Information Systems Security and Privacy


The proliferation of e-health holds great promises in sharing medical data, improving healthcare quality, saving patient lives and reducing costs. However, these potential benefits also bring much attention to the issues of information privacy. Given that medical data disclosure is the second highest reported breaches, it is imperative to understand both information privacy and its context in healthcare. Just as lack of appropriate privacy measures might cause economic harm or denied service from insurance or employers, tight privacy can prevent care providers from accessing patient information in time to save lives. This paper takes an integrated look into the area of healthcare information privacy from both MIS and health informatics perspectives. Based on the literature review and our personal communication with health informatics experts, we identified and presented four major themes: 1) scope and definition of privacy and electronic health records, 2) the information privacy issues and threats, 3) the countermeasures used to address and manage information privacy and 4) why privacy responses matter. This paper provides a unique perspective to privacy in the context of healthcare by focusing on the issues, the matching countermeasures and the drivers behind organizational behaviors into how they manage these threats.