Information security foundations for the interoperability of electronic health records

Electronic Health Records (EHRs) are clearly in the future of medicine and will provide benefits to all parties. Accurate and timely health record information is essential and dependent upon the security of the system and the security of related, interconnected systems. The current methodology of broad regulatory guidance and letting industry do its best has failed in the financial sector where identity theft has become a significant crime. Allowing the same outcome to occur in EHRs will both limit the efficiency, effectiveness and interoperability of systems. The solution is to incorporate security from the ground up in a fashion similar to national security systems. To do so across the myriad of players in healthcare will require regulation. This paper explores the foundation for technical solutions and proposes security mechanisms to protect EHRs.