Confidentiality and health: a literature review

Abstract

Confidentiality in the growing Electronic Patient Records is a heated argument in the current world with heavy political involvement; this paper aims at learning how to achieve EPRs confidentiality through security policies to satisfy privacy legislations electronic health provisions. The literature part initially focuses on concepts involved in general and information security policies, and moves on towards the concepts of information security policy concepts, modules and mechanisms within the healthcare industry literature. The merits and demerits of these concepts will be discussed and an efficient model will be proposed in the discussion part. The paper discusses about finding efficient and effective approaches for formulating, implementing and refining security policies, and in enforcing them with appropriate procedures; and in analysing human behaviours to achieve the objective of achieving EPRs confidentiality. These information security policy modules and mechanisms includes of the Individual Identifiable Micro-data Technique, ETHICS method and Information Assurance policy compliance framework. The premise of this research also provide launch space with opportunities for future research.