Breaching the Security of the Kaiser Permanente Internet Patient Portal: the Organizational Foundations of Information Security

Collmann, Jeff; Cooper, Ted

doi:10.1197/jamia.m2195

Cited by 43 publications

(18 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[14][15][16] In addition, numerous technical approaches have been developed to enhance privacy and security across medical records; examples include integrating disparate approaches to privacy, improving access audits, performing in-depth analyses of privacy breaches, and improving models for access controls. [17][18][19][20][21][22][23] At Vanderbilt Medical Center (VMC), an EHR system was developed for outpatient psychiatric records and deployed in 2003. Reasons given for the switch from paper charts included patient safety, with improved access to records in emergencies, lower costs of maintaining records, improved legibility and general convenience, and lower costs of providing responses to increasingly frequent and detailed requirements for copies of records for third-party payers.…”

Section: Data Security and Accessmentioning

confidence: 99%

Openness of patients' reporting with use of electronic records: psychiatric clinicians' views

Salomon¹,

Blackford²,

Rosenbloom³

et al. 2010

Journal of the American Medical Informatics Association

View full text Add to dashboard Cite

In an academic medical center clinic, the presence of electronic records was not seen as a dramatic impediment to therapeutic communications. Concerns regarding privacy and data security were significant, and may contribute to reluctances to adopt electronic records in other settings. Further study of clinicians' views and use patterns may be helpful in guiding development and deployment of electronic records systems.

show abstract

Section: Data Security and Accessmentioning

confidence: 99%

Openness of patients' reporting with use of electronic records: psychiatric clinicians' views

Salomon¹,

Blackford²,

Rosenbloom³

et al. 2010

Journal of the American Medical Informatics Association

View full text Add to dashboard Cite

show abstract

“…Similar security breaches have occurred in other online healthrelated sites, such as a major breach of over 800 Kaiser Permanente (KP) members through KP Online, a web-enabled health care portal. Two programmers had written poorly designed scripts which resulted in emails breaching the confidentiality and integrity of the members' personal health information A case study was completed on this breach, and the authors concluded that in order to protect sensitive patient information, safeguards should be built into online systems in addition to complying with good information security practice and regulations suggested in HIPAA [17].…”

Section: Security Problems and Breachesmentioning

confidence: 99%

Web vulnerability study of online pharmacy sites

Kuzma

2011

Informatics for Health and Social Care

View full text Add to dashboard Cite

Background. Consumers are increasingly using online pharmacies, but these sites may not provide an adequate level of security with the consumers' personal data. There is a gap in this research addressing the problems of security vulnerabilities in this industry.Objectives. The objective is to identify the level of web application security vulnerabilities in online pharmacies and the common types of flaws, thus expanding on prior studies.Technical, managerial and legal recommendations on how to mitigate security issues are presented.Method. The proposed four-step method first consists of choosing an online testing tool. The next steps involve choosing a list of 60 online pharmacy sites to test, and then running the software analysis to compile a list of flaws. Finally, an in-depth analysis is performed on the types of web application vulnerabilities.Results. The majority of sites had serious vulnerabilities, with the majority of flaws being cross-site scripting or old versions of software that have not been updated. Conclusions.A method is proposed for the securing of web pharmacy sites, using a multiphased approach of technical and managerial techniques together with a thorough understanding of national legal requirements for securing systems.

show abstract

“…New health monitoring applications, for iPhones, tablets, and Android devices, are reaching the market at an accelerating pace. Yet the medical profession has been slow in transitioning to digital services and furthermore is hampered by prohibitive costs of security, encryption, and patient privacy protection (Collmann and Cooper 2007).…”

mentioning

confidence: 99%

The Digital Health Divide: A New Threat to Health Care Quality and Cost?

Nicogossian

Zimmerman²,

Kloiber³

et al. 2012

World Med & Health Policy

View full text Add to dashboard Cite

Information technology (IT) and the digital revolution continue to transform the biomedical research and health care practice landscape worldwide. While contributing to the dissemination of knowledge and the promise of reducing health care costs, access to this capability is not universal. Many communities, patients and health professionals worldwide do not have access to digital data repositories or even have Internet access. A major roadblock for developing nations is the cost of access and rapidly evolving IT tools. Language and “Internet literacy” are the other two major impediments in achieving access.

show abstract

Breaching the Security of the Kaiser Permanente Internet Patient Portal: the Organizational Foundations of Information Security

Cited by 43 publications

References 12 publications

Openness of patients' reporting with use of electronic records: psychiatric clinicians' views

Openness of patients' reporting with use of electronic records: psychiatric clinicians' views

Web vulnerability study of online pharmacy sites

The Digital Health Divide: A New Threat to Health Care Quality and Cost?

Contact Info

Product

Resources

About