What is an Electronic Health Record?
An Electronic Health Record (EHR) is a longitudinal collection of the health information record of a patient and is centrally stored in an electronic format that can be easily transmitted and shared among many providers across a health system. The EHR contains a patient’s demographics; progress notes; problems; medications; vital signs; past medical history; immunizations; laboratory data and radiology reports.
Researchers at the Privacy and Cyber Crime Institute at Ryerson University are conducting an important and forward-looking research in Canada’s Electronic Health Records (EHR) project relating to patient concern in information privacy. Transforming existing healthcare from paper records to computerized digital information creates privacy and security challenges, which may result in privacy violations and loss of trust from patients when EHR is being implemented. Such privacy and security violations resulting in patient mistrust toward their health service providers were evidenced in many cases in the United States.
The objectives of this survey are:
- To understand the level of privacy concern for patients on the digitized health information and Electronic Health Record system in Ontario; and
- To obtain risk perceptions and choice of action-decision on a set of hypothetical scenarios
The research area of interest is in looking at patients' and doctor's perspectives on an EHR and in the potential trade-off between privacy and clinical utility. The premise is that in a fully functioning EHR, much more information on patients' current and historical health treatment is shared across the electronic health record information system making it vulnerable to privacy breaches. This also means that should such a breach occur, potentially comprehensive information will be exposed. However, it should also allow for better clinical decision-making since doctors, pharmacists and nurses will have access to much more information on the patient's health and treatments.
Although EHR systems have not been fully implemented, some functions such as diagnostic imaging and patients’ registry of EHR systems have been implemented, while other components are still in design or partially implemented. Therefore, there may be opportunity for the results of this research to suggest changes in EHR. This study explores patient concern for privacy and facilitates an understanding of the informational needs of health service providers in relation to the efficacy of the project objective and implementation.
Results of the research will be published at an aggregate level. This research has been approved by Ryerson University Research Ethics Board adhering to the published guidelines of the Canadian Institutes of Health Research, the Natural Sciences and Engineering Research Council, and the Social Sciences and Humanities Research Council.
The research is led by Professor Roy Ng (Ryerson University Privacy and Cyber Crime Institute) as principal investigator with Professor Avner Levin (Ryerson University Privacy and Cyber Crime Institute) and Professor Rick Audas (Memorial University, Faculty of Medicine) as co-investigators.
Should you have any questions, please feel free to email us: firstname.lastname@example.org
Roy Ng, DBA (c), CISA, CISSP, PMP, SCPM (Stanford)
Privacy and Cyber Crime Research Institute