Term Paper on "Patients Privacy"

>

In certain types of medical research, shared pathology plays an important role in the development of treatment protocols for certain disease pathologies. Medical researchers must be able to mine this information, yet must continue to maintain patient privacy. The National Cancer Research Institute has developed the Shared Pathology Informatics Network (SPIN) in order to allow participating institutions to access patient databases for research purposes (National Cancer Institute, 2000). SPIN will create a web-based system that will allow access to archived human specimens in different databases. The system uses encryption technology to protect the patient's name and identifying information.

Information technology plays an important role in public heath practice. Informatics in the public health arena merges several disciplines. For instance, at the Center for Disease Control (CDC), informatics combines mathematics, statistics, computer science and molecular biology (McNabb. Et al, 2006). Timeliness of the information and the ability to share information quickly helps the CDC to control disease outbreaks more quickly and effectively. One of the most important uses of informatics at the CDC is the early detection of disease outbreaks before they become major epidemics. In order to accomplish this task, the CDC has launched a national initiative called BioSense. This system will facilitate the automatic detection and visual algorithms to help spot patterns in disease before they become major epidemics (Loonsk, 2004).

As one can see, various agencies use the information obtained through informatics in various ways. The CDC is primarily interested in statistical data. They are less interested in individual patients than research organizations such as the National Cancer Institute that must rely on case analysis. Various levels of patient information as needed in different applications of informatics systems. Some databases need patient-specific information in order to validate the results of their research. Organizations that need a high level of patient-specific information must make confidentiality a priority, yet they must do so in a way that does not compromise the integrity of relevance of the data.

One of the most difficult settings in which to accomplish this task is the health care facility where medical personnel must interact directly with the patients themselves. Often the medical personnel enter the information directly into a computer that is wheeled around from bed to bed. The information must be displayed on the screen, but the medical personnel be careful that private information is not provided for anyone that passes by the screen while the practitioner is working with the patient. HIPAA established strict laws regarding the sharing of patient information and their responsibility to protect patient's private information (OCR, 2003). A number of systems are already in place to help protect patient information, but the system is not foolproof at the current time.

Current Solutions to the Problem

Systems currently available use a variety of techniques to keep patient information confidential. Some systems, such as BioSense used by the CDC, completely removes personal information from the file. The purpose of the CDC is to assess information on a macro level. Individual patient information is reduced to its numerical components for statistical analysis. SPIN, used by the National Cancer Research Institute, does not strip all of the personal information from the file, but rather encodes it so that it cannot be recognized. The National Cancer Research Institute does not need all of the personal information of the patient. They primarily deal with statistics. However, sometimes they may need to verify certain facts about a particular case in order to rule out confounding variables from a study.

By examining the various systems in place to protect patient information, it becomes apparent that those systems must meet the individual needs of the agencies that use them. The closer the practitioner is to the patient, the more difficult it is to protect their vital information. The bedside nurse or doctor cannot strip personal information from their patient database. They must know who the person is, and be able to verify that the information on the screen matches the person that is in front of them. If they cannot positively identify the patient, the ramifications could be costly, if not deadly. The ability to match personal information with the patient is critical in avoiding medical mistakes. This is the most difficult scenario from an informatics perspective, as the practitioner must be able to see and use confidential information, yet they must protect it from others at the same time. Often, the bedside practitioner is more concerned about the safety of the patient, than federal requirements. It is up to the information officer to find a solution to this difficult situation.

Proposed Solution

Health information systems must meet the qualifications of reducing medical errors, providing access and the ability to use health information by consumers, be useful in patient decision-making, and to improve patient quality of care and safety (Lerouge, Culijak, & Horan, 2007). Data mining is used in the health care industry to search for information related to specific disease conditions. Projects such as SPIN are an example of data mining. Patient information in these databases is derived from patients and the practitioners that are in direct contact with them. The data then goes into the organization database, where it can be distributed, sold, or accessed by others at a late time.

Algorithms are he most common means to obscure confidential patient information from prying eyes. However, there have been documented cases where information coded by algorithms was decoded by individuals and used for targeted sales and marketing (Conn, 2006). Many of these programs use a single algorithm to encode patient information. If someone gets the algorithm, or discovers the pattern, they have open access to the information. The solution to the problem lies in the development of software that uses a layered series of algorithms. Each algorithm would become increasingly complex, as the confidentiality of the information increased. Various levels of users would have access to a certain level of information, controlled by an algorithm for that particular layer of information.

Currently, there is no software available that offers a layered system of algorithms to protect different layers of patient information. For instance, the user of the data would have to be provided the passcode to access certain levels of information. Each algorithmically protected layer would have a series of passcodes to protect it. As the information became more sensitive, the complexity of the algorithm and… READ MORE