Home > Articles > Military Health System study analyzes privacy challenges

Military Health System study analyzes privacy challenges

BOSTON – Considering the privacy issues with the Veterans Affairs (VA) recently, military health data privacy has been a hot-button issue in the healthcare sector lately. It seems as though the Military Health System concurs with the notion that a more formalized privacy procedures need to be put in place.

During last week’s HIMSS Privacy and Security Forum, Rosemary Nelson, President and CEO of MDM Strategies, Inc., and Loretta Schlachta-Fairchild, President and CEO of iTelehealth discussed the Military Health System’s recent research findings. The study focused on patient privacy and identity management concerns.

Nelson explained that, at a base level, since the government has to take care of veterans’ healthcare and data, their information will at some point have to be transported between the Department of Defense DoD and VA. Military data, with more veterans than ever, will be flowing between DoD, VA and a network provider of some kind.

You not only need interoperability but also patient privacy and identity management parameters in place to allow all of this transfer. DoD decided it had to identify the policies and standards that are currently in place and need to be in place to ensure that patient privacy and identity management are set for data transfer among those three entities.

The Military Health System did the literature review to see the technology challenges that are out there, where the gaps are and where we need to go. (Office of the National Coordinator for Health Information Technology (ONC) Chief Privacy Officer Joy Pritts was included in the review.) Nelson said the next step in the process would be a definitive DoD handbook for patient privacy and identity management. “We have the gaps, now deciding which standards need to be considered (such as SIMI for cloud),” she said. “DoD and VA play same game as healthcare organizations. They need to be investigated on HIPAA regulations to avoid being on the Department of Health and Human Services (HHS) wall of shame and avoid loss of reputation.”

Improving technology to avoid data leaks and breaches

Though the report was more than 300 pages, the primary patient privacy concepts that involve technology in the grey literature may be the most relevant to HealthITSecurity.com readers.

According to the study, 29 sources (23 percent of respondents) said improving technology to prevent data leaks and breaches is important. The themes included electronic health records (EHRs), health information exchange (HIE), personal health records (PHRs), mobile devices, remote monitoring systems and wireless sensor networks (WSNs), radio-frequency identification (RFID), Web-based e-Health resources and cloud-based solutions.

EHRs – EHR security is vital to patient privacy and authentication plays a large role in securing patient data.

Authentication solutions are vital for ensuring that only authorized users of health information gain access to EHR data, and two-factor authentication is becoming the standard. Two-factor authentication typically combines a password with a token, smart card, or biometric identifier (Snyder, 2013). Tokens are often useful for allowing secure remote access, for example in ambulatory settings where mobility is important (VASCO, 2011). Smart cards securely store patient information on an embedded computer chip with tamper-resistant features. They support advanced cryptographic methods to secure data, and they can be used in conjunction with biometrics for higher levels of security (Magrath, 2012).

HIEs – Privacy must also be considered in PHI exchange among healthcare organizations. The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) offered a “five-layer methodology for successful HIE security technology identification and selection.”

1. Develop capstone policies to incorporate all requirements and guidance for protecting PHI within HIE. These policies may be driven by laws or regulations, organizational policies, or business needs.

2. Identify the enabling services required to implement capstone policies.

3. Remember that enabling processes define the operational baseline via use cases and scenarios for enabling services.

4. Notional architectures define the technical constructs to implement enabling processes.

5. Technology solutions and standards are selected to implement the national architecture (Scholl et al., 2010).

Personal Health Records

PHRs, used to manage, store, and share health data, allow patients to keep important medical information close at hand. However, as patients gain the ability to keep and copy their health records, they will face new risks to the security of their sensitive information (Huang et al., 2009). Protecting the personal health information stored on PHRs is vital for protecting patient privacy.

Web-based PHRs – RSA Security Inc. highlighted four major challenges to achieving secure Web access in today’s environment in 2009:

1. The number of regulations with which organizations must comply is increasing
2. The number of external users requiring access is increasing
3. The use of Web-based collaboration tools is becoming more prevalent
4. The threat landscape “has continued to grow more sophisticated and international in scope.”

Web-based PHR providers need to consider these challenges to hel;p ensure that patient data remains secure and private.

Portable PHRs

Marupally et al. (2009) proposed a portable health record that incorporates smart card security and USB flash storage encryption technology. They based their PHR architecture on a Smart Enterprise Guardian (SEG), which is a USB device that secures identity credentials and sensitive files with proven smart card technology. Major features of their enhanced portable health record included “strong multifactor authentication using biometrics, public key infrastructure to verify the credentials of the applicants, SSL based authentication protocol suite for authorization and secure online updates, [and] local backup to store patient data.”

Mobile Devices –Pfeiffer et al. (2012) noted, however, “sharing sensitive patient data in a large distributed and heterogeneous environment inherently raises a plethora of security and privacy risks.” Privacy concerns related to mobile devices include maintaining patient privacy of electronically stored health information, protecting against unauthorized access, and the risk of lost or stolen phones that contain unencrypted data (Manos, 2013). The ONC also offered these tips:

- Use a password or other user authentication

- Install and enable encryption

- Install and activate remote wiping and/or remote disabling

- Disable and do not install or use file sharing applications

- Install and enable a firewall

- Install and enable security software

Remote Monitoring Systems and Wireless Sensor Networks

Remote monitoring systems’ and wireless sensor networks’ privacy challenge is to secure the transmission of data from the patient to sensors and from the sensors to the network. Ivanov et al. (2010) use biometric authentication at both points, coupled with encryption, to secure communication of data. Misic (2008) proposes implementation of security processors combined with encryption. Elkhodr, Shahrestani, and Cheung (2011) use Transport Layer Security (TLS) as the underlying protocol to develop a trust negotiation approach, authenticating the person receiving the care, the person administering it, the device accessing the information, and the location where the healthcare is administered.

Radio-frequency Identification (RFID)

Researchers have proposed RFID-based solutions to address issues with the efficiency of care, patient medication safety, and human medical error. Perez et al. (2012) note that RFID systems may be used in healthcare to locate patients in different areas of a hospital; measure patient care times and waiting times; identify unitary doses of medication; and ensure the correct matching between the patient and the prescribed medication. Yeh, Lo, and Wang (2012), however, demonstrate how patient information may be intercepted during the transmission process. They propose a “Patient Privacy-Aware E-Health System” in which a patient’s smartcard is used to encrypt information contained in a RFID tag, and anonymous authentication mechanisms are used to confirm legitimacy.

Web-based e-Health Resources

NIST has awarded more than $9 million in grants to five organizations to pilot projects targeted at enhanced online security and privacy (NIST, 2012). Hong, Patrick, and Gillis (2008) reviewed 30 Health On the Net Foundation Code of Conduct (HONcode) accredited e-Health Web sites providing online appointment services. The HONcode was initiated by the Health On the Net Foundation and includes such ethical aspects as confidentiality, transparency, and advertising policy. The researchers found that existing “regulations and guidelines do not ensure that privacy protection and data security is done appropriately or well.”

They propose these tips to maintain the e-Health user’s right to privacy:

- Utilize a user ID and password

- Use SSL Certificate Encryption and display the secured Seal to let the user know transactions are secure

- Provide an easily accessible statement or link to the privacy policy of the site that is clearly understandable to the user

- Do not collect name, birthday, phone number, e-mail address, or any other personal information unless voluntarily provided by the user after the user is informed about the potential use of such information

- Do not collect SSN, personal medical information, and other sensitive personal information without the express consent of the user after the user is informed about the potential use of such information Peng et al. (2010) examined the use of online digital media, such as videos, in patient training, education, and counseling. They note that privacy concerns often prevent multiple competitive organizations from sharing and integrating their patient training videos, and patients with certain conditions may be concerned about organizations identifying who they are or the content they are viewing.

Cloud-based Solutions

Traditional security technologies like firewalls, antivirus, and intrusion detection systems were designed to protect local resources only; as a result, they are limited in their effectiveness to maintain the security of cloud-based resources (Granneman, 2012). Healthcare organizations are increasingly looking to cloud-based solutions to meet the mandate for a full transition to electronic records by 2014.

In a 2010 presentation, the Information Security and Identity Management Committee (ISIMC) of the U.S. government CIO Council outlined its “Federal Cloud Security Top 20.” Its guidelines and recommendations emphasize encryption that is data element centric (rather than system centric); strong key management; and Identity, Credentialing, and Access Management (ICAM). Specifically in regard to privacy, it highlights the need to:

- Identify and control the physical location of data and access to the cloud environment

- Conduct Privacy Impact Assessments (PIA)

- Implement federal privacy requirements such as the Information Practice Principles (FIPPs)

- Develop an incident response plan that uses tools, techniques, and training that are tailored to a cloud environment

Related White Papers:
Related Articles:


HealthIT Security Watch
Stay informed with our industry-leading weekly email