| In the healthcare sector, timely access to patient information is essential. Patient information can be stored in one of two ways: traditional archaic filing cabinet or electronically. The traditional filing cabinet approach can delay the transmission and sharing of data and can result in suboptimal care, unnecessary laboratory work, heightened costs, and workflow inefficiencies. The electronic format, known as Electronic Health Records (EHRs), is a growing trend that facilitates a more collaborated system that healthcare providers and patients can utilize to share data. Health Information Exchanges (HIEs) are essential for securely sharing EHRs.;The electronic sphere of patient data is growing but some patients and medical providers are skeptical. There are privacy and security concerns of EHRs and HIEs. This data is more susceptible to unauthorized access due to its online availability. The U.S. Government and some of its subsidiaries have identified the relevance of safeguarding patient data and have endorsed standards and framework such as NIST 7497. This specific framework will be evaluated to create a more secure framework.;The goal of this research is to develop an enhanced security framework and process that new and existing HIEs can utilize to safeguard data during storage and transmission. The proposed effort consists of (i) a mapping of HIE Security Architecture Design Process to MyHealth Advanced HIE Architecture, (ii) gap analysis, (iii) enhanced framework for the existing NIST Blueprint, and (iv) framework implementation methodology. |
