Vulnerability to Cyberattacks and Sociotechnical Solutions for Health Care Systems: Systematic Review.

BACKGROUND: Health care organizations worldwide are faced with an increasing number of cyberattacks and threats to their critical infrastructure. These cyberattacks cause significant data breaches in digital health information systems, which threaten patient safety and privacy. OBJECTIVE: From a sociotechnical perspective, this paper explores why digital health care systems are vulnerable to cyberattacks and provides sociotechnical solutions through a systematic literature review (SLR). METHODS: An SLR using the PRISMA (Preferred Reporting Items for Systematic Reviews and Meta-Analyses) was conducted by searching 6 databases (PubMed, Web of Science, ScienceDirect, Scopus, Institute of Electrical and Electronics Engineers, and Springer) and a journal (Management Information Systems Quarterly) for articles published between 2012 and 2022 and indexed using the following keywords: "(cybersecurity OR cybercrime OR ransomware) AND (healthcare) OR (cybersecurity in healthcare)." Reports, review articles, and industry white papers that focused on cybersecurity and health care challenges and solutions were included. Only articles published in English were selected for the review. RESULTS: In total, 5 themes were identified: human error, lack of investment, complex network-connected end-point devices, old legacy systems, and technology advancement (digitalization). We also found that knowledge applications for solving vulnerabilities in health care systems between 2012 to 2022 were inconsistent. CONCLUSIONS: This SLR provides a clear understanding of why health care systems are vulnerable to cyberattacks and proposes interventions from a new sociotechnical perspective. These solutions can serve as a guide for health care organizations in their efforts to prevent breaches and address vulnerabilities. To bridge the gap, we recommend that health care organizations, in partnership with educational institutions, develop and implement a cybersecurity curriculum for health care and intelligence information sharing through collaborations; training; awareness campaigns; and knowledge application areas such as secure design processes, phase-out of legacy systems, and improved investment. Additional studies are needed to create a sociotechnical framework that will support cybersecurity in health care systems and connect technology, people, and processes in an integrated manner.

The elephant in the room: cybersecurity in healthcare.

Cybersecurity has seen an increasing frequency and impact of cyberattacks and exposure of Protected Health Information (PHI). The uptake of an Electronic Medical Record (EMR), the exponential adoption of Internet of Things (IoT) devices, and the impact of the COVID-19 pandemic has increased the threat surface presented for cyberattack by the healthcare sector. Within healthcare generally and, more specifically, within anaesthesia and Intensive Care, there has been an explosion in wired and wireless devices used daily in the care of almost every patient-the Internet of Medical Things (IoMT); ventilators, anaesthetic machines, infusion pumps, pacing devices, organ support and a plethora of monitoring modalities. All of these devices, once connected to a hospital network, present another opportunity for a malevolent party to access the hospital systems, either to gain PHI for financial, political or other gain or to attack the systems directly to cause erroneous monitoring, altered settings of any device and even to access the EMR via this IoMT window. This exponential increase in the IoMT and the increasing wireless connectivity of anaesthesia and ICU devices as well as implantable devices presents a real and present danger to patient safety. There has, at the same time, been a chronic underfunding of cybersecurity in healthcare. This lack of cybersecurity investment has left the sector exposed, and with the monetisation of PHI, the introduction of technically unsecure IoT devices for monitoring and direct patient care, the healthcare sector is presenting itself for further devastating cyberattacks or breaches of PHI. Coupled with the immense strain that the COVID-19 pandemic has placed on healthcare and the changes in working patterns of many caregivers, this has further amplified the exposure of the sector to cyberattacks.

The role of collectivism and moderating effect of IT proficiency on intention to disclose protected health information.

This paper aims to identify and understand factors affecting insiders' intention to disclose patients' medical information and to investigate how these factors affect the intention to disclose. Based on the literature review on deterrence theory and health information security awareness (HISA), we identify relevant factors and develop a research model explaining insiders' intention to disclose patients' health information. We collect data (N = 105) through scenario-based experiments. Results show that two personal factors, collectivism, and IT proficiency, play a significant role in the model. While collectivism affects two components (health information security regulation awareness and punishment severity awareness) of HISA which influences intention to disclose, IT proficiency moderates the relationship between HISA and intention to disclose. In addition, HISA negatively affects reporting assessment and intention to disclose. This paper aims to fill a research gap in understanding factors affecting insiders' intentions to disclose protected health information. We identify and investigate factors (e.g., collectivism, HISA, reporting assessment, and IT proficiency) that may affect insiders' disclosing intentions. We find that collectivism affects two components of HISA which influence reporting assessment and disclosing intention. We also discover that IT proficiency moderates the relationship between HISA and intention to disclose. Our findings suggest that we need to carefully consider personal factors such as collectivistic nature and IT proficiency in managing insiders' security breaches.

Video education about genetic privacy and patient perspectives about sharing prenatal genetic data: a randomized trial.

BACKGROUND: Laboratories offering cell-free DNA often reserve the right to share prenatal genetic data for research or even commercial purposes, and obtain this permission on the patient consent form. Although it is known that nonpregnant patients are often reluctant to share their genetic data for research, pregnant patients' knowledge of, and opinions about, genetic data privacy are unknown. OBJECTIVE: We investigated whether pregnant patients who had already undergone cell-free DNA screening were aware that genetic data derived from cell-free DNA may be shared for research. Furthermore, we examined whether pregnant patients exposed to video education about the Genetic Information Nondiscrimination Act-a federal law that mandates workplace and health insurance protections against genetic discrimination-were more willing to share cell-free DNA-related genetic data for research than pregnant patients who were unexposed. STUDY DESIGN: In this randomized controlled trial (ClinicalTrials.gov Identifier: NCT04420858), English-speaking patients with singleton pregnancies who underwent cell-free DNA and subsequently presented at 17 0/7 to 23 6/7 weeks of gestation for a detailed anatomy scan were randomized 1:1 to a control or intervention group. Both groups viewed an infographic about cell-free DNA. In addition, the intervention group viewed an educational video about the Genetic Information Nondiscrimination Act. The primary outcomes were knowledge about, and willingness to share, prenatal genetic data from cell-free DNA by commercial laboratories for nonclinical purposes, such as research. The secondary outcomes included knowledge about existing genetic privacy laws, knowledge about the potential for reidentification of anonymized genetic data, and acceptability of various use and sharing scenarios for prenatal genetic data. Eighty-one participants per group were required for 80% power to detect an increase in willingness to share data from 60% to 80% (α=0.05). RESULTS: A total of 747 pregnant patients were screened, and 213 patients were deemed eligible and approached for potential study participation. Of these patients, 163 (76.5%) consented and were randomized; one participant discontinued the intervention, and two participants were excluded from analysis after the intervention when it was discovered that they did not fulfill all eligibility criteria. Overall, 160 (75.1%) of those approached were included in the final analysis. Most patients in the control group (72 [90.0%]) and intervention (76 [97.4%]) group were either unsure about or incorrectly thought that cell-free DNA companies could not share prenatal genetic data for research. Participants in the intervention group were more likely to incorrectly believe that their prenatal genetic data would not be shared for nonclinical purposes than participants in the control group (28.8% in the control group vs 46.2% in the intervention; P=.03). However, video education did not increase participant willingness to share genetic data in multiple scenarios. Non-White participants were less willing than White participants to allow sharing of genetic data specifically for academic research (P<.001). CONCLUSION: Most participants were unaware that their prenatal genetic data may be used for nonclinical purposes. Pregnant patients who were educated about the Genetic Information Nondiscrimination Act were not more willing to share genetic data than those who did not receive this education. Surprisingly, video education about the Genetic Information Nondiscrimination Act led patients to falsely believe that their data would not be shared for research, and participants who identified as racial minorities were less willing to share genetic data. New strategies are needed to improve pregnant patients' understanding of genetic privacy.

Word embeddings trained on published case reports are lightweight, effective for clinical tasks, and free of protected health information.

OBJECTIVE: Quantify tradeoffs in performance, reproducibility, and resource demands across several strategies for developing clinically relevant word embeddings. MATERIALS AND METHODS: We trained separate embeddings on all full-text manuscripts in the Pubmed Central (PMC) Open Access subset, case reports therein, the English Wikipedia corpus, the Medical Information Mart for Intensive Care (MIMIC) III dataset, and all notes in the University of Pennsylvania Health System (UPHS) electronic health record. We tested embeddings in six clinically relevant tasks including mortality prediction and de-identification, and assessed performance using the scaled Brier score (SBS) and the proportion of notes successfully de-identified, respectively. RESULTS: Embeddings from UPHS notes best predicted mortality (SBS 0.30, 95% CI 0.15 to 0.45) while Wikipedia embeddings performed worst (SBS 0.12, 95% CI -0.05 to 0.28). Wikipedia embeddings most consistently (78% of notes) and the full PMC corpus embeddings least consistently (48%) de-identified notes. Across all six tasks, the full PMC corpus demonstrated the most consistent performance, and the Wikipedia corpus the least. Corpus size ranged from 49 million tokens (PMC case reports) to 10 billion (UPHS). DISCUSSION: Embeddings trained on published case reports performed as least as well as embeddings trained on other corpora in most tasks, and clinical corpora consistently outperformed non-clinical corpora. No single corpus produced a strictly dominant set of embeddings across all tasks and so the optimal training corpus depends on intended use. CONCLUSION: Embeddings trained on published case reports performed comparably on most clinical tasks to embeddings trained on larger corpora. Open access corpora allow training of clinically relevant, effective, and reproducible embeddings.

Ensemble Approaches to Recognize Protected Health Information in Radiology Reports.

Natural language processing (NLP) techniques for electronic health records have shown great potential to improve the quality of medical care. The text of radiology reports frequently constitutes a large fraction of EHR data, and can provide valuable information about patients' diagnoses, medical history, and imaging findings. The lack of a major public repository for radiological reports severely limits the development, testing, and application of new NLP tools. De-identification of protected health information (PHI) presents a major challenge to building such repositories, as many automated tools for de-identification were trained or designed for clinical notes and do not perform sufficiently well to build a public database of radiology reports. We developed and evaluated six ensemble models based on three publically available de-identification tools: MIT de-id, NeuroNER, and Philter. A set of 1023 reports was set aside as the testing partition. Two individuals with medical training annotated the test set for PHI; differences were resolved by consensus. Ensemble methods included simple voting schemes (1-Vote, 2-Votes, and 3-Votes), a decision tree, a naïve Bayesian classifier, and Adaboost boosting. The 1-Vote ensemble achieved recall of 998 / 1043 (95.7%); the 3-Votes ensemble had precision of 1035 / 1043 (99.2%). F1 scores were: 93.4% for the decision tree, 71.2% for the naïve Bayesian classifier, and 87.5% for the boosting method. Basic voting algorithms and machine learning classifiers incorporating the predictions of multiple tools can outperform each tool acting alone in de-identifying radiology reports. Ensemble methods hold substantial potential to improve automated de-identification tools for radiology reports to make such reports more available for research use to improve patient care and outcomes.

Preserving Patient Privacy During Computation over Shared Electronic Health Record Data.

Patient Electronic Health Records (EHRs) contain valuable clinical data that is useful for medical research and public health inquires. However, patient privacy regulation and improper resource sharing risks limit access to EHR medical data for research and public health purposes. In this paper, we introduce an end-to-end security solution that addresses both concerns and facilitates the sharing of patient EHR data over an unsecured third-party server using a leveled homomorphic encryption (LHE) scheme. Time testing for aggregating queries and linear computations was carried out using an HPE ProLiant DL580 Gen 10 server with an Intel Xeon Platinum 8280 Processor.

The National COVID Cohort Collaborative: Analyses of Original and Computationally Derived Electronic Health Record Data.

BACKGROUND: Computationally derived ("synthetic") data can enable the creation and analysis of clinical, laboratory, and diagnostic data as if they were the original electronic health record data. Synthetic data can support data sharing to answer critical research questions to address the COVID-19 pandemic. OBJECTIVE: We aim to compare the results from analyses of synthetic data to those from original data and assess the strengths and limitations of leveraging computationally derived data for research purposes. METHODS: We used the National COVID Cohort Collaborative's instance of MDClone, a big data platform with data-synthesizing capabilities (MDClone Ltd). We downloaded electronic health record data from 34 National COVID Cohort Collaborative institutional partners and tested three use cases, including (1) exploring the distributions of key features of the COVID-19-positive cohort; (2) training and testing predictive models for assessing the risk of admission among these patients; and (3) determining geospatial and temporal COVID-19-related measures and outcomes, and constructing their epidemic curves. We compared the results from synthetic data to those from original data using traditional statistics, machine learning approaches, and temporal and spatial representations of the data. RESULTS: For each use case, the results of the synthetic data analyses successfully mimicked those of the original data such that the distributions of the data were similar and the predictive models demonstrated comparable performance. Although the synthetic and original data yielded overall nearly the same results, there were exceptions that included an odds ratio on either side of the null in multivariable analyses (0.97 vs 1.01) and differences in the magnitude of epidemic curves constructed for zip codes with low population counts. CONCLUSIONS: This paper presents the results of each use case and outlines key considerations for the use of synthetic data, examining their role in collaborative research for faster insights.

Research Goal-Driven Data Model and Harmonization for De-Identifying Patient Data in Radiomics.

There are various efforts in de-identifying patient's radiation oncology data for their uses in the advancement of research in medicine. Though the task of de-identification needs to be defined in the context of research goals and objectives, existing systems lack the flexibility of modeling data and normalization of names of attributes for accomplishing them. In this work, we describe a de-identification process of radiation and clinical oncology data, which is guided by a data model and a schema of dynamically capturing domain ontology and normalization of terminologies, defined in tune with the research goals in this area. The radiological images are obtained in DICOM format. It consists of diagnostic, radiation therapy (RT) treatment planning, RT verification, and RT response images. During the DICOM de-identification, a few crucial pieces of information are taken about the dataset. The proposed model is generic in organizing information modeling in sync with the de-identification of a patient's clinical information. The treatment and clinical data are provided in the comma-separated values (CSV) format, which follows a predefined data structure. The de-identified data is harmonized throughout the entire process. We have presented four specific case studies on four different types of cancers, namely glioblastoma multiforme, head-neck, breast, and lung. We also present experimental validation on a few patients' data in these four areas. A few aspects are taken care of during de-identification, such as preservation of longitudinal date changes (LDC), incremental de-identification, referential data integrity between the clinical and image data, de-identified data harmonization, and transformation of the data to an underlined database schema.

Doctors Routinely Share Health Data Electronically Under HIPAA, and Sharing With Patients and Patients' Third-Party Health Apps is Consistent: Interoperability and Privacy Analysis.

Since 2000, federal regulations have affirmed that patients have a right to a complete copy of their health records from their physicians and hospitals. Today, providers across the nation use electronic health records and electronic information exchange for health care, and patients are choosing digital health apps to help them manage their own health and health information. Some doctors and health systems have voiced concern about whether they may transmit a patient's data upon the patient's request to the patient or the patient's health app. This hesitation impedes shared information and care coordination with patients. It impairs patients' ability to use the state-of-the-art digital health tools they choose to track and manage their health. It undermines the ability of patients' family caregivers to monitor health and to work remotely to provide care by using the nearly unique capabilities of health apps on people's smartphones. This paper explains that sharing data electronically with patients and patients' third-party apps is legally consistent under the Health Insurance Portability and Accountability Act (HIPAA) with routine electronic data sharing with other doctors for treatment or with insurers for reimbursement. The paper explains and illustrates basic principles and scenarios around sharing with patients, including patients' third-party apps. Doctors routinely and legally share health data electronically under HIPAA whether or not their organizations retain HIPAA responsibility. Sharing with patients and patients' third-party apps is no different and should be just as routine.

A study of deep learning methods for de-identification of clinical notes in cross-institute settings.

BACKGROUND: De-identification is a critical technology to facilitate the use of unstructured clinical text while protecting patient privacy and confidentiality. The clinical natural language processing (NLP) community has invested great efforts in developing methods and corpora for de-identification of clinical notes. These annotated corpora are valuable resources for developing automated systems to de-identify clinical text at local hospitals. However, existing studies often utilized training and test data collected from the same institution. There are few studies to explore automated de-identification under cross-institute settings. The goal of this study is to examine deep learning-based de-identification methods at a cross-institute setting, identify the bottlenecks, and provide potential solutions. METHODS: We created a de-identification corpus using a total 500 clinical notes from the University of Florida (UF) Health, developed deep learning-based de-identification models using 2014 i2b2/UTHealth corpus, and evaluated the performance using UF corpus. We compared five different word embeddings trained from the general English text, clinical text, and biomedical literature, explored lexical and linguistic features, and compared two strategies to customize the deep learning models using UF notes and resources. RESULTS: Pre-trained word embeddings using a general English corpus achieved better performance than embeddings from de-identified clinical text and biomedical literature. The performance of deep learning models trained using only i2b2 corpus significantly dropped (strict and relax F1 scores dropped from 0.9547 and 0.9646 to 0.8568 and 0.8958) when applied to another corpus annotated at UF Health. Linguistic features could further improve the performance of de-identification in cross-institute settings. After customizing the models using UF notes and resource, the best model achieved the strict and relaxed F1 scores of 0.9288 and 0.9584, respectively. CONCLUSIONS: It is necessary to customize de-identification models using local clinical text and other resources when applied in cross-institute settings. Fine-tuning is a potential solution to re-use pre-trained parameters and reduce the training time to customize deep learning-based de-identification models trained using clinical corpus from a different institution.

De-identification of clinical notes via recurrent neural network and conditional random field.

De-identification, identifying information from data, such as protected health information (PHI) present in clinical data, is a critical step to enable data to be shared or published. The 2016 Centers of Excellence in Genomic Science (CEGS) Neuropsychiatric Genome-scale and RDOC Individualized Domains (N-GRID) clinical natural language processing (NLP) challenge contains a de-identification track in de-identifying electronic medical records (EMRs) (i.e., track 1). The challenge organizers provide 1000 annotated mental health records for this track, 600 out of which are used as a training set and 400 as a test set. We develop a hybrid system for the de-identification task on the training set. Firstly, four individual subsystems, that is, a subsystem based on bidirectional LSTM (long-short term memory, a variant of recurrent neural network), a subsystem-based on bidirectional LSTM with features, a subsystem based on conditional random field (CRF) and a rule-based subsystem, are used to identify PHI instances. Then, an ensemble learning-based classifiers is deployed to combine all PHI instances predicted by above three machine learning-based subsystems. Finally, the results of the ensemble learning-based classifier and the rule-based subsystem are merged together. Experiments conducted on the official test set show that our system achieves the highest micro F1-scores of 93.07%, 91.43% and 95.23% under the "token", "strict" and "binary token" criteria respectively, ranking first in the 2016 CEGS N-GRID NLP challenge. In addition, on the dataset of 2014 i2b2 NLP challenge, our system achieves the highest micro F1-scores of 96.98%, 95.11% and 98.28% under the "token", "strict" and "binary token" criteria respectively, outperforming other state-of-the-art systems. All these experiments prove the effectiveness of our proposed method.

De-identification of medical records using conditional random fields and long short-term memory networks.

The CEGS N-GRID 2016 Shared Task 1 in Clinical Natural Language Processing focuses on the de-identification of psychiatric evaluation records. This paper describes two participating systems of our team, based on conditional random fields (CRFs) and long short-term memory networks (LSTMs). A pre-processing module was introduced for sentence detection and tokenization before de-identification. For CRFs, manually extracted rich features were utilized to train the model. For LSTMs, a character-level bi-directional LSTM network was applied to represent tokens and classify tags for each token, following which a decoding layer was stacked to decode the most probable protected health information (PHI) terms. The LSTM-based system attained an i2b2 strict micro-F1 measure of 0.8986, which was higher than that of the CRF-based system.

Electronic Communication of Protected Health Information: Privacy, Security, and HIPAA Compliance.

PURPOSE: Technology has enhanced modern health care delivery, particularly through accessibility to health information and ease of communication with tools like mobile device messaging (texting). However, text messaging has created new risks for breach of protected health information (PHI). In the current study, we sought to evaluate hand surgeons' knowledge and compliance with privacy and security standards for electronic communication by text message. METHODS: A cross-sectional survey of the American Society for Surgery of the Hand membership was conducted in March and April 2016. Descriptive and inferential statistical analyses were performed of composite results as well as relevant subgroup analyses. RESULTS: A total of 409 responses were obtained (11% response rate). Although 63% of surgeons reported that they believe that text messaging does not meet Health Insurance Portability and Accountability Act of 1996 security standards, only 37% reported they do not use text messages to communicate PHI. Younger surgeons and respondents who believed that their texting was compliant were statistically significantly more like to report messaging of PHI (odds ratio, 1.59 and 1.22, respectively). DISCUSSION: A majority of hand surgeons in this study reported the use of text messaging to communicate PHI. Of note, neither the Health Insurance Portability and Accountability Act of 1996 statute nor US Department of Health and Human Services specifically prohibits this form of electronic communication. To be compliant, surgeons, practices, and institutions need to take reasonable security precautions to prevent breach of privacy with electronic communication. CLINICAL RELEVANCE: Communication of clinical information by text message is not prohibited under Health Insurance Portability and Accountability Act of 1996, but surgeons should use appropriate safeguards to prevent breach when using this form of communication.

Pagers, Smartphones, and HIPAA: Finding the Best Solution for Electronic Communication of Protected Health Information.

Electronic communication is a topic that applies broadly to the professional activities of every physician and the pager has been the gold standard of communication for decades. We believe that this is a dated technology that is holding clinicians back from better, more efficient alternatives, particularly smartphones. In this manuscript, we examine the paradoxical reliance on pagers in academic medicine, at a time when the use of smartphones and text messaging is the subject of intense scrutiny with respect to its standing under the Health Insurance Portability and Accountability Act (HIPAA). We provide previously unreported data regarding the electronic communication practices of academic medical centers in the United States, which we obtained through a survey of Designated Institutional Officials. These data highlight both the controversy around text messaging and HIPAA and a puzzling widespread reliance on pagers as an alternative.

Security Techniques for the Electronic Health Records.

The privacy of patients and the security of their information is the most imperative barrier to entry when considering the adoption of electronic health records in the healthcare industry. Considering current legal regulations, this review seeks to analyze and discuss prominent security techniques for healthcare organizations seeking to adopt a secure electronic health records system. Additionally, the researchers sought to establish a foundation for further research for security in the healthcare industry. The researchers utilized the Texas State University Library to gain access to three online databases: PubMed (MEDLINE), CINAHL, and ProQuest Nursing and Allied Health Source. These sources were used to conduct searches on literature concerning security of electronic health records containing several inclusion and exclusion criteria. Researchers collected and analyzed 25 journals and reviews discussing security of electronic health records, 20 of which mentioned specific security methods and techniques. The most frequently mentioned security measures and techniques are categorized into three themes: administrative, physical, and technical safeguards. The sensitive nature of the information contained within electronic health records has prompted the need for advanced security techniques that are able to put these worries at ease. It is imperative for security techniques to cover the vast threats that are present across the three pillars of healthcare.

Past, Present, and Future of Informed Consent in Pain and Genomics Research: Challenges Facing Global Medical Community.

In recent decades, there has been a revision of the role of institutional review boards with the intention of protecting human subjects from harm and exploitation in research. Informed consent aims to protect the subject by explaining all of the benefits and risks associated with a specific research project. To date, there has not been a review published analyzing issues of informed consent in research in the field of genetic/Omics in subjects with chronic pain, and the current review aims to fill that gap in the ethical aspects of such investigation. Despite the extensive discussion on ethical challenges unique to the field of genetic/Omics, this is the first attempt at addressing ethical challenges regarding Informed Consent Forms for pain research as the primary focus. We see this contribution as an important one, for while ethical issues are too often ignored in pain research in general, the numerous arising ethical issues that are unique to pain genetic/Omics suggest that researchers in the field need to pay even greater attention to the rights of subjects/patients. This article presents the work of the Ethic Committee of the Pain-Omics Group (www.painomics.eu), a consortium of 11 centers that is running the Pain-Omics project funded by the European Community in the 7th Framework Program theme (HEALTH.2013.2.2.1-5-Understanding and controlling pain). The Ethic Committee is composed of 1 member of each group of the consortium as well as key opinion leaders in the field of ethics and pain more generally.

Toward Proper Authentication Methods in Electronic Medical Record Access Compliant to HIPAA and C.I.A. Triangle.

This paper examines various methods encompassing the authentication of users in accessing Electronic Medical Records (EMRs). From a methodological perspective, multiple authentication methods have been researched from both a desktop and mobile accessibility perspective. Each method is investigated at a high level, along with comparative analyses, as well as real world examples. The projected outcome of this examination is a better understanding of the sophistication required in protecting the vital privacy constraints of an individual's Protected Health Information (PHI). In understanding the implications of protecting healthcare data in today's technological world, the scope of this paper is to grasp an overview of confidentiality as it pertains to information security. In addressing this topic, a high level overview of the three goals of information security are examined; in particular, the goal of confidentiality is the primary focus. Expanding upon the goal of confidentiality, healthcare accessibility legal aspects are considered, with a focus upon the Health Insurance Portability and Accountability Act of 1996 (HIPAA). With the primary focus of this examination being access to EMRs, the paper will consider two types of accessibility of concern: access from a physician, or group of physicians; and access from an individual patient.

CRFs based de-identification of medical records.

De-identification is a shared task of the 2014 i2b2/UTHealth challenge. The purpose of this task is to remove protected health information (PHI) from medical records. In this paper, we propose a novel de-identifier, WI-deId, based on conditional random fields (CRFs). A preprocessing module, which tokenizes the medical records using regular expressions and an off-the-shelf tokenizer, is introduced, and three groups of features are extracted to train the de-identifier model. The experiment shows that our system is effective in the de-identification of medical records, achieving a micro-F1 of 0.9232 at the i2b2 strict entity evaluation level.