Integrated personal health record (PHR) security: requirements and mechanisms

Azamossadat Hosseini; Hassan Emami; Yousef Sadat; Somayeh Paydar

doi:10.1186/s12911-023-02225-0

BMC Medical Informatics and Decision Making (Jul 2023)

Integrated personal health record (PHR) security: requirements and mechanisms

Azamossadat Hosseini,
Hassan Emami,
Yousef Sadat,
Somayeh Paydar

Affiliations

Azamossadat Hosseini: Health Information Management (HIM), Department of Health Information Technology and Management, School of Allied Medical Sciences, Shahid Beheshti University of Medical Sciences
Hassan Emami: Management of Technology, Department of Health Information Technology and Management, School of Allied Medical Sciences, Shahid Beheshti University of Medical Sciences
Yousef Sadat: Health Information Management (HIM), Department of Health Information Technology, Faculty of Paramedicine, Hormozgan University of Medical Sciences
Somayeh Paydar: Health Information Management (HIM), Department of Health Information Technology, School of Paramedical Sciences, Kermanshah University of Medical Sciences

DOI: https://doi.org/10.1186/s12911-023-02225-0
Journal volume & issue: Vol. 23, no. 1
pp. 1 – 7

Abstract

Read online

Abstract Background Personal Health Records (PHRs) are designed to fulfill the goals of electronic health (eHealth) and empower the individual in the process of self-care. Integrated PHR can improve the quality of care, strengthen the patient-healthcare provider relationship, and reduce healthcare costs. Still, the process of PHR acceptance and use has been slow and mainly hindered by people’s concerns about the security of their personal health information. Thus, the present study aimed to identify the Integrated PHR security requirements and mechanisms. Methods In this applied study, PHR security requirements were identified with a literature review of (library sources, research articles, scientific documents, and reliable websites). The identified requirements were classified, and a questionnaire was developed accordingly. Thirty experts completed the questionnaire in a two-round Delphi technique, and the data were analyzed by descriptive statistics. Results The PHR security requirements were identified and classified into seven dimensions confidentiality, availability, integrity, authentication, authorization, non-repudiation, and right of access, each dimension having certain mechanisms. On average, the experts reached an agreement about the mechanisms of confidentiality (94.67%), availability (96.67%), integrity (93.33%), authentication (100%), authorization (97.78%), non-repudiation (100%), and right of access (90%). Conclusion Integrated PHR security is a requirement for its acceptance and use. To design a useful and reliable integrated PHR, system designers, health policymakers, and healthcare organizations must identify and apply security requirements to guarantee the privacy and confidentiality of data.

Published in BMC Medical Informatics and Decision Making

ISSN: 1472-6947 (Online)
Publisher: BMC
Country of publisher: United Kingdom
LCC subjects: Medicine: Medicine (General): Computer applications to medicine. Medical informatics
Website: http://bmcmedinformdecismak.biomedcentral.com

About the journal

Abstract

Keywords