Patient's Information Privacy and Data Protection

Authors

  • Samanta Mikuletič University of Primorska, Faculty of Health Sciences
  • Tamara Štemberger Kolnik University of Primorska, Faculty of Health Sciences
  • Boštjan Žvanut University of Primorska, Faculty of Health Sciences

Keywords:

nursing, information technologies, security policy, confidentiality, healthcare data

Abstract

In practice, there is a considerable risk of information security violation of the patients' personal data. Results of literature review indicate an extremely bad situation in this field. Hence, the aim of this study was to identify the reasons for such a risky situation. A qualitative study was performed in May and June 2013. Experts in the field of nursing and informatics in nursing from primary, secondary, and tertiary levels of healthcare were interviewed (4 nursing managers, 3 IT managers and one expert in both fields). The presence of the following elements, which could potentially increase the likelihood of information security violation, were identified form the interview transcripts: ‟Insufficient knowledge in the field of informatics,” ‟Unfamiliarity with the information security concept”, and ‟The absence of a formal security policy in the field of information security”. The presence of the aforementioned elements in Slovenian nursing practice indicates an alarming
situation in the field of nursing informatics and health care informatics in Slovenia. Special attention should be put to this problem immediately, as it represents a time bomb in the process of protecting the patients' rights and interests. Based on our findings, a warning mechanism for protecting the patients' data privacy should be established. Furthermore, the awareness of healthcare workers' responsibility for these data should be raised.

References

Albarrak, A. (2012). Information security behavior among nurses in an academic hospital. HealthMED, 6, št. 7, str. 2349–2354.

American Nurses Association. (2008). Scope and standards of nursing informatics practice. 2nd ed. American Nurses Publishing.

Brezavšček, A. in Moškon, S. (2010). Vzpostavitev sistema za upravljanje informacijske varnosti v organizaciji. Uporabna informatika, 2, št. 18, str. 101–108.

Cartlidge, A., Hanna, A., Rudd, C., Macfarlane, I.and Windebank, J. (2007). An introductory overview of ITIL® V3. Norwich: The UK Chapter of the itSMF.

Chang, J., Poynton, M. R., Gassert, C. A. and Staggers, N. (2011). Nursing informatics competencies required of nurses in Taiwan. International journal of medical informatics, 80, št. 5, str. 332–340.

Dimitropoulos, L., Patel, V., Scheffler, S. A. and Posnack, S. (2011). Public attitudes toward health information exchange: perceived benefits and concerns. American Journal of Managed Care, 17, št. 12, Spec. No., str. 111–116.

Dixon, B. E. and Newlon, C. M. (2010). How do future nursing educators perceive informatics? Advancing the nursing informatics agenda through dialogue. Journal of Professional Nursing, 26, št. 2, str. 82–89.

Fetter, M. S. (2009). Baccalaureate nursing students’ information technology competence – agency perspectives. J Prof Nurs 25, 42–49.

Glaser, J. and Aske, J. (2010). Healthcare IT trends raise bar for information security. Healthcare Financial Management, 64, št. 7, str. 40–44.

Gradišar, M. (2003). Uvod v informatiko. Ljubljana: Ekonomska fakulteta.

Green, M. D. and Rubin, A. D. (2011). A research roadmap for healthcare IT security inspired by the PCAST health information technology report. V: Proceedings of the 2nd USENIX Conference on Health Security and Privacy. USENIX Association, San Francisco, CA, str. 5–5.

Informacijski pooblaščenec Republike Slovenije, n. d. Evropske smernice za zdravstvene delavce o zaupnosti in zasebnosti v zdravstvu. Pridobljeno dne 10. 11. 2014 s svetovnega spleta: https://www.ip-rs.si/fileadmin/user_upload/Pdf/Evropske_smernice_za_zdravstvene.pdf.

ISO (n.d.). ISO/IEC 27000:2009 - Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary. Pridobljeno dne 12. 8. 2013 s svetovnega spleta: http://www.iso.org/iso/catalogue_detail?csnumber=41933.

IT Governance Institute (2007). COBIT. Rolling Meadows, IL: IT Governance Institute.

Ivanko, Š. (2007). Raziskovanje in pisanje del: metodologija in tehnologija raziskovanja in pisanja strokovnih in znanstvenih del. Kamnik: Cubus image.

Kodeks etike medicinskih sester in zdravstvenih tehnikov Slovenije – 2005 (2010). Uradni list Republike Slovenije, št. 40.

Lampe, R. (2004). Sistem pravice do zasebnosti. Ljubljana: Bonex.

McNeil, B. J., Elfrink, V. L., Pierce, S. T., Beyea, S. C., Bickford, C. J. and Averill, C. (2005). Nursing informatics knowledge and competencies: a national survey of nursing education programs in the United States. International Journal of Medical Informatics, 74, št. 11-12, str. 1021–1030.

Ministrstvo za zdravje, n. d. Sistem za upravljanje z informacijsko varnostjo - SUVI Pridobljeno dne 11. 12. 2014 s svetovnega spleta: http://www.ezdrav.si/?page_id=158.

Neame, R. (2008). Privacy and health information: health cards offer a workable solution. Informatics in Primarycare, 16, št. 4, str. 263–270.

Neuman, W. L. (2006). Social research methods: qualitative and quantitative approaches. Boston: Pearson.

Polito, J. M. (2012). Ethical considerations in internet use of electronic protected health information. Neurodiagnostic Journal, 52, št. 1, str. 34–41.

Prijatelj, V., Dornik, E., Rajkovič, U. in Žvanut, B. (2011). Razvoj informatike v zdravstveni negi v Sloveniji. Ljubljana: Slovensko društvo za medicinsko informatiko, Sekcija za informatiko v zdravstveni negi.

Staggers, N., Gassert, C.A. and Curran, C. (2002). A Delphi study to determine informatics competencies for nurses at four levels of practice. Nursing Research, 51, št. 6, str. 383–390.

Svetovna zdravstvena organizacija (2005). WHA58/2005/REC/1. Ženeva: Svetovna zdravstvena organizacija.

Štrakl, M. (2003). Varnostna politika informacijskega sistema. Pridobljeno dne 12. 12. 2014 s svetovnega spleta: http://lms.uni-mb.si/vitel/14delavnica/.

Thede, L.Q. and Sewel, J.P. (2010). Informatics and nursing: competencies & applications, 3rd ed. Philadelphia: Wolters Kluwer.

Trček, D., Trobec, R., Pavešić, N. and Tasič, J. F. (2007). Information systems security and human behaviour. Behaviour & Information Technology, 26, št. 1, str. 113–118.

Ustava Republike Slovenije (1991). Uradni list Republike Slovenije št. 33.

While, A. and Dewsbury, G. (2011). Nursing and information and communication technology (ICT): a discussion of trends and future directions. International Journal of Nursing Studies , 48, 1302–1310.

Yin, R. K. (2009). Case study research: design and methods. Los Angeles, CA: Sage Publications.

Zabukovec, M. in Bohinc, M. (2001). Mesto informacijskega sistema v zdravstveni negi. Obzornik zdravstvene nege, 35, št. 1/2, str. 56–65.

Zakon o pacientovih pravicah (2008). Uradni list Republike Slovenije, št. 15.

Zakon o varstvu osebnih podatkov (2004). Uradni list Republike Slovenije št. 86.

Železnik, D., Brložnik, M., Buček Hajdarević, I., Dolinšek, M., Filej, B., Istenič, B. in sod. (2008). Poklicne aktivnosti in kompetence v zdravstveni in babiški negi. Ljubljana: Zbornica zdravstvene in babiške nege – Zveza strokovnih društev medicinskih sester, babic in zdravstvenih tehnikov Slovenije.

Downloads

Published

2022-04-09

Issue

Vol. 2 No. 1 (2015)

Section

Articles

How to Cite

Patient’s Information Privacy and Data Protection . (2022). Revija Za Zdravstvene Vede, 2(1), 19-35. https://www.jhs.si/index.php/JHS/article/view/21

Most read articles by the same author(s)