Securing Healthcare Data Pipelines: Enhancing Reliability and Privacy in US Electronic Health Records Systems
Department of Computer Science, University of Central Florida at Orlando, Florida USA.
Research Article
World Journal of Advanced Research and Reviews, 2023, 17(03), 1124-1139
Publication history:
Received on 26 January 2023; revised on 16 March 2023; accepted on 28 March 2023
Abstract:
The modern clinical care, the public-health surveillance, and biomedical research rely on Electronic Health Records (EHRs). But the pipelines of flow, transformation, and disclosure that guide EHR data, bedside capture through ingestion, storage, analysis, and interinstitutional sharing, are becoming more and more complex and susceptible. The paper presents a sociotechnical frame and an engineering-policy roadmap to ensure EHR data pipelines in the United States, including tradeoffs between confidentiality, integrity, availability, and patient privacy and usability and research utility. We cross regulatory restrictions (HIPAA/HITECH and the recent interoperability regulations), technical standards (FHIR), and modern threats (ransomware, API/third-party exploitation), and we conduct a survey of privacy-enhancing technologies (differential privacy, federated learning, homomorphic techniques) in terms of their practical tradeoff. Our main contributions are (1) a precise threat-aware taxonomy of EHR pipeline stages and trust-boundaries; (2) a comprehensive defensive architecture that integrates zero-trust, strong identity and key management, PETs and reliability engineering; and (3) an evaluation plan that combines technical experiments on synthetic and de-identified data with mixed-method stakeholder assessment to reflect operational feasibility. To expose human and governance failures that frequently accompany a pure technical solution, we ground the design in sociotechnical theory. The paper intends to create actionable recommendations that are applicable to hospital CISOs, EHR vendors, and standards organizations, along with policymakers because it puts patient agency, equity as a provider of resources and auditability in the limelight. Three of the most critical empirical assertions regarding the prevalence of threats and technology readiness are anchored in existing research up to 2023.
Keywords:
Electronic Health Records (EHRs); Protected Health Information (PHI); Data Security in healthcare; Sociotechnical systems
Full text article in PDF:
Copyright information:
Copyright © 2023 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0