近年來許多國家開始發展電子病歷,以應用於提升醫療品質,降低醫療成本,但隨著技術發展的過程,也開始重視有關電子病歷的隱私和安全議題。目前在台灣的跨院電子病歷交換機制,病人的電子病歷授權方式缺乏彈性選擇,使病人僅能根據病歷的單張種類與時間進行授權。除此之外,也尚未發展針對交換時的隱私病歷資訊,以及針對不同醫事人員進行任何授權的管理及保護機制。本研究提出運用IHE BPPC Profile,發展角色與隱私機密性等級的授權方式,以改善目前授權選擇的彈性,並設計隱私政策矩陣,用於建立台灣跨院電子病歷交換架構的敏感性隱私資訊保護機制,目的使病人能有更完善的隱私保障。本研究結果顯示,於目前的電子病歷製作過程中加入隱私機密性等級,雖然可能會造成醫師製作病歷的困難,同時也增加病歷室或相關醫事人員辨認隱私機密性等級的負擔,但是卻能夠發展敏感性隱私資訊保護的機制,使病人可以獲得更好的隱私安全保障。
In an effort to improve care and reduce costs in healthcare, many countries and institutions have begun to implement electronic medical record systems. However, the development of electronic medical records has brought along concerns of privacy and security. In the current system, Taiwan’s electronic medical records exchange system authorizes access based on admission time and medical record types; the authorizes access that does not accurately reflect the complex nature of healthcare. Additionally, in the current EEC exchanged platform there no mechanisms in place for the complete protection of sensitive information, nor a mechanism which can authorize access every healthcare professional. This study uses the IHE BPPC profile from the perspective of Role-based Access Control and Confidentiality Code to design a privacy polices matrix and improve the flexibility of privacy protection, in order to create a secure electronic exchange infrastructure. Although the addition of confidentiality codes in Taiwan’s electronic medical records will increase the workload for physicians and other healthcare workers, it can ensure privacy protection control for exchanging sensitive information; resulting in an enhanced level of patient privacy.
為了持續優化網站功能與使用者體驗,本網站將Cookies分析技術用於網站營運、分析和個人化服務之目的。
若您繼續瀏覽本網站,即表示您同意本網站使用Cookies。