pages/libArticle.asp id.44 Waegemann, C.P. (2003). "EHR vs. CPR vs. EMR" Health Informatics Online. pp1-6. Waegemann, C.P.(2004a). "Analysis of international EHR systems". At Towards the Electronic Patient Record 2004 17-21 May. Medical Records Institute. Florida Waegemann, C.P. (2004b). "Summary of the previous summits". At EHR summit III: EHRs progress: quality improvement, patient safety and efficiency. 19-20 July. Medical Records Institute. Washington D. C. Walsh, S.H. (2004). "The clinician's perspective on electronic health records and how they can affect patient care". British Medical Journal. 328. pp 1184-87. Wang, W., (2003). Steal This Computer Book 3: What They Won't Tell You About the Internet. 3 rd edition. San Francisco. No Starch Press. Wang, S.J., Middleton, B., Prosser, L.A., Bardon, C.G., Spurr, C.D., Carchidi, P.J., Kittler, A.F., Goldszer, R.C., Fairchild, D.G., Sussman, A.J., Kuperman, G.J. and Bates, D.W. (2003). "Cost-Benefit Analysis of Electronic Medical Records in Primary Care". In American Journal of Medicine. 114. pp397-403. Ware, W.H. (1979). Security controls for computer systems Office of the Secretary of Defence. Santa Monica. RAND. Wenner, A.R. (2004). "Computer patient interview as an important part of the EHR". Proceedings of Healthcare Computing 2004. pp103-113. Westin A.F. (2005). "U.S. public sharply divided on privacy risks of electronic medical records." At the Hearing on Privacy and Health Information Technology. Washington D.C. Retrieved 17 March 2005 from http://www.pandab.org/ Whetton, S. (2005). Health Informatics A Socio-Technical Perspective. Victoria, Oxford University Press Whitlock, W.L., Brown, A., Moore, K., Pavliscsak, H., Dingbaum, A., Lacefield, D., Buker, K. and Xenakis, S.(2000). "Telemedicine improved diabetic management". Military Medicine 165 (8 ). pp579-84. Win, K.T. (2005) "A review of security of electronic health records". Health Information Management. 34 (1). pp 1. 3-18. Win, K.T. and Cooper, J. (2004). "Information age, electronic health record and Australia healthcare". International Journal of the Computer, the Internet and Management12 (13). pp14-21 Withrow, S.C. (2002). "HIPAA compliance: where are the savings?" Managing HIPAA Compliance. Retrieved 23 October 2005 from http://www.wmolaw.com/hipaasavings.htm Woodward, B. (1995). "The computer-based patient record and confidentiality". New England Journal of Medicine. 333. pp1419-1422. World Health Organisation (WHO), (2005). "International Classification of Disease (ICD)". Electronic Resource. Retrieved 6 July 2005 from http://www.whoint/classifications/icd/en/ Young, K.M. (2000), Informatics for healthcare Professionals. Western Michigan University, Kalamazoo, Michigan. F. A. Davis Company||en_NZ|
Files in this item
There are no files associated with this item.
This item is not available in full-text via OUR Archive.
If you would like to read this item, please apply for an inter-library loan from the University of Otago via your local library.
If you are the author of this item, please contact us if you wish to discuss making the full text publicly available.