via NHSnet) you may wish to ensure that your e-mail server has central control over a shared address book, with limited access rights to alter it and to reply to external addresses. If you connect to the Internet at work (e.g. Make sure that your screen shows information only to people who are entitled to see it. Most systems can be set to log out automatically by default under these circumstances and this makes good sense.
Clearly you don't want your Internet-linked clinical system or home computer to be burnt, flooded, stolen, hit by lightning, damaged by third party software, or accessed by untrained staff or inappropriate people.You will need to back it up properly, look after the backups, and periodically reconstitute the system from backups so that you know it will work if you ever need it.Įnsure that your terminal or PC is left logged out when you are apart from it for a reasonable length of time. It is helpful to imagine your connected system as resembling a data stream right from your keyboard to that of the recipient, and to consider the risks along the way.Įven before you connect, your data is at risk. The risks are internal, external, and random, and can result in data damage, falsification, loss, or leakage. But what if such troublemakers are part of the system, or even own it?Ĭlearly, a simple `cops and robbers' model does not offer enough protection, highlighting the need to ensure data security at multiple levels. Today computer `security' is typically perceived to mean keeping hackers (those attempting unauthorized computer access) and other troublemakers from your private data. It was business-like, simple, ignorant, cruel, and an example of the damage that medical data can do in the wrong hands. It coolly compared the records against its personal bank accounts, and foreclosed on the loans of all account holders with a diagnosis of cancer. A few years ago, a bank in the Midwest USA purchased a hospital along with its medical records. Security tends to be the progeny of scandal. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. This can then be verified against the sender's public key.
There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS.
Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME).
We are giving some advice on how to protect local data. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We introduce the issues around protecting information about patients and related data sent via the Internet.