u. s. DEPOSITORY ’ JUL 1 9 1995 ., No. 95-10 @URRENT. "WGHIES EN MEDEGENE Confidentiality of Electronic Health Data National Library January 1990 of Medicine through ‘ March 1996 448 Citations NATIONAL INSTITUTES OF HEALTH 0 National Library of Medicine nsxxfitv \ LIBRARY twwmnos awamm CBM 95-10 Confidentiality of Electronic Health Data: Methods for Protecting Personally Identifiable Information January 1990 through March 1996 448 Selected Citations Prepared by Ione Auston, M.L.S. , National Library of Medicine Betsy L. Humphreys, M.L.S., National Library of Medicine Paul D. Clayton, Ph.D., Columbia-Presbyterian Medical Center Isaac S. Kohane, M.D., Ph.D., Harvard Medical School Lance J. Hoffman, Ph.D., George Washington University Zdenka Geisslerova, National Library of Medicine US. DEPARTMENT OF HEALTH AND HUMAN SERVICES Public Health Service National Institutes of Health National Library of Medicine Reference Section 8600 Rockville Pike Bethesda, Maryland 20894 1996 National Library of Medicine Cataloging in Publication Confidentiality of electronic health data : methods for protecting personally identifiable information : January 1990 through March 1996 : 448 selected citations / prepared by Ione Auston ... [et al.]. —- Bethesda, Md. (8600 Rockville Pike, Bethesda 20894) : U.S. Dept. of Health and Human Services, Public Health Service, National Institutes of Health, National Library of Medicine, Reference Section ; Pittsburgh, PA : Sold by the Supt. of Docs., U.S. G.P.O., 1996. -- (Current bibliographies in medicine ; 95—10) 1. Confidentiality - bibliography 2. Computer Security - bibliography 3. Medical Informatics — bibliography I. Auston, Ione II. National Library of Medicine (U.S.). Reference Section III. Title IV. Series 02NLM: ZW l N272 no.95—10 .3) SERIES NOTE Current Bibliographies in Medicine (CBM) is a continuation in part of the National Library of Medicine's Literature Search Series, which ceased in 1987 with No. 87-15. In 1989 it also subsumed the specialized Bibliography Series. Each bibliography in the new series covers a distinct subject area of biomedicine and is intended to fiilfill a current awareness function. Citations are usually derived from searching a variety of online databases. NLM databases utilized include MEDLINE ', AVLINE ', BIOETI-IICSLINE', CANCERLIT', CATLINE °, HEALTH, POPLINEN and TOXLINE. . The only criterion for the inclusion of a particular published work is its relevance to the topic being presented; the format, ownership, or location of the material is not considered. Cements and suggestions on this series may be addressed to: Karen Patrias, Editor Current Bibliographies in Medicine Reference Section National Library of Medicine Bethesda, MD 20894 Phone: 301-496-6097 Fax: 301-402-1384 Internet: patrias@nlm.nih.gov This bibliography, CBM 95-10, is the last publication in this series for calendar year 1995. Ordering Information: Current Bibliographies in Medicine is sold by the Superintendent of Documents, U.S. Government Printing Office, PD. 371954, Pittsburgh, PA 15250—7954. To order the entire CBM series for calendar year 1996 (approximately 10 bibliographies), send $47.00 ($58.75 foreign) to the Superintendent of Documents citing GPO List ID: CBM96. For your convenience an order blank is given inside the back cover. Orders for individual bibliographies in the series ($5.50, $6.88 foreign) should be sent to the Superintendent of Documents citing the title,_CBhll_numher,_and_the_GEO_Iist_ID given above. Internet Access: The Current Bibliographies in Medicine series is also available at no cost to anyone with Internet access through FTP (File Transfer Protocol). FTP to nlmpubs.nlm.nih. gov and login as anonymous. The index file in the "bibs" directory provides information on the bibliographies available. Use of fimds for printing this periodical has been approved by the Director of the Qfi‘ice of Management and Budget through September 30, 1996. 4M7, Ge 19%» ?uae FOREWORD In 1995, in response to a request from the Vice-President of the United States of America, the Department of Health and Human Services assumed a leadership role in addressing four major issues surrounding the use of the National Information Infrastructure to advance health care and the public health: (1) telemedicine; (2) health data privacy; (3) health data standards; and (4) consumer access to health information. One specific health data privacy objective is the identification and dissemination of information about current best practices for ensuring the confidentiality of electronic health data. This bibliography of information sources that provide concrete guidance on the policies, procedures, and technologies useful in safeguarding electronic health data is a first step toward that objective. Although the bibliography contains many useful references, the literature search conchlcted to produce it has confirmed that published information about how to protect electronic health data is fragmented and incomplete. Many institutions are currently addressing the need for comprehensive policies and procedures for safeguarding electronic health, but, to date, few institutional documents have been completed and released. Materials cited in this bibliography have been one source of input to a study of "best practices" for protecting the confidentiality of electronic health care data that is currently being undertaken by the Computer Sciences and Telecomrmmications Board of the National Research Council, under the chairmanship of Paul Clayton, Ph.D., Columbia-Presbyterian Medical Center. Funded by the National Library of Medicine and the Warren G. Magnuson Clinical Center, National Institutes of Health, DHHS, the study is also collecting data through a series of site visits to institutions with electronic health information systems. Its final report, scheduled for release by January 1997, will bring us a step closer to the goal of developing practical and coherent guidelines for protecting the confidentiality of electronic health data. Nan D. Hunter Deputy General Counsel U.S. Department of Health and Human Services Chair, Interdepartmental Health Privacy Working Group iv CONFIDENTIALITY OF ELECTRONIC HEALTH DATA Electronic health data can improve the quality and efficiency of health care, research, and public health surveillance and interventions. To achieve these benefits without unacceptable risk to patient confidentiality, electronic health data must be created, used, transmitted, aggregated, and abstracted in ways and in enviromnents that maintain data security and accuracy; prevent inadvertent or accidental release; prevent or deter access by unauthorized users; and discourage, detect, and punish inappropriate use of health data by unauthorized users. This selective bibliography is primarily intended for those who are responsible for protecting electronic health data and need information on appropriate strategies for doing so. It includes references to publications, organizations, and electronic sources that address methods for preserving the confidentiality and security of electronic health data. The methods covered include technical approaches, institutional policies and procedures, staff and patient education, and legal and regulatory requirements. In addition to substantive discussions of measures for preserving confidentiality and security of health data, the bibliography also has references to some recent standards and guidelines that apply to electronic data in general. Letters, editorials, news items, and general descriptions of health information systems in which security and privacy prevention are mentioned briefly generally have been excluded. The bibliography has a tight focus on how to protect electronic health data and therefore also excludes references to the large body of literature on related topics such as: the need to protect privacy; the need for federal legislation; the potential privacy and security problems associated with computer-based patient records; the public's perceptions of privacy issues; special ethical and privacy considerations associated with genetic screening, AIDS testing, and occupational health records; the conditions under which medical and psychiatric records must or must not be disclosed to courts; the tension between privacy and the public good in cases involving infectious disease, potential violence, etc.; institutional review boards; and informed consent, except as it relates directly to consent about use of health data. In general, publication dates for references included in this bibliography range from January 1990 through March 1996, and publications are primarily in English. Journal articles, books and book chapters, conference proceedings and papers, meeting abstracts, laws and legal documents, and technical reports, as well as unpublished documents, have been surveyed and selected for inclusion. Arrangement of the bibliography is by subject and citations within each category are listed alphabetically by author; a citation appears under only one category. A number of Internet sites created by various organizations that address confidentiality or computer security may be found by using various world wide web searching tools. A selected list of these are included in the Organizations section of this bibliography. All Internet addresses were functional on the date that this bibliography became available. The compilers wish to thank Marlyn Schepartz, National Library of Medicine, for her technical assistance with production of this bibliography. SEARCH STRATEGY A variety of online databases are usually searched in preparing bibliographies in the CBM series. To assist you in updating or otherwise manipulating the material in this search, the strategy used for the NLM's MEDLINE database is given below. Please note that the search strategies presented here differ from individual demand searches in that they are generally broadly formulated and irrelevant citations edited out prior to printing. SS 1 = CONFIDENTIAITTY OR COMPUTER SECURITY OR PRIVACY (TW) SS 2 = PATIENT IDENTIFICATION SYSTEMS OR PUBLIC HEALTH ADMINISTRATION OR TELEMEDICINE OR DATABASES, FACTUAL OR NURSING AUDIT OR PEER REVIEW, HEALTH CARE OR PROFESSIONAL REVIEW ORGANIZATIONS OR MEDICAID OR SYSTEMS INTEGRATION OR JCAHO (MH) SS 3 = *EPIDEMIOLOGIC METHODS (PX) SS 4 = EXPUODE *MANAGEMENT INFORMATION SYSTEMS OR EXPLODE *MEDICAL AUDIT OR EXPLODE *UTILIZATION REVIEW OR EXPLODE MEDICARE OR EXPLODE CLINICAL TRIALS OR EXPLODE *MEDICAL INFORMATICS SS 5 = EXPIJODE OFFICE MANAGEMENT OR EXPLODE *INSURANCE SS6=1AND2 SS7=1AND3 SSS=1AND4 SSQ=1AND5 SS 10=6OR7OR80R9 GRATEFUL MED' and INTERNET GRATEFUL MED. To make online searching easier and more efficient, the Library offers GRATEFUL MED, microcomputer-based software that provides a user-friendly interface to most NLM databases. This software was specifically developed for health professionals and features multiple choice menus and "fill in the blank" screens for easy search preparation. GRATEFUL MED runs on anIBM PC (or IBM-compatible) with DOS 2.0 or a Macintosh, and requires a Hayes (or Hayes-compatible) modem. It may be purchased from the National Technical Information Service in Springfield, Virginia, for $29.95 (plus $3.00 per order for shipping). For your convenience, an order blank has been enclosed at the back of this bibliography. INTERNET GRATEFUL MED is available from the World Wide Web. The user with Internet access and an NIM user account need only point a compatible Web browser (Netscape Navigator is strongly recommended) to http://igm.nlm.nih. gov. No other software at the user end is required. At present, MEDLINE is the only NLM database available through INTERNET GRATEFUL MED, but the Library expects to add access to other files rapidly. vi SAMPLE CITATIONS Citations in this bibliographic series are formatted according to the rules established for Index Medicus'*. Sample journal and monograph citations appear below. For journal articles written in a foreign language, the English translation of the title is placed in brackets; for monographs, the title is given in the original language. ', In both cases the language of publication is shown by a three letter abbreviation appearing at the end of the 1" citation. } Journal Article: Authors Article Title / \ / Barrows RC J r, Clayton PD. Privacy, confidentiality, and electronic medical records. I Am Med Inform Assoc 1996 Mar-Apr;3(2):139—48. / / / \ \ . Abbreviated Journal Date Volume Issue Pages Title Monograph: Authors/Editors Title Barber B, Treacher A, Louwerse CP, editors. Towards security on medical telematics: legal and technical aspects. Washington: 108 Press; 1996. 252 p. / l \ \. Place of Publisher Date Total No. Publication of Pages *For details of the formats used for references, see the following publication: Patrias, Karen. National Library of Medicine recommended formats for bibliographic citation. Bethesda (MD): The Library; 1991 Apr. Available from: NTIS, Springfield, VA; PB91—182030. vii TABLE OF CONTENTS OVERVIEW General Health POLICIES & POSITION STATEMENTS General Health Institutional RISK ANALYSIS & CONTINGENCY PLANNING EDUCATION & TRAINING ACCESS CONTROL/AUTHENTICATION PERSONAL IDENTIFIERS AUDIT TRAILS ELECTRONIC SIGNATURES ENCRYPTION SOFTWARE & APPLICATION DESIGN /PROTECTION NETWORK SECURITY IMAGES & TELEMEDICINE SECONDARY USAGE OF HEALTH DATA Research & Quality Review Statistics SMART CARDS LAWS, REGULATIONS, LEGAL ASPECTS Federal Laws, Bills, & Regulations Legal Aspects - Commentary State Laws, Bills, & Regulations Legal Aspects - Commentary Other Countries Laws, Bills, & Regulations Legal Aspects - Commentary OTHER BIBLIOGRAPHIES ORGANIZATIONS General Health ix page pay—u \O\O\l\l-h-F 13 13 14 15 17 18 1 8 20 20 22 22 gi’fi 27 28 OVERVIEW General Bacard A. The computer privacy handbook. Berkeley (CA): Peachpit Press; 1995. Bowen J, Stavridou V. [Safety-critical systems. Formal methods are standards]. Genie Log Syst Expert 1993 Mar;30:37-64. (Fre). Castano S. Database security. Reading (MA): Addison-Wesley; 1994. Clark DD, Wilson DR. A comparison of commercial and military computer security policies. In: Proceedings of the 1987 IEEE Symposium on Security and Privacy; 1987 Apr 27-29; Oakland, CA. Washington: IEEE Computer Society Press; 1987. p. 184~94. Gilbert DM. Sample statements of work for federal computer security services: for use in-house or contracting out. Lynch N, editor. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1991 Dec. Report No.: NIST Internal Report (NISTIR) 4749. Available from: NTIS, Springfield, VA; PB92—148261. Guttman B, Roback EA. An introduction to computer security: the NIST handbook. Gaithersburg (MD): National Institute of Standards and Technology (US); 1995 Oct. Report No.: NIST Special Publication 800—12. 272 p. Available from: US GPO, Washington; SN003-003-03374-0. National Institute of Standards and Technology (US); National Computer Security Center (US). 17th National Computer Security Conference; 1994 Oct 11—14; Baltimore, MD. [FL Meade (MD): National Computer Security Center]; 1995. 2 vols. Available from: National Security Agency, Publications Office, Ft. Meade, MD (410/766—8729). National Institute of Standards and Technology (US), National Computer Security Center (US). 18th National Information Systems Security Conference); 1995 Oct 10-13; Baltimore. [Ft. Meade (MD): National Computer Security Center]; 1996. 2 vols. Available from: National Security Agency, Publications Office, Ft. Meade, MD (410/766-8729). Formerly the National Computer Security Conference. Nazario NA, editor. General procedures for registering computer security objects. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1993 Dec. Report No.: NIST Internal Report (NISTIR) 5308. Available from: NTIS, Springfield, VA; PB94-134897. Saltman RG, editor. Good security practices for electronic commerce, including electronic data interchange. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1993 Dec. Report No.: NIST Special Publication 800-9. Available from: NTIS, Springfield, VA; PB94—139045. Saltman RG, editor. Workshop on Security Procedures for the Interchange of Electronic Documents: selected papers and results. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Security Laboratory; 1993 Aug. Report No.: NIST Internal Report (NISTIR) 5247. 128 p. Available from: NTIS, Springfield, VA; PB94101854. SECURICOM 95. Proceedings of the 13th Worldwide Congress on Computer and Communications Security and Protection; 1995 Jun 8-9; Paris, France. Paris: Manifestations & Commun. Int.; 1995. 288 p. United States, Congress, Office of Technology Assessment. Information security and privacy in network environments. Washington: US. Government Printing Office; 1994 Sep. Report No.: OTA-TCT-606. 244 p. United States, Congress, Office of Technology Assessment. Issue update on information security and privacy in network environments. Washington: US. Government Printing Office; 1995 Jun. Report No.: OTA-BP-ITC-147. 142 p. Health Bakker AR. Security in medical information systems. In: van Bemmel JH, McCray AT, editors. Yearbook of medical informatics: Stuttgart: Schattauer; 1993. p. 52-60. Barber B, Bakker A, Bengtsson S. Conclusions and recommendations. Int J Biomed Comput 1994; 35 Suppl:221—9. Barber B, O'Moore R. The six safety first principles of health information systems — Progress Report. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 308-14. (Studies in health technology and informatics; vol. I). Barrows RC Jr, Clayton PD. Privacy, confidentiality, and electronic medical records. J Am Med Inform Assoc 1996 Mar—Apr;3(2): 139—48. Benson T, Neame R. Healthcare computing: a guide to health information management and systems. Harlow (Essex, UK): Longman Group Ltd.; 1994. Chapter 11, Security and privacy; p. 143-63. Biskup J, Bleumer G. Reflections on security of database and data transfer systems in health care. In: Information processing '94. Applications and impacts. Proceedings of the 13th IFIP World Computer Congress; 1994 Aug 28-Sep 2; Hamburg, Germany. Amsterdam: Elsevier Science Pub.; 1994. p. 549—56. (IFIP transactions A (computer science and technology); vol.A-52). Blum BI. Computer security in a clinical environment. In: Jajodia S, Landwehr CE, editors. Database Security, 4: Status and Prospects. Results of the IFIP WG 11.3 workshop; 1990 Sep 18-21; Halifax, UK. Amsterdam: North-Holland; 1991. p. 1—12. Bruce JAC. Privacy and confidentiality of health care information. 3rd ed. Chicago: American Hospital Pub.; Forthcoming 1996. Bunz H, Bertsch A, Jurecic M, Baum-Waidner B. Secure multimedia applications and teleservices: security requirements and prototype for health care. In: Steinmetz R, editor. Multimedia: advanced teleservices and high-speed communication architectures. Proceedings of the 2nd International Workshop, IWACA '94; 1994 Sep 26—28; Heidelberg, Germany. Berlin: Springer-Verlag; 1994. p. 224-36. Caring for Health Information - Safety, Security and Secrecy. Results of a working conference of the International Medical Informatics Association. Heemskerk, The Netherlands, 1993 Nov 13-16. Int J Biomed Comput 1994 Feb;35 Suppl:1-235. Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. Executive summary; p. 1-61. (Studies in health technology and informatics; vol. 1). Confidentiality and security measures for health care. Toward Electron Patient Rec 1994 J un-Jul;3(1): 1-13. de Roulet D, Scherrer JR, editors. Data protection within a hospital information system. In: SECURICOM 90. 8th Worldwide Congress on Computer and Communications Security and Protection; 1990 Mar 14—16; Paris, France. Paris: SEDEP; 1990. p. 27-45. Dolezol W. System protection techniques within the hospital information system at the hospitals of the University of Wurzburg. MUG Q 1991 Sep; 21(4):27-32. Furnell SM, Gaunt PN, Pangalos G, Sanders PW, Warren M]. A generic methodology for health care data security. Med Inf (Lond) 1994 Jul-Sep;19(3):229-45. Gabrieli ER. Guidelines for minimal data security measures for the protection of computer-based patient records. J Clin Comput 1993;22(1):1-48. Hamilton DL. Identification and evaluation of the security requirements in medical applications. Bristol (UK): Hewlett-Packard Laboratory; 1992 Jun. Report No.: HPL-92-75. 11 p. Health Records: Social Needs and Personal Privacy. Conference Proceedings; 1993 Feb 11-12; Washington, DC. Washington: US. Government Printing Office; 1993 Feb. Also available from: NTIS, Springfield, VA; PB94168192. Hoffman LJ. Data security and privacy in health information systems. Top Emerg Med 1995 Dec;17(4):24-6. Iversen KR. Security requirements for electronic patients records: the Norwegian view. Int J Biomed Comput 1994 Feb;35 Suppl:51-6. Jurecic M, Bunz H. Exchange of patient records-prototype implementation of a Security Attributes Service in X500. In: Proceedings of 2nd ACM Conference on Computer and Communications Security; 1994 Nov 2-4; Fairfax, VA. New York: ACM; 1994. p. 30-8. Kaplan JG. Protecting sensitive medical information. In: Database Security, 6: Status and Prospects. IFIP WG 11.3 workshop; 1992 Aug 19-21; Vancouver, BC, Canada. [Amsterdam?: North Holland?]; 1993. p. 1-14. (IFIP transactions A (computer science and technology); vol. A-21). Lincoln TL, Essin D. The computer-based patient record: issues of organization, security and confidentiality. In: Database Security, 5: Status and Prospects. Results of the IFIP WG 11.3 workshop; 1991 Nov 4-7; Shepherdstown, WV. [Amsterdam?: North Holland?]; 1992. p. 1-19. (IFIP transactions A (computer science and technology); vol.A-6). Louis Harris and Associates. Equifax-Harris consumer privacy survey 1994. New York: The Associates; 1994. Available from: Equifax, Inc., Atlanta, GA. Louis Harris and Associates. Equifax-Harris mid-decade consumer privacy survey 1995. New York: The Associates; 1995. Available from: Equifax, Inc., Atlanta, GA. Louis Harris and Associates. Health care information privacy: a survey of the public and leaders. New York: The Associates; 1993. Available from: Equifax, Inc., Atlanta, GA. Louwerse CP. The organisation and management of information security issues in health care. Int J Biomed Comput 1994 Feb;35 Suppl: 195—200. Meranda D. Administrative and security challenges with electronic patient record systems. J AHIMA 1995 Mar;66(3):58-60. Moehr JR. Privacy and security requirements of distributed computer based patient records. Int J Biomed Comput 1994 Feb;35 Suppl:57-64. O'Connor K. Confidentiality, privacy and security concerns in the modern healthcare environment. Aust Comput J 1994 Aug;26(3):70-7. Pfitzmann A, Pfitzmann B. Technical aspects of data protection in health care informatics. In: Noothoven van Goor J, Christensen JP, editors. Advances in medical informatics: results of the AIM Exploratory Action. Washington: 108 Press; 1992. p. 368-86. (Studies in health technology and informatics; vol. 2). Schmaus D. Computer security and data confidentiality. AORN J 1991 Oct;54(4):885-90. Shea S, Sengupta S, Crosswell A, Clayton PD. Network information security in a phase III Integrated Academic Information Management System (IAIMS). Proc Annu Symp Comput Appl Med Care 1992;16:283-6. Task Force on the Privacy of Private-Sector Health Records. Final report. Rockville (MD): Kunitz and Associates. Inc.; 1995 Sep. Contract No.: HHS-100-91-0036. 128 p. plus appendices. Sponsored by the US. Department of Health and Human Services. United States, Congress, Office of Technology Assessment. Bringing health care online: the role of information technologies. Washington: US. Government Printing Office; 1995 Sep. Report No: OTA-ITC-624. Chapter 3, Networks for health information; p. 79-122. United States, Congress, Office of Technology Assessment. Protecting privacy in computerized medical information. Washington: US Government Printing Office; 1993 Sep. Report No.: 0TA-TCT-576. 157 p. Woodward B. The computer-based patient record and confidentiality. N Engl J Med 1995 Nov 23; 333(21):1419—22. Wright B. Security concerns of computer-based health care information. Comput Secur J 1994 Spring;10(1):83-9. 4 POLICIES & POSITION STATEMENTS General Bennett CJ. Regulating privacy: data protection and public policy in Europe and the United States. Ithaca (NY): Cornell University Press; 1992. Information and Privacy Commissioner/Ontario. Access and the Canadian information highway: submission to the Information Highway Advisory Council Secretariat in response to the Discussion Paper entitled Access, Affordability and Universal Service on the Canadian Information Highway. [Ottawa (Ontario, Canada): The Commissioner]; 1995 Mar. 8 p. Information and Privacy Commissioner/Ontario. The information highway: access and privacy principles. [Ottawa (Ontario, Canada): The Commissioner]; 1994 Dec. 12 p. Information and Privacy Commissioner/Ontario. Privacy and the Canadian information highway: submission to the Information Highway Advisory Council Secretariat. [Ottawa (Ontario, Canada): The Commissioner]; 1994 Dec. 12 p. Information Infrastructure Task Force (IITF), Information Policy Committee, Privacy Working Group. Privacy and the National Information Infrastructure: principles for providing and using personal information. Final version. [Washington]: The Group; 1995 Oct. [13 p.] Available from: Office of Management and Budget, Washington, DC. Information Infrastructure Task Force (IITF), National Information Infrastructure Security Issues Forum. NII security: the federal role. [Washington]: The Forum; 1995 Jun 5. [35 p.] Available from: Office of Management and Budget, Washington, DC. Draft report issued for public comment, June 14, 1995. Irving L, Farquhar MC, Brown KC, et a1. Privacy and the N II. Safeguarding telecommunications - related personal information. [Washington]: Department of Commerce (US), National Telecommunications and Information Administration; 1995 Oct. 28 p., Appendix A1-9. Health American College of Healthcare Executives. Ethical policy statement. Medical records confidentiality. Healthc Exec 1994 May-Jun;9(3):43. American Medical Association, Council on Ethical and Judicial Affairs. Current opinions of the Council on Ethical and Judicial Affairs. Chicago: The Association; 1992. Section 7.00, Opinions on physician records; p. 32-3. American Medical Association, Council on Ethical and Judicial Affairs. Current opinions of the Council on Ethical and Judicial Affairs. Chicago: The Association; 1992. Sections 5.05-5.09, Confidentiality; p. 25-8. Anderson RJ. Security in clinical information systems [monograph online]. Cambridge (UK): University of Cambridge Computer Laboratory; 1996 Jan 12. Available from: World Wide Web, http://www.cl.cam.ac.uk/users/ rja14/policy1 1/ policy11.html. Prepared for the British Medical Association. Barber B, Jensen OA, Lamberts H, Roger-France F, De Schouwer P, Zbllner H. The six safety first principles of health information systems: A programme of implementation: part 1 safety and security. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 105 Press; 1991. p. 296-301. (Studies in health technology and informatics; vol. 1). Barber B, Treacher A, Louwerse CP, editors. Towards security in medical telematics: legal and technical aspects. Washington: 108 Press; 1996. 252 p. (Studies in technology and informatics; vol. 27). Bengtsson S, Solheim BG. Enforcement of data protection, privacy and security in medical informatics. In: Lun KC, Degoulet P, Piemme TE, Rienhoff O, editors. MEDINFO 92. Proceedings of the 7th World Congress on Medical Informatics; 1992 Sep 6-10; Geneva, Switzerland. Vol. 2. Amsterdam: North-Holland; 1992. p. 1561-5. Blair J S. Overview of standards related to the emerging health care information infrastructure. Schaumburg (IL): The Computer-based Patient Record Institute; 1995 Jan. Reprinted by the Computer-based Patient Record Institute with permission of CRC Press. Brandt MD. Issue: disclosure of health information. A position statement. Chicago: American Health Information Management Association; 1993 Dec. 2 p. Brandt MD. Issue: disclosure of health information relating to alcohol and drug abuse. A position statement. Chicago: American Health Information Management Association; 1993 Dec. 1p. Brandt MD. Issue: facsimile transmission of health ' information. A position statement. Chicago: American Health Information Management Association; 1994 May. 3 p. Brandt MD. Issue: managing health information relating to infection with the human immunodeficiency virus (HIV). A position statement. Chicago: American Health Information Management Association; 1994 Feb. 2 p. Brandt MD. Issue: patient cards. A position statement. Chicago: American Health Information Management Association; 1993 Nov. 2 p. Brandt MD. Issue: protecting patient information after a closure. A position statement. Chicago: American Health Information Management Association; 1994 Apr. 4 p. Brandt MD. Issue: physician signatures on attestations. A position statement. Chicago: American Health Information Management Association; 1993 Nov. 1 p. Brandt MD. Issue: redisclosure of health information. A position statement. Chicago: American Health Information Management Association; 1993 Dec. 1p. Brandt MD. Issue: retention of health information. A position statement. Chicago: American Health Information Management Association; 1994 Mar. 2 p. Brandt MD. Maintenance, disclosure, and redisclosure of health information. Chicago: American Health Information Mangement Association; 1993. 23 p. Canadian Medical Association. The medical record: confidentiality. access and disclosure. [CMA policy summary]. Can Med Assoc J 1992 Dec 15:147(12):1860A-1860B. (Eng, Fre). Christensen JP, Villasante J. Data protection and confidentiality in health care informatics. In: Noothoven van Goor J , Christensen JP, editors. Advances in medical informatics: results of the AIM Exploratory Action. Washington: 105 Press; 1992. p. 387-92. (Studies in health technology and informatics; vol. 2). Computer-based Patient Record Institute (CPRI). Guidelines for establishing information security policies at organizations using computer-based patient record systems. Schaumburg (IL): The Institute; 1995. Prepared by the CPRI Work Group on Confidentiality, Privacy, and Security, 1995 Feb. Computer-based Patient Record Institute (CPRI). Position paper: access to patient data. Schaumburg (IL): The Institute; 1994 Apr 15. Computer—based Patient Record Institute (CPRI). Position paper: authentication in a computer-based patient record. Schaumburg (IL): The Institute; 1993 Aug 11. Conference of Medical Royal Colleges and Their Faculties in the United Kingdom. Interim guidelines on confidentiality and medical audit. BMJ 1991 Dec 14;303(6816):1525. Conference of Medical Royal Colleges and Their Faculties in the United Kingdom, Audit Working Group. Access to medical records for the purposes of medical audit. [Statement]. BMJ 1993 Apr 3;306(6882):896—7. Council on Competitiveness. Highway to health: transforming US. health care in the information age. Washington: The Council; 1996 Mar. Chapter 4, Integration of health information systems; p. 40—60. Data confidentiality--could this policy work for you? QRC Advis 1993 May;9(7):7-8. De Schouwer P, Barber B, Jensen 0A, Lamberts H, Roger-France F, Z611ner H. The six safety first principles of health information systems: A programme of implementation: Part 2 the environment, convenience and legal issues. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 302-07. (Studies in health technology and informatics; vol. 1). Feasibility of ensuring confidentiality and security of computer—based patient records. Council on Scientific Affairs, American Medical Association. Arch Fam Med 1993 May; 2(5): 556-60. Feste L. Issue: confidentiality of the computer-based patient record. A position statement. Chicago: American Health Information Management Association; 1992 Jul. 2 p. Feste LK. Issue: patient access to personal health information. A position statement. Chicago: American Health Information Management Association; 1992 Mar. 2 p. Guideline No. 4. Security of data held in computer systems. Institute of Health Record Information and Management. IHRIM 1995 Feb;36(1 Suppl): 1-2. Health care information: collection and privacy [microfiche] : Hearing Before the Senate Comm. on Governmental Affairs, 103rd Cong., 2d Sess. (May 6, 1994). Washington: US. Government Printing Office; 1995. 125 p. Available from: US GPO, Washington; Y 4.G 74/9:S.HRG. 103-100. Joint Commission on Accreditation of Healthcare Organizations. 1996 accreditation manual for hospitals. Vol.1, Standards. Chicago: The Commission; 1996. Section 2, Management of information; p. 171-90. Mayo Clinic Foundation, Information Security Subcommittee. Data security policies and standards. Unpublished internal document dated September 1994. Metzger JB, Stevens JM, Schwartz JE, Nelson R. Implications of the JCAHO information management initiative for information systems. Healthc Inf Manage 1994 Spring;8(2):23-30. National Healthcare Billing Audit Guidelines, adopted March 13, 1992. AHIMA. AHA, Association of Healthcare Internal Auditors, Blue Cross and Blue Shield Association, HFMA, and HIAA. J AHIMA 1992 Jun;63(6):105-9. Pitman SC. Standards in the medical transcription service industry. J Am Health Inf Manag Assoc 1992;63(7):75-7. Position statement: Confidentiality of the computer-based patient record. American Health Information Management Association. J AHIMA 1992 Sep;63(9):125-6. Sommerville A. Confidentiality and medical records. In: British Medical Association, Ethics Science and Information Division. Medical ethics today: its practice and philosophy. London: BMJ Publishing Group; 1993. p. 36-68, 339-40. Tiemann S. The individual, society and the protection of personal data. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 62-4. (Studies in health technology and informatics; vol. 1). United States, Congress, Office of Technology Assessment. Genetic monitoring and screening in the workplace. Washington: US Government Printing Office; 1990 Oct. Report No.: OTA—BA-455. 262 p. Users and uses of patient records. Report of the Council on Scientific Affairs. Council on Scientific Affairs, American Medical Association. Arch Fam Med 1993 Jun;2(6): 678-81. Wanerus P, Brandt MD. Issue: Managing health information in facility mergers and acquisitions. A position statement. Chicago: American Health Information Management Association; 1994 Apr. 4p. Wogan MJ. Issue: HCFA's uniform clinical data set (UCDS). A position statement. Chicago: American Health Information Management Association; 1991 Nov. 2 p. Work Group on Computerization of Patient Records. Toward a national health information infrastructure: report of the Work Group on Computerization of Patient Records to the Secretary of the US. Department of Health and Human Services. [Washington: Department of Health and Human Services (US)]; 1993 Apr. Workgroup for Electronic Data Interchange (WEDI). The new Workgroup for Electronic Interchange, summary report, April 1995. [place unknown]: The Workgroup; 1995? Workgroup on Electronic Data Interchange (WEDI). Report, October 1993. [place unknown]: The Workgroup; 1993? Workgroup for Electronic Data Interchange (WEDI). Report to Secretary of US. Department of Health and Human Services, July 1992. [place unknown]: The Workgroup; 1992? Institutional Brandt M. Developing an information management plan. J AHIMA 1995 May;66(5):24-8, 30, 32-3. Gramlich D. Confidentiality issues in the 90's. NAHAM Manag J 1992 Fall;18(2):6-8. Hospital survey shows computer—based patient record protection weaknesses. Inf Manag Bull 1994 Fall;7(3-4):5-6. Katsikas SK, Gritzalis DA. The need for a security policy in health care institutions. Int J Biomed Comput 1994 Feb;35 Supplz73-80. RISK ANALYSIS & CONTINGENCY PLANNING Bakker AR. Benefits and threats of new technologies. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 191-6. (Studies in health technology and informatics; vol. 1). Bakker AR. Computers in hospitals, vulnerability aspects. In: Adlassnig KP, Grabner G, Bengtsson S, Hansen R, editors. Medical Informatics Europe 1991. Proceedings; 1991 Aug 19-22; Vienna, Austria. Berlin: Springer-Verlag; 1991. p. 62-6. (Lecture notes in medical informatics; 45). Barber B. Are your systems securely engineered? Br J Healthc Comput Inf Manag 1995 Apr;12(3): 30-1. Barber B, Davey J. Approaching safe and secure health information systems in Europe. Comput Methods Programs Biomed 1994 Jul;44(1):23-9. Barber B, Davey J. The use of the CCTA risk analysis and management methodology (CRAMM) in health information systems. In: Lun KC, Degoulet P, Piemme TE, Rienhoff O, editors. MEDINFO 92. Proceedings of the 7th World Congress on Medical Informatics; 1992 Sep 6-10; Geneva, Switzerland. Vol. 2. Amsterdam: North—Holland; 1992. p. 1589-93. Barber B, Fairey M. Attack and defence: NHS security and data protection programme. Br J Healthc Comput Inf Manag 1995 J ul;12(6):30-2. Berleur J, Beardon C, Laufer R, editors. Proceedings of the IFIP WG9.2 Working Conference on Facing the Challenge of Risk and Vulnerability in an Information Society; 1993 May 20-22; Namur, Belgium. Amsterdam: Elsevier Science Pub.; 1993. 311 p. (IFIP Transactions A (Computer Science and Technology); vol.A-33). Brandt M. Confidentiality today: where do you stand? J AHIMA 1993 Dec;64(12):59—62. Cloud AC. An EDP audit with a twist. Inf Exec 1990 Fall;3(4):14—5. Cox TP. The 'paperless' physician office: a risk management perspective. J Healthc Risk Manag 1993 Fall;13(4):29-35. Davey J. Risk analysis and management. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 350—9. (Studies in health technology and informatics; vol. I). Eleazar PY. Risks associated with clinical databases. Top Health Rec Manag 1991 Nov;12(2):49—58. Ferraiolo DF, Gilbert DM, Lynch N. Assessing federal and commercial information security needs. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1992 Nov. Report No: NIST Internal Report (NISTIR) 4976. Available from: NTIS, Springfield, VA; PB93-138956. Furnell SM, Sanders PW, Stockel CT. An expert system for health care data security: a conceptual outline. In: Ifeachor EC, Rosen KG, editors. Proceedings of the International Conference on Neural Networks and Expert Systems in Medicine and Healthcare.; 1994 Aug 23-26; Plymouth, UK. Plymouth (UK): Univ. of Plymouth; 1994. p. 346-52. Gabrieli ER. Data security. J Clin Comput 1992; 21(1-2):17—41. Gritzalis D, Tomaras A, Katsikas S, Keklikoglou J. Data security in medical information systems: the Greek case. Comput Secur 1991 Apr;10(2): 141-59. Liczbanski M. Protect your data! Data Based Advis 1992 May;10(5): 1 14-24. Louwerse CP. Practical aspects of handling data protection and data security. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 324-33. (Studies in health technology and informatics; vol. 1). Miller D. Security, durability & portable computers. Healthc Inform 1993 May;10(5):72, 74. Miller DW. Commonly overlooked information security issues. Toward Electron Patient Rec 1994 May;2(lO):l, 3-7. Morris DC. It could never happen here! Comput Healthc 1990 Aug;11(8):38-44. National Institute of Standards and Technology (US), Computer Systems Laboratory. Guideline for the analysis of local area network security. Gaithersburg (MD): The Institute; 1994 Nov. (Federal information processing standards; FIPS PUB 191). Available from: NTIS, Springfield, VA. Pangalos GJ. Medical database security evaluation. Med Inf (Lond) 1993 Oct—Dec;18(4):283-92. Picukaric J M. The computer-based patient record: risks, security, and the HIM role. I AHIMA 1992 Mar;63(3):78-84. Skok R. Security systems: malpractice insurance for healthcare organizations. J AHIMA 1993 Jan; 64(1):51—2. Wamock—Matheron A, Gruending DL, Hannah KJ. A risk management approach to the security of hospital information systems. Can J Nurs Adm 1993 May—Jun;6(2):22—4, 30. Warren M], Sanders PW, Gaunt PN. Security criteria expert system concept: the healthcare application. I In: Ifeachor EC, Rosen KG, editors. Proceedings of the International Conference on Neural Networks and Expert Systems in Medicine and Healthcare; 1994 Aug 23-26; Plymouth, UK. ' Plymouth (UK): Univ. Plymouth; 1994. p. 146—53. EDUCATION & TRAINING Brown MM. Building respect for confidentiality through education. J AHIMA 1993 Dec;64(12): 65-6. Computer-based Patient Record Institute (CPRI). Guidelines for information security education programs at organizations using computer-based patient record systems. Schaumburg (IL): The Institute; 1995. Prepared by the CPRI Work Group on Confidentiality, Privacy, and Security, 1995 Jun. Merski P. Optical imaging the Right way. I AHIMA 1993 May;64(5):69-72. Self-assessment tool. Confidentiality and security in the computer-based patient record environment. J AHIMA 1992 May;63(5):77-9. Smith HJ, Kallman EA. Information privacy: medical record directors' perceptions of policy and practice. J AHIMA 1993 Feb;64(2):48-51. ACCESS CONTROL/ AUTHENTICATION Birkegaard N. User authorization in distributed hospital information systems. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 285—95. (Studies in health technology and informatics; vol. 1). Biskup J. Protection of privacy and confidentiality in medical information systems: problems and guidelines. In: Spooner DL, Landwehr C, editors. Database Security, 3: Status and Prospects. Results of the IFIP WG 11.3 workshop; 1989 Sep 5-7; Monterey, CA. Amsterdam: North-Holland; 1990. p. 13-23. Biskup J, Eckert C. [Secure delegation in information systems]. In: Week G, Horster P, editors. Proceedings of V18 ‘93; 1993 May 11-13; Munich, Germany. Wiesbaden: Vieweg; 1993. p. 107-33. (Ger). Bobis KG. Implementing right to know security in the computer-based patient record. In: Proceedings of the IEEE 13th Annual International Phoenix Conference on Computers and Communications; 1994 Apr 12-15; Phoenix, AZ. Piscataway (NJ): IEEE; 1994. p. 156-60. Brannigan VM. A framework for Need to Know authorizations in medical computer systems: responding to the constitutional requirements. Proc Annu Symp Comput Appl Med Care 1994;18:392-6. Dargahi R, Classen DW, Bobroff RB, Petermann CA, Moreau DR, Beck JR, Buffone G]. The development of a data security model for the Collaborative Social and Medical Services System. Proc Annu Symp Comput Appl Med Care 1994;18:349-53. , Decoster C. [Data protection within the Ministry of Public Health and in the hospitals]. Acta Hosp 1994;34(l):87-91. (Dut). Eichenwald S. Information technologies. Physician- hospital networks. J AHIMA 1992 Mar;63(3): 50-1. Gritzalis D, Katsikas S, Keklikoglou J, Tomaras A. Data security in medical information systems: technical aspects of a proposed legislation. Med Inf (Lond) 1991 Oct-Dec;16(4):371—83. 10 Henkind SJ, Orlowski JM, Skarulis PC. Application of a multilevel access model in the development of a security infrastructure for a clinical information system. Proc Annu Symp Comput Appl Med Care 1993;17:64-8. High-tech privacy issues in health care: Hearings Before the Subcomm. on Technology and the Law of the Senate Comm. on the Judiciary, 103d Congress, lst and 2d Sess. (October 27, 1993, and January 27, 1994). Washington: US. Government Printing Office; 1994. 137 p. Available from: US GPO, Washington; Y 4.] 89/1; Y 4.] 89/22:S.HRG.103-836. Kohler CO. [Medical documentation in the 'new health care system“). Nachr Dok 1994 May-Jun; 45(3):135-42. (Ger). Lonquet P, Barthier S, Leport C, Bompis B, Guilloy Y, Vlide JL. Assessementof a written procedure to improve the protection of confidentiality for hospitalized patients. Int Conf AIDS 1991 Jun 16-21;7(1):424. Abstract no. M.D.4138. Morris P, McDermid J. The structure of permissions: a normative framework for access rights. In: Database Security, 5: Status and Prospects. Results of the IFIP WG 11.3 workshop; 1991 Nov 4-7; Shepherdstown, WV. [Amsterdam?: North Holland?]; 1992. p. 77-97. (IFIP transactions A (computer science and technology); vol.A-6). Murphy G, Anderson EM. An organizational model for data access and management--work in progress. J AHIMA 1994 Aug;65(8):50-2, 54. National Institute of Standards and Technology (US), Computer Systems Laboratory. Automated password generator (APG). Gaithersburg (MD): The Institute; 1993 Oct. (Federal information processing standards; FIPS PUB 181). Available from: NTIS, Springfield, VA. National Institute of Standards and Technology (US), Computer Systems Laboratory. Guideline for the use of advanced authentication technology alternatives. Gaithersburg (MD): The Institute; 1994 Sep. (Federal information processing standards; FIPS PUB 190). Available from: NTIS, Springfield, VA. National Institute of Standards and Technology (US), Computer Systems Laboratory. Standard on password usage. Gaithersburg (MD): The Institute; 1985 May. (Federal information processing standards; FIPS PUB 112). Available from: NTIS, Springfield, VA. Notargiacomo LA, Graubart RD, Jajodia S, Landwehr CE. Health delivery: the problem solved? In: Database Security, 4. Status and Prospects. Results of the IFIP WG 11.3 workshop; 1990 Sep 18-21; Halifax, UK. Amsterdam: North-Holland; 1991. p. 13-26. Orr GA, Brantley BA Jr. Development of a model of information security requirements for enterprise-wide medical information systems. Proc Annu Symp Comput Appl Med Care 1992;16:287-91. Pangalos G, Khair M, Bozios L. Enhancing medical database security. J Med Syst 1994 Aug;18(4): 159—71. . Pangalos GJ. Medical database security policies. Methods Inf Med 1993 Nov;32(5):349-56; discussion 357. Peterson HE. Management and staff issues in data protection. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 315-23. (Studies in health technology and informatics; vol. 1). Pinkert JR. Contemporary issues in HIM. Kerberos--security for sensitive data. J AHIMA 1994 Jun;65(6):22-4, 26-8. Quisquater JJ, Bouckaert A. Zero—knowledge procedures for confidential access to medical records. In: Quisquater JJ, Vandewalle J, editors. Advances in cryptology — EUROCRYPT '89. Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques; 1989 Apr 10-13; Houthalen, Belgium. Berlin: Springer-Verlag; 1990. p. 662-4. Rihaczek K. Data protection in networks. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 105 Press; 1991. p. 249-70. (Studies in health technology and informatics; vol. 1). Riley WD. Safe as a bank. LAN Technol 1992 May;8(5):29—31. Safran C, Rind D, Citroen M, Bakker AR, Slack WV, Bleich HL. Protection of confidentiality in the computer-based patient record. MD Comput 1995 May-Jun;12(3):187-92. Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. Computer 1996 Feb;29(2):38-47. Shimaoka A. Security evaluation for the information system of Oita Medical University Hospital [abstract]. Annu Meet Int Soc Technol Assess Health Care 1994;102Abstract no. 131. Wear LL, Pinkert JR. Computer security. J AHIMA 1993 Sep;64(9):30-2, 34, 36-7. Yamamoto K, Ishikawa K, Miyaji M, Nakamura Y, Nishi S, Sasaki T, Tsuji K, Watanabe R. Necessity to improve common understanding about the security issues among hospitals in Japan and some feasible approaches. IntJ Biomed Comput 1994 Feb;35 Supplz205-12. 11 PERSONAL IDENTIFIERS American Medical Informatics Association. Standards for medical identifiers, codes, and messages needed to create an efficient computer-stored medical record. J Am Med Inform Assoc 1994 Jan-Feb;1(1):1-7. Asher A, Edson D, Howell E, Pence K. The unique record number: an alternative to traditional person identifiers. In: Toward the year 2000: refining the measures. Proceedings of the 24th Public Health Conference on Records and Statistics; 1993 Jul l9-21; Washington. Hyattsville (MD): National Center for Health Statistics (US); 1994. p. 308-11. Baitty RL, Jain RB, Hager C, Pope W, Goosby EP, Bowen GS. Protecting confidentiality in a national reporting system for HIV services. Int Conf AIDS 1993 Jun 6-11;9:947 Abstract no. PO-D36-4374. Barber B, France FR, Winkeler B, Olsen P. The EuroHealth Database-handling personal data without access to personal identification. In: Adlassnig KP, Grabner G, Bengtsson S, Hansen R, editors. Medical Informatics Europe 1991. Proceedings; 1991 Aug 19—22; Vienna, Austria. Berlin: Springer-Verlag; 1991. p. 646-52. (Lecture notes in medical informatics; 45). Carpenter PC, Chute CG. The Universal Patient Identifier: a discussion and proposal. Proc Annu Symp Comput Appl Med Care 1993;17:49—53. Concept models of patient identification: issues surrounding the use of social security numbers for patient identification. Toward Electron Patient Rec 1993;Analysis 221—15. Dilger K. [Use of computers for patient data and billing]. Fortschr Ophthalmol 1990;87 Suppl: Sl-4. (Ger). Fitzmaurice J M, Murphy G, Wear P, Korpman R, Weber G, Whiteman J. Patient identifiers: stumbling blocks or cornerstones for CPRs (computer-based patient records)? Healthc Inform 1993 May;10(5):38-40, 42. Gabrieli ER. Guide for unique healthcare identifier model. J Clin Comput l993;21(5):101-39. Gardner RM. Integrated computerized records provide improved quality of care with little loss of privacy. J Am Med Inform Assoc 1994 Jul-Aug; 1(4):320-2. 12 Goldschmidt AJW, Gaal L. [Optimised computer-aided random number generation for achieving anonymity of patients' records]. Softw Kur Med Psychol 1991 ;4(5): 145-50. (Ger). Information and Privacy Commissioner/Ontario. Privacy and electronic identification in the information age. [Ottawa (Ontario, Canada): The Commissioner]; 1994 Nov. 13 p. Meux E. Califomia‘s experience: SSN and confidentiality. In: Toward the year 2000: refining the measures. Proceedings of the 24th Public Health Conference on Records and Statistics (US); 1993 Jul 19-21; Washington. Hyattsville (MD): National Center for Health Statistics (US): 1994. p. 312-4. Meux E. Encrypting personal identifiers. Health Serv Res 1994 Jun;29(2):247-56. Mjolsnes SF. Privacy, cryptographic pseudonyms, and the state of health. In: Imai H, Rivest RL, Matsumoto T, editors. Advances in cryptology - ASIACRYP’I‘ '91. Proceedings of the International Conference on the Theory and Application of Cryptology; 1991 Nov 11-14; Fujiyoshida, Japan. Berlin: Springer-Verlag', 1993. p. 493-4. Mulligan D. Methods of identifying individuals in health information systems. In: Toward an electronic patient record '95. I 1th International Symposium on the Creation of Electronic Health Record Systems. Proceedings; 1995 Mar 14-19; Orlando, FL. Vol. 2. Newton (MA): Medical Records Institute; 1995. p. 428-41. National ID systems demand proper safeguards. Data Protection Registrar advocates debate. IHRIM 1994 Aug;35(3):9-10. Szolovits P, Kohane 1. Against simple universal health-care identifiers. J Am Med Inform Assoc 1994 Jul-Aug;1(4):316-9. Thirion X, Maldonado J, Sambuc R, San Marco JL. An experiment in the anonymous distribution of AIDS-medicaments in Southern France. Int Conf AIDS 1990 Jun 20—23;6(3)2301. Abstract no. S.D.845. Waegemann CP. Patient identifiers: insurance identification and patient identification in health care. Executive summary. Toward Electron Patient Rec 1993 Oct;Analysis 3210-4. Williams BC, Demitrack LB, Fries BE. The accuracy of the National Death Index when personal identifiers other than Social Security number are used. Am J Public Health 1992 Aug;82(8): 1145-7. m0- AUDIT TRAILS Bakker AR. Special care needed for the heart of medical information systems. In: Biskup J, Morgenstem M, Landwehr CE, editors. Database Security, 8: Status and Prospects. Proceedings of the IFIP WG11.3 Working Conference on Database Security; 1994 Aug 23-26; Bad Salzdetfurth, Germany. London: Chapman & Hall Ltd.; 1994. p. 3-10. (IFIP transactions A (computer science and technology); vol. A—60). Borten K. Using an audit facility to protect patient data at the Massachusetts General Hospital. In: Toward an electronic patient record '95. 11th International Symposium on the Creation of Electronic Health Record Systems. Proceedings; 1995 Mar 14-19; Orlando, FL. Newton (MA): Medical Records Institute; 1995. p. 115-20. Hammond JE, Berger RG, Carey TS, Fakhry SM, Rutledge R, Kichak JP, Cleveland TJ, Dempsey MJ, Tsongalis NM, Ayscue CF. Report on the clinical workstation and clinical data repository utilization at UNC Hospitals. Proc Annu Symp Comput Appl Med Care 1994;18:276-80. Hayam A. Security Audit Center--a suggested model for effective audit strategies in health care informatics. Int J Biomed Comput l994 Feb;35 Suppl: 1 15-27. Kowalski S. An accountability server for health care information systems. Int J Biomed Comput l994 Feb;35 Suppl:129-38. Muhlenberg provides secure access to patient files. Commun News 1995 May;32(5):16. Schwartz M. Protecting patient data confidentiality in the healthcare environment. EDPACS 1993 Sep: 21(3):12—8. Walker NS. An integrated clinical computer system: implications for a medical information services department. J AHIMA 1994 Dec;65(12):41—3. 13 ELECTRONIC SIGNATURES Barber B, Douglas S. An initial approach to the security techniques required by the electronic patient record. Int J Biomed Comput 1994 Feb;35 Supp1233-8. Branstad DK, editor. Report of the NIST Workshop on Digital Signature Certificate Management, December 10-11, 1992. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1993 Aug. Report No.: NIST Internal Report (NISTIR) 5234. Available from: NTIS, Springfield, VA; PB94-135001. Bryant LE Jr. Health law: legal authorization for the electronic signature or computer-generated signature code on medical records in Illinois. J AHIMA 1992 Sep;63(9):18-9. Curtis EH. Electronic signature of computerized patient records. Top Health Inf Manag 1994 Aug;15(1):64-73. French B, Priester RA. Electronic signature thrives in different environments. J AHIMA 1995 Jun; 66(6):61-3. Kadzielski MA, Reynolds MB. Legal review: auto- authentication of medical records raises verification concerns. Top Health Inf Manag 1993 Aug;l4(1):77—82. Lima C. Challenges in the approval process for the physician computerized signature. J AHIMA 1993 Feb;64(2):55-8. National Institute of Standards and Technology (US), Computer Systems Laboratory. Digital signature standard (DSS). Gaithersburg (MD): The Institute; 1994 May 19. (Federal information processing standards; FIPS PUB 186). Available from: NTIS, Springfield, VA. National Institute of Standards and Technology (US), Computer Systems Laboratory. Secure hash standard. Gaithersburg (MD): The Institute; 1995 Apr. (Federal information processing standards; FIPS PUB 180-1). Available from: NTIS, Springfield, VA. Noel LA. Electronic signatures: a brief overview. J Am Med Rec Assoc 1991 Sep;62(9):38-43. 14 Silva A. Electronic signatures: one hospital's approach. J Am Med Rec Assoc 1991 Jul; 62(7):24—5. Smith JP. Authentication of digital medical images with digital signature technology. Radiology 1995 Mar;]94(3):771-4. Waegemann CP. The new standard guide for electronic signatures. ASTM Stand News 1995 Aug;23(8):4-7. ENCRYPTION Abou-Tayiem E. Implementation of the RSA public-key cryptosystem. Stevenage (Herts, UK): Institution of Electrical Engineers; 1995. Baum MS. Federal certification authority liability and policy. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1994 Jun. Report No: NIST GCR 94-654. Available from: NTIS, Springfield, VA; PB94-191202. Garfinkel S. PCP: pretty good privacy. Sebastopol (CA): O'Reilly & Associates, Inc.; 1994. Houser WR. NIST's 'victory' will save DSS users an arm and a leg. Gov Comput News 1993 Jul 5; 12(14):25-6. National Institute of Standards and Technology (US). Proposed Federal Information Processing Standard (FIPS) for public key cryptographic entity authentication mechanisms. Fed Regist 1995 Jun 6;60(108):29830-2. National Institute of Standards and Technology (US), Computer Systems Laboratory. Appendix 5. Example of the DSA. Gaithersburg (MD): The Institute; 1995 Oct 2. (Federal information processing standards; FIPS PUB 186). National Institute of Standards and Technology (US), Computer Systems Laboratory. Data encryption standard. Gaithersburg (MD): The Institute; 1993 Dec (Reaffirmed until 1998). (Federal information processing standards; FIPS PUB 46-2). Available from: NTIS, Springfield, VA. National Institute of Standards and Technology (US), Computer Systems Laboratory. Escrowed encryption standard (EES). Gaithersburg (MD): The Institute; 1994 Feb. (Federal information processing standards; FIPS PUB 185). Available from: NTIS, Springfield, VA. National Institute of Standards and Technology (US), Computer Systems Laboratory. Key management using ANSI X9.17. Gaithersburg (MD): The Institute; 1992 Apr. (Federal information processing standards; FIPS PUB 171). Available from: NTIS, Springfield, VA. National Institute of Standards and Technology (US), Computer Systems Laboratory. Security requirements for cryptographic modules. Gaithersburg (MD): The Institute; 1994 Jan. (Federal information processing standards; FIPS PUB 140—1). Available from: NTIS, Springfield, VA. National Institute of Standards and Technology (US), Computer Systems Laboratory. Standard on computer data authentication. Gaithersburg (MD): The Institute; 1985 May. (Federal information processing standards; FIPS PUB 113). Available from: NTIS, Springfield, VA. Oldehoeft AE, Branstad D, editors. Report of the NIST Workshop on Key Escrow Encryption. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1994 Jun. Report No.: NIST Internal Report (NISTIR) 5468. Available from: NTIS, Springfield, VA; PB94-209459. Olnes J. EDIFACT security made simple-the EDIMED approach. Comput Secur 1993 Dec; 12(8):765-74. Schneier BifiApplied cryptography: protocols, algorithms and source code in C. 2nd ed. New York: Wiley & Sons, Inc.; 1995. Stevens A. Hacks, spooks, and data encryption. Dr Dobbs J 1990 Sep;15(9):127—38. Zamparo R. A study of OSI key management. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1992 Nov. Report No.: NIST Internal Report (N ISTIR) 4983. Available from: NTIS, Springfield, VA; PB93-151579. 15 SOFTWARE & APPLICATION DESIGN/PROTECTION Bassham LE, Polk WY. Security of SQL—based implementations of product data exchange using STEP. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1993 Oct. Report No.: NIST Internal Report (N ISTIR) 5283. Available from: NTIS, Springfield, VA; PB94-139649. Bassoe CF. [Data hygiene. Data security, prevention of wrong or useless information and high quality of communication]. Tidsskr Nor Laegeforen 1995 Jan 20;115(2):252-5. (Nor). Baum-Waidner B, Bunz H, Capellaro C. SAMSON, security management in a health care scenario. In: Kugler HJ, Mullery A, Niebert N, editors. 2nd International Conference on Intelligence in Broadband Services and Networks; 1994 Sep 79; Aachen, Germany. Berlin: Springer-Verlag; 1994. p. 503-12. Bennett PA. Safety standards in medical software. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 105 Press; 1991. p. 197-213. (Studies in health technology and informatics; vol. 1). Biskup J. Medical database security. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 214-30. (Studies in health technology and informatics; vol. 1). Cannataci JA. Data protection issues in database management and expert systems. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 161-80. (Studies in health technology and informatics; vol. 1). Davey J. Tools and techniques for the development of secure software. Int J Biomed Comput 1994 Feb;35 Suppl: 173-8. Eichinger S, Pemul G. Design environment for a hospital information system: meeting the data security challenge. In: Lun KC, Degoulet P, Piemme TE, Rienhoff O, editors. MEDINFO 92. Proceedings of the 7th World Congress on Medical Informatics; 1992 Sep 6-10; Geneva, 16 Switzerland. Vol.2. Amsterdam: North-Holland; 1992. p, 1582—8. Filsinger J. Integrity and the audit of trusted database management systems. In: Database Security, 6: Status and Prospects. IFIP WG 1 1.3 workshop; 1992 Aug 19—21; Vancouver, BC, Canada. [Amsterdam?: North—Holland?]; 1993. p. 349-65. (IFIP transactions A (computer science and technology); vol. A-21). Haber L. Prevention is the best medicine. (impact and prevention of computer viruses and the emergence of anti-virus software). MIDRANGE Syst 1992 Feb 4;5(3):68-70. Kailey JB, editor. Validated products list 1995 No. 2. Vol. 1, Programming languages, database language SQL, graphics, POSIX, and computer security; Vol. 2, GOSIP. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1995 Apr. Report No: NIST Internal Report (NISTIR) 5629. Available from: NTIS, Springfield, VA; PB95-937301. Kemmerer RA. A multi-level formal specification of a mental health care database. In: J ajodia S, Landwehr CE, editors. Database Security, 4: Status and Prospects. Results of the IFIP WG 11.3 workshop; 1990 Sep 18-21; Halifax, UK. Amsterdam: North-Holland; 1991. p. 27-51. Morgan JD. Point of care and patient privacy: who is in control? Top Health Inf Manag 1994 May; l4(4):36-43. Pangalos G, Pomportsis A, Bozios L, Khair M. Development of secure medical database systems. In: Karagiannis D, editor. Proceedings of DEXA 94; 1994 Sep 7-9; Athens, Greece. Berlin: Springer—Verlag; 1994. p. 680-9. Polk WT, Bassham LE. A guide to the selection of anti—virus tools and techniques. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1992 Dec. (NIST special publication; 800-5). Available from: NTIS, Springfield, VA; PB93-152049. Polk WT, Bassham LE. Security issues in the database language SQL. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1993 Aug. (NIST special publication; 800-8). Available from: US GPO, Washington; SN 003-003-03225—5. Ting TC. Application information security semantics: a case of mental health delivery. In: Spooner DL, Landwehr C, editors. Database Security, 3: Status and Prospects. Results of the IFIP WG 11.3 workshop; 5-7 Sep 1989; Monterey, CA. Amsterdam: North-Holland; 1990. p. 1-12. Ulirsch RC, Ashwood ER, Noce P. Security in the clinical laboratory. Guidelines for managing the information resource. Arch Pathol Lab Med 1990 Jan;1 14(1):89-93. van Dorp HD, Dubbeldam JP. The AIM SEISMED guidelines for system development and design. Int J Biomed Comput 1994 Feb;35 Supplzl79—86. Watt R. Security in VAX DSM Version 6.0. MUG Q1991 Jun;21(3):106—11. Weingarten J. Can confidential patient information be kept private in high-tech medicine? MD Comput 1992 Mar—Apr;9(2):79-82. NETWORK SECURITY Bagwill R, Barkley J, Carnahan L, et a]. Security in open systems. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1994 Jul. (NIST special publication; 800-7). Available from: US GPO, Washington; SN003-003-03276-0. Bleumer G. Security for decentralized health information systems. Int J Biomed Comput 1994 Feb;35 Supplzl39-45. Campbell LA. How secure is the Internet for health care applications? Toward Electron Patient Rec 1995 Jun—Jul;4(1):1, 3-16. Castagna R. The well-guarded LAN. PC Sources 1991 Sep;2(9):139-42. Cheswick WR, Bellowin SM. Firewalls and Internet security: repelling the wily hacker. Reading (MA): Addison—Wesley Pub. Co., Inc.; 1994. 306 p. Dayanim J. Disaster recovery: options for public and private networks. (includes related article on network recovery for integrated LAN/W AN networks). Telecommunications 1991 Dec; 25(12):48-52. de Roulet D, Le HS, Scherrer JR. The technical conditions for an open architecture. Int J Biomed Comput 1994 Feb;35 Supp12107-14. Fernandez Del Val C. Medical network security and viruses. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: [05 Press; 1991. p. 271-84. (Studies in health technology and informatics; vol. 1). Harwood R. Install the wall. DEC Prof 1994 Dec; 13(12):44—5. Howlett P, Powell T. United we stand (hospital network security). Br J Healthc Comput Inf Manag 1994 Oct;11(8):26-7. Klimmins J, Dinkel C, Walters D. Telecommunications security guidelines for telecommunications management network. Gaithersburg (MD): National Institute of Standards and Technology (US); 1995 Oct. 37 p. (NIST special publication; 800-13). 17 Available from: US GPO, Washington; SN003-003-03376-6. Leon 8], Narayanan R. Network management information for system control. In: Proceedings of GLOBECOM '93. IEEE Global Telecommunications Conference; 1993 Nov 29 — Dec 2; Houston, TX. Vol. 3. New York: IEEE; 1993. p. 1553—7. McWilliams S. How Boston's Beth Israel Hospital copes with security on the Internet. IS Anal 1994 Dec;33(12):12-6. Moehr JR, McDaniel JG. Security precautions for networked computers. Dimens Health Serv 1991 Apr;68(3):21-4. National Institute of Standards and Technology (US), Computer Systems Laboratory. Standard security label for information transfer. Gaithersburg (MD): The Institute; 1994 Sep. (Federal information processing standards; FIPS PUB 188). Available from: NTIS, Springfield, VA. Pfitzmann A, Pfitzmann B. Security in medical networks. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 231-48. (Studies in health technology and informatics; vol. 1). Private Branch Exchange (PBX) security guidelines. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1993 Sep. Report No.: NIST GCR 93—635. Available from: NTIS, Springfield, VA; PB94-100880. Rotenberg M. Communications privacy: implications for network design. Commun ACM 1993 Aug; 36(8):61-9. Vaughan-Nichols S. Safety nets and Unix networks. Comput Shopp 1991 Dec;11(12):770-2. Wack JP, Carnahan LJ. Keeping your site comfortably secure: an introduction to Internet firewalls. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1994 Dec. (NIST special publication; 800-10). Available from: US GPO, Washington; SN003-03313-8. 18 IMAGES & TELEMEDICINE Gilbert F. How to minimize the risk of disclosure of patient information used in telemedicine. Telemed J 1995;1(2):91-4. Kuroda C, Yoshioka H, Kadota T, Narumi Y, Okamoto H, Kumatani T, Hiruma O, Kumatani Y, Yoshida J. Small PACS for digital medical images-—reliability and security in a clinical setting. Comput Methods Programs Biomed 1994 May;43(1-2):101—6. Manny B. Professional practice forum: photographs and videotapesi J AHIMA 1992 Dec;63(12): 24-6. Norton SA, Lindborg CE, Delaplajn CB. Consent and privacy in telemedicine. Hawaii Med J 1993 Dec;52(12):340—l. Ohyama N. IS & C system and file protection mechanism. Comput Methods Programs Biomed 1994 May;43(l-2):37-42. Parsons DF. Progress and problems of interhospital consulting by computer networking. Ann N Y Acad Sci 1992 Dec 17;670:1-11. Savkar S, Waters RJ. Telemedicine - implications for patient confidentiality and privacy. Health Inf Syst Telemed 1995; (1):4-7. Smith JP. Ensuring confidentiality on computer networks. Diagn Imaging (San Franc) 1995 Jul;17(7):43-4, 47. Yachida M, Kitagawa H. [File security techniques on Image Save and Carry system]. J Inst Telev Eng Jpn 1993 Feb;47(2):154—7. (Jpn). SECONDARY USAGE OF HEALTH DATA - Research & Quality Review Agency for Health Care Policy and Research (US). Report to Congress: the feasibility of linking research-related data bases to federal and non-federal medical adminstrative data bases. Rockville (MD): The Agency; 1991 Apr. (AHCPR Pub; no. 91—0003). Benbassat J, Levy M. Ethical and legal problems in researcher's access to data stores. In: Allebeck P, Jannsson B, editors. Ethics in medicine: individual integrity versus demands of society. New York: Raven Press; 1990. p. 159-65. Bentley-Cooper J E. Protecting human research from an invasion of privacy: the unintended results of the Commonwealth Privacy Act 1988. Aust J Public Health 1991 Sep;15(3):228-34. Berglund CA. Australian standards for privacy and confidentiality of health records in research: implications of the Commonwealth Privacy Act. Med J Aust 1990 Jun 18;]52(12):664—9. Beto JA, Geraci MC, Marshall PA, Bansal VK. Pharmacy computer prescription databases: methodologic issues of access and confidentiality. Ann Pharmacother 1992 May;26(5):686-91. Clayton EW. Panel comment: why the use of anonymous samples for research matters. J Law Med Ethics 1995;23(4):375—7. Donaldson MS. Regional health databases, health services research, and confidentiality: summary of an invitational workshop. National Implications of the Development of Regional Health Database Organizations; 1994 Jan 31- Feb 1; Washington. Washington: Institute of Medicine; 1994. 49 p. Donaldson MS, Lohr KN, editors. Health data in the information age: use, disclosure, and privacy. Washington: National Academy Press; 1994. 257 p. Edouard L, Rawson NS. Use of personal records for research purposes. Identification numbers help maintain confidentiality [letter]. BMJ 1995 Jan 28;310(6974):257-8. Comment on: BMJ 1994 Nov 26;309(6966):1422-4. Fayerweather WE, Tirey SL, Baldwin JK, Hoover BK. Issues in data sharing and access: an industry perspective. J Occup Med 1991 Dec; 33(12):1253—6. Flaherty DH. Privacy, confidentiality, and the use of Canadian health information for research and statistics. Can Public Adm 1992 Spring;35(1): 75-93. Gostin LO, Lazzarini Z. Childhood immunization registries. A national review of public health information systems and the protection of privacy. JAMA 1995 Dec 13;274(22):l793-9. Gulbinat W. Dialogue: will the increased integration of information systems necessitate lowering standards for patient confidentiality and data privacy? Balancing individual and societal needs: micro— vs. macro-ethics. Behav Healthc Tomorrow 1994 Jan—Feb;3(1):32, 39-41. Hakulinen T. [Cancer registry and data security]. Nord Med 1993;108(8-9):213-5. (Swe). Harding N, Giles A, Graveney M. Evolution and protection of the health care record as a European document. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 88-121. (Studies in health technology and informatics; vol. 1). Helgason T. Epidemiological research needs access to data. Scand J Soc Med 1992 Sep;20(3): 129-33. Jones JK, Staffa J, Lian J, Miwa L. Record linkages. Eur J Clin Res 1994;6z87-91. Kluge EH. Advanced patient records: some ethical and legal considerations touching medical information space. Methods Inf Med 1993 Apr;32(2):95—103. Comment in: Methods Inf Med 1993 Apr;32(2):104-7. Kluge EH. Health information, the fair information principles and ethics. Methods Inf Med 1994 Oct;33(4):336-45. Comment in: Methods Inf Med 1994 Oct;33(4):348-50. Lawrence LM. Safeguarding the confidentiality of automated medical information. It Comm J Qual Improv 1994 Nov;20(11):639-46. 19 Lincoln TL. Privacy: a real-world problem with fuzzy boundaries [editorial]. Methods Inf Med 1993 Apr;32(2): 104-7. Comment on: Methods Inf Med 1993 Apr;32(2):95-103. Lincoln TL, Essin DJ. In search of rules for confidentiality: a critique of one proposal [editorial]. Methods Inf Med 1994 Oct;33(4): 348-50. Comment on: Methods Inf Med 1994 Oct;33(4):336-45. Logan JA 3rd, Hebbeler G. Formatting and presenting quality data to medical staffs and hospital boards. Physician Exec 1994 Oct; 20(10):]9-21. Lousson JP. [Teletransmission, health care and deontology]. Ann Pharm Fr 1995;53(2):79-82. (Fre). Lowel H, Lewis M, Gostomzyk J, Keil U. [Population-based heart infarct register in the Augsburg region: possibilities and limitations]. Soz Praventivmed l991;36(3):159-65. (Ger). Lynge E. European directive on confidential data: a threat to epidemiology [editorial]. BMJ 1994 Feb l9;308(6927):490. Comment on: BMJ 1994 Feb 19;308(6927):522-3. McClure ML. The uses and abuses of large data sets. I Prof Nurs 1991 Mar-Apr;7(2):72. Panda SK, Nagabhushanam A. Fuzzy data distortion. Comput Stat Data Anal 1995 May;19(5):553—62. Reilly PR. Panel comment: the impact of the Genetic Privacy Act on medicine. J Law Med Ethics 1995;23(4):378-81 . Schrage R. [Cancer register problems-modified reporting law model for the improvement of data protection]. Offentl Gesundheitswes 1991 Nov; 53(11):746-52. (Ger). Ten Ham M. Confidentiality of medical databases and pharmaco-epidemiology. Drug Inf J 1995; 29(1):343-49. Thomas SP. Issues in data management and storage. J Neurosci Nurs 1993 Aug;25(4):243-5. Tuchsen F, Bach E, Andersen O, Jorgensen J. The use of a national hospital register for hypothesis generation. Inf Serv Use 1990;10(1-2):15-23. 20 van der Leer OF. The use of personal data for medical research: how to deal with new European privacy standards. Int] Biomed Comput 1994 Feb;35 Suppl:87-95. Verloove-Vanhorick SP, Brand R. [Perinatal registration: a pilot study of matching of data from the National Obstetrics Registration and the National Neonatology Registration]. Ned Tijdschr Geneeskd 1992 Oct 24;136(43): 2127-31. (Dut). Walsh M, Cortez F. Quality assurance system must balance functionality with data security. Comput Nurs 1991 Jan-Feb;9(l):27-8. Wan L. The legality of unlinked anonymous screening for HIV infection: the US. approach. Health Policy 1990 J an-Feb;14(1):29-35. Westrin CG. Ethical, legal, and political problems affecting epidemiology in European countries. IRB 1993 May—Jun;15(3):6-8. Statistics Ahituv N, Lapid Y, Neumann S. Protecting statistical databases against retrieval of private information. Comput Secur 1988 Feb;7(1):59-63. Denning DE, Schlorer J. Inference controls for statistical databases. Computer 1983 Jul:69-82. Duncan GT, Jabine TB, de Wolf VA, editors. Private lives and public policies: confidentiality and accessibility of government statistics. Washington: National Academy Press; 1993. Guynes CS, Maples GE, Prybutok VR. Privacy issues in statistical database environments. Comput Soc 1995 Dec;25(4):3—5. Hoffman L], Miller WF. Getting a personal dossier from a statistical data bank. Datamation 1970 May;16(5):74-5. Ozsoyoglu G, Chin FY. Enhancing the security of statistical databases with a question-answering system and a kernel design. IEEE Transact Softw Eng 1982 May;SE-8(3):223-34. Thelot B. [A general solution to the linkage of anonymous medical data]. C R Acad Sci III 1990;310(8):333-8. (Fre). SMART CARDS Allaert FA, Dusserre L. Security of health information system in France: what we do will no longer be different from what we tell. Int] Biomed Comput 1994 Feb;35 Suppl:201-4. Boulanger MH. Legal aspects of the medical data card. I. Comput Law Secur Rep 1990 Sep-Oct;6(3):8-l 1. Card technologies. Toward Electron Patient Rec 1993 Oct;Analysis 3:1-6. Chaum D, editor. Smart Card 2000. Selected papers from the 2nd International Smart Card 2000 Conference; 1989 4-6 Oct; Amsterdam, Netherlands. Amsterdam: North-Holland; 1991. 206 p. de Martino A. The laser card: a challenge for physicians. In: Waegemann CP, editor. Patient care with computers and cards. 5th Global Congress on Patient Cards and Computerization of Health Records; 1993 Jun 7-9: Venice, Italy. Newton (MA): Medical Records Institute; 1993. p. 33-5. Guanyabens .I, Baig B. AIM coordinated action on patient data cards. In: Noothoven van Goor J , Christensen JP, editors. Advances in medical informatics: results of the AIM Exploratory Action. Washington: IOS Press; 1992. p. 393-96. (Studies in health technology and informatics; vol. 2). Guibert H, Gamache A. Optical memory card applicability for implementing a portable medical record. Med Inf (Lond) 1993 Jul-Sep;18(3): 271-8. Gunner C. Portable health card interface for multiple health care applications. In: 3rd Global Conference on Patient Cards; 1991 Mar 12-15; Barcelona, Spain. Newton (MA): Medical Records Institute; 1991. p. 305-16. Hartleb U. Administrative aspects of data protection. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 334—49. (Studies in health technology and informatics; vol. 1). Hayes G. The AIM Patient Data Card Working Group's view of security. In: 3rd Global Conference on Patient Cards; 1991 Mar 12-15; Barcelona, Spain. Newton (MA): Medical Records Institute; 1991. p. 280-3. Klein GO. Smart cards--a security tool for health information systems. Int J Biomed Comput 1994 Feb;5 Suppl: 147-51. Kohler CO, Rienhoff O, Schaeffer OP, editors. Health cards '95. Proceedings of the Health Cards '95 Conference; 1995 Oct 23-26; Frankfurt. Washington: 108 Press; 1995. 372 p. (Studies in health technology and informatics; vol. 26). Krings G. Intelligent memory chips for smart cards. Siemens Compon (Eng Ed) 1994 Jan-Feb;29(1): 13-7. Kuhnel E, Klepser G, Engelbrecht R. Smart cards and their opportunities for controlling health information systems. Int J Biomed Comput 1994 Feb;35 Suppl:153-7. Martelli M, Tenneriello L. The CP8 smart card: a technology for solutions in medical areas. In: Waegemann CP, editor. Patient care with computers and cards. 5th Global Congress on Patient Cards and Computerization of Health Records; 1993 Jun 7-9; Venice, Italy. Newton (MA): Medical Records Institute; 1993. p. 36-8. Nguyen Nam T, Printz Y, Saadoui S, Nicolay A. Benefit and risk assessment of computerized health cards: a case study. In: Berleur J, Beardon C, Laufer R, editors. Proceedings of the IFIP WG9.2 Working Conference on Facing the Challenge of Risk and Vulnerability in an Information Society; 1993 May 20-22; Namur, Belgium. Amsterdam: Elsevier Science Pub.; 1993. p. 153-60. (IFIP transactions A (computer science and technology); vol. A-33). Pangalos G. Design and implementation of computer-readable patient data cards --applications in Europe. Med Inf (Lond) 1992 Oct-Dec;l7(4):243-56. Paradinas P, Vandewalle J]. A personal and portable database server: the CQL card. In: Litwin W, Risch T, editors. Proceedings of 1994 International Conference on Applications of Databases; 1994 Jun 21 —23; Vadstena, Sweden. Berlin: Springer-Verlag; 1994. p. 444-57. Pemice A, Doare H, Rienhoff O, editors. Healthcare card systems, EUROCARDS concerted action, European Commission, Healthcare Telematics, DG XIII-C4. Washington: 108 Press; 1995. 21 218 p. (Studies in health technology and informatics; vol. 22). Poullet Y, Boulanger MH. Data protection-medicine. III. Towards a new normative framework. Comput Law Secur Rep 1991 Jan—Feb;6(5): 18-23. Poullet Y, Boulanger MH. Part II-existing regulations applicable to medical data cards. Comput Law Secur Rep 1990 Nov-Dec;6(4):25-8. Quisquater 1]. Practical zero—knowledge protocols. In: Proceedings of Compsec International 1990; 1990 Oct 10-12; London. Oxford (UK): Elsevier Advanced Technol.; 1990. p. 427-8. Rossing N, Pemice A. Harmonized developments of patient data cards in the European Community. Toward Electron Patient Rec 1993 Oct;Analysis 3:6-10. Scherrer JR. Smart cards and medical data protection. In: 3rd Global Conference on Patient Cards; 1991 Mar 12-15; Barcelona, Spain. Newton (MA): Medical Records Institute; 1991. p. 276-9. Seaton B. The smart card: a tool for smart hospitals. Dimens Health Serv 1991 Apr;68(3):15-8. Takac PF. A discussion of the application of smart cards within health care. Int J Comput Appl Technol 1993;6(2—3):1 12-21. Waegemann CP. The role of patient cards in health care. Toward Electron Patient Rec 1993 Oct; 2(3):l, 3-4, 8-15. 22 LAWS, REGULATIONS, LEGAL ASPECTS Federal - Laws, Bills, & Regulations A Bill to Safeguard Individual Privacy of Genetic Information from the Misuse of Records Maintained by Agencies or Their Contractors or Grantees for the Purpose of Research, Diagnosis, Treatment, or Identification of Genetic Disorders, and to Provide to Individuals Access to Records Concerning their Genome which are Maintained by Agencies for Any Purpose. HR. 2045, 102d Cong, lst Sess. (1991). Introduced April 24, 1991 by John Conyers. Civil money penalties for failure to report on medical malpractice payments and for breaching the / confidentiality of information--HHS. Final rule. / ) Fed Regist 1991 Jun 21 ;56(120):28488-94. " Fair Health Information Practices Act of 1995. ,~ H.R.435,104th Congress, lst Sess. (1995). .N J Introduced by Gary Condit, California. Federal Privacy Act of 1974, 5 U.S.C. Sec. 552a ‘1 (1988). ~ ) E Medicaid program: computer matching and privacy 1 protection for Medicaid eligibility--HCFA. Final ,' _ rule. Fed Regist 1994 Jan 31 ;59(20):4252-5. ”' Medical Records Confidentiality Act of 1995. 5.1360, 104th Congress, lst Sess. (1995). /, Introduced by Robert Bennett, Utah. W Smith RE, Sulanowski J S, editors. Compilation of state and federal privacy laws. Providence (RI): Privacy Journal; 1992. Medical records; p. 32—7. 7;) — Legal Aspects - Commentary Alpert S. Smart cards, smarter policy. Medical records, privacy, and health care reform. Hastings Cent Rep 1993 Nov-Dec;23(6):13-23. American Health Information Management Association. Health information model legislation language. Chicago: AHIMA; 1993 Feb. 14 p. American Health Information Management Association. Language for model health information legislation on creation, authentication and retention of computer-based patient records. Chicago: AHIMA; 1995 May. 6 p. Andresen DC. The computerization of health care: can patient privacy survive? J Health Hosp Law 1993 Jan;26(1):1-10, 19. Annas GJ, Glantz LH, Roche PA. Drafting the Genetic Privacy Act: science. policy, and practical considerations. J Law Med Ethics 1995;23(4):360—6. Brannigan V, Beier B. Standards for privacy in medical information systems: a technico-legal revolution. Proc Annu Symp Comput Appl Med Care 1990;14:266-70. Brannigan VM. Behavioral healthcare computer systems and the law: the problem of privacy. Behav Healthc Tomorrow 1994 J an-Feb;3(l): 57-61. Brannigan VM. Protecting the privacy of patient information in clinical networks: regulatory effectiveness analysis. Ann N Y Acad Sci 1992 Dec 17;670:190-201. Brannigan VM. Protection of patient data in multi-institutional medical computer networks: regulatory effectiveness analysis. Proc Annu Symp Comput Appl Med Care 1993;17:59-63. Branscomb AW. Who owns information? From privacy to public access. New York: BasicBooks; 1994. Chapter 3, Who owns your medical history; p. 54-72, 202-8. Collins HL. Legal risks of computer charting . RN 1990 May;53(5):81—6. Published erratum appears in RN 1990 Sep;53(9):9. Cummings NB. Patient confidentiality. Second Opin 1993 Oct;19(2):112-6. » Frawley KA. Achieving the CPR while keeping an ancient oath. Healthc Inform 1995 Apr;12(4): 28-30. Gobis LJ. Protecting the confidentiality of computerized medical records, preparing for litigation. Healthspan 1994 Sep;11(8):11-3. Gostin LO. Genetic privacy. J Law Med Ethics 1995;23(4):320-30. Gostin LO. Health information privacy. Cornell Law Rev 1995 Mar;80(3):451—528. Gostin LO, Turek-Brezina J, Powers M, Kozloff R. Privacy and security of health information in the emerging health care system. Health Matrix 1995 Winter;5(1):1—36. Gostin LO, Turek-Brezina J, Powers M, Kozloff R, Faden R, Steinauer DD. Privacy and security of personal information in a new health care system. JAMA 1993 Nov 24;270(20):2487-93. Comment in: JAMA 1994 May 18;27l(19):l484-5. Green VL, Marsh CK. Unauthorized disclosure of medical records opens facility to liability. Provider 1992 Sep;l8(9):58-60. Ivancic J M. Confidentiality of health care information: some notable concerns. Perspect Healthc Risk Manag 1992 Winter;12(l):13-6. Miller DW. Fulfilling the transcriptionist‘s responsibility for information security. J Am Assoc Med Transcr 1995 May-Jun;14(3):30. 32-5. Miller DW. Preserving the privacy of computerized patient records. Healthc Inform 1993 Oct;10(10): 72-4. Oliver WW. Technology versus privacy: prescription accountability in the health care delivery system. J Psychoact Drugs 1992 Jul-Sep;24(3):285-90. Reed K. Computerization of health care information: more automation, less privacy. J Health Hosp Law 1994 Dec;27(12):353-68, 384. Roach WH. Medical records and the law. 2nd ed. Gaithersburg (MD): Aspen Pub.; 1994. 346 p. Schwartz PM. The protection of privacy in health care reform. Vanderbilt Law Rev 1995 Mar; 48(2):VI-347. Simpson RL. Ensuring patient data, privacy, confidentiality and security. Nurs Manag 1994 Jul;25(7):18-20. Tomes JP. Compliance guide to electronic health records: a practical reference to legislation, codes, regulations, and industry standards. New York: Faulkner & Gray; 1996. 23 Tomes JP. Health care records management disclosure and retention: the complete legal guide. Chicago: Probus Pub: 1994. 636 p. Tyler JM. The Internet: legal rights and responsibilities. Medsurg Nurs 1995 Jun; 4(3):229—33. van Dam MN. The scarlet letter A: AIDS in a computer society. Comput Law J 1990 Apr; 10(2):233-64. Waldman MT, Tapay NH. Electronic data interchange and computerized information systems: privacy and confidentiality issues in a changing health care system. In: Group Health Association of America. Navigating reform: HMOs and managed care in a time of transition. Proceedings of the 44th Annual Group Health Institute; 1994 Jun 5-8; Miami Beach, Florida. Washington: The Association; 1994. p. 406-30. Waller AA, Fulton DK. The electronic chart: keeping it confidential and secure. J Health Hosp Law 1993 Apr;26(4):104-9. Zick CJ. Legal aspects of medical records confidentiality. J AHIMA 1995 May;66(5): 57-62. State - Laws, Bills, & Regulations Boynton MM, Paltzer-Fleming J. Educating your patients about health records--the new notice law. Minn Med 1994 Nov;77(11):S7-6l. Buckner F. The uniform health-care information act: A physician's guide to record and health care information management. J Med Pract Manag 1990;5(3):207-12. Health Care Access and Cost Commission - Medical Care Data Base Collection - Notice and Informed Consent. HR. 557, 410th Sess. (1996) Maryland General Assembly. Also introduced as S. 702. Jones R. Medical record access laws. J AHIMA 1992 Mar;63(3):29—34. Medical Records Institute's State Watch Project. Toward Electron Patient Rec 1995 Dec;4(5): 14-23. 24 Patient confidentiality. Salt Lake City: Med-Index Pub.; 1993. 104 p. - Legal Aspects - Commentary Cohen JD. HIV/AIDS confidentiality: are computerized medical records making confidentiality impossible? Softw Law J 1990 Oct;4(l):93-115. Curran WJ, Steams B, Kaplan H. Privacy, confidentiality and other legal considerations in the establishment of a centralized health—data system. N Engl J Med 1969 Jul 31;281(S):241—8. Green JH. Confidentiality of medical records under Minnesota law. Minn Med 1993 Oct;76(10): 31-6. Prentnieks ME. Minnesota access to health records. Practical steps to complying with a confusing law. Minn Med 1992 Sep;75(9):39—4l. Ryland CF. Confidentiality of medical records. Md Bar J 1993 Jul-Aug;26(4):44—8. Vilensky R. New York law on confidentiality of medical records. (part 1). N Y State Bar J 1994 Jan;66(1):38—44. Vilensky R. New York law on confidentiality of medical records. (part 2). N Y State Bar J 1994 Feb;66(2):24—30. Other Countries - Laws, Bills, & Regulations Access to Health Records Act 1990. (Great Britain). Ind Relat Leg Inf Bull 1991 Nov l;(436):11-2. Assia N. Data protection in Israel—the Protection of Privacy Law. Comput Law Pract 1990 May-Jun; 6(5):158-62. Cavoukian A. The privacy provisions of the Freedom of Information and Privacy Act. Health Law Can l990;10(3):206-9. Great Britain, Department of Health, National Health Service. Access to Health Records Act, 1990: a guide for the NHS. London: NHS Management Executive; 1991 Aug 23. 29 p. Health Administration (Quality Assurance Committees) Amendment Bill 1989, New South Wales. AustClin Rev 1990;10(1):19—21. Laske C. Data protection laws in Europe. Toward Electron Patient Rec 1995 Dec:4(5):1, 3-13. Lee-Winser J. The Data Protection Act: a decade of data protection in the NHS. Br J Healthc Comput Inf Manag 1995 Jun;12(5):20-1. Revill S. Privacy Act 1993. Health sector perspective. N Z Health Hosp 1993 Sep-Oct; 45(5 Suppl):l-3. - Legal Aspects - Commentary Allaert FA, Dusserre L. Transborder flows of personal medical data in Europe: legal and ethical approach. In: Lun KC, Degoulet P, Piemme TE, Rienhoff O, editors. MEDINFO 92. Proceedings of the 7th World Congress on Medical Informatics; 1992 Sep 6-10; Geneva, Switzerland. Vol. 2. Amsterdam: North—Holland; 1992. p. 1572-5. Brahams D. Right of access to medical records [news]. Lancet 1994 Sep 10;344(8924):743. Callens SH. The automatic processing of medical data in Belgium: is the individual protected? Med Law 1993;12(1-2):55-9. Cannataci JA. Legal aspects of picture archiving and communications systems. Int J Biomed Comput I992 May;30(3-4):209-14. de Klerk A. The right of patients to have access to their medical records: the position in South African law. Med Law 1993;12(1-2):77-83. Dickens BM. Medical records - patient's right to receive copies - physician's fiduciary duty of disclosure: McInemey v. McDonald. (Canada). Can Bar Rev 1994 Jun;73(2):234-42. Dierks C. Medical confidentiality and data protection as influenced by modern technology. Med Law 1993;12(6-8):547-51. European Parliament, Council of the European Union. Directive 95/ /EC of the European Parliament and of the Council of on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Brussels: The Council; 1995 Jul 20. 53 p. Gritzalis D, Tomaras A, Katsikas S. Keklikoglou J. Medical data protection: a proposal for a deontology code. J Med Syst 1990 Dec:14(6): 375-86. Howard G. Implications of the access to Health Records Act 1990. Occup Health (Lond) 1991 Oct;43(10):294-5. Jones RB, McGhee SM, McGhee D. Patient on-line access to medical records in general practice. Health Bull (Edinb) 1992 Mar;50(2):143-50. Laske C. Legal aspects of digital image management and communication. Med Inf (Lond) 1994 Apr-Jun; 19(2): 1 89-96. Legemaate J. The right of psychiatric patients to access to their records: Dutch developments. Med Law 1990;9(1):707-12. Lobato de Faria P. Data protection and confidentiality in health informatics: A survey of legal issues in the EC community. In: Noothoven van Goor J, Christensen JP, editors. Advances in medical informatics: results of the AIM Exploratory Action. Washington: 105 Press; 1992. p. 358-67. (Studies in health technology and informatics; vol. 2). Lobato De Faria P. A survey of legal issues and gaps in legal coverage in the EC. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 108 Press; 1991. p. 122-37. (Studies in health technology and informatics; vol. 1). Miller DW. What we can learn from the European privacy standard. Healthc Inform 1992 Jul;9(7): 92, 94. Naish J, Barr M. Records. Rights of access. Health Visit 1991 Sep;64(9):300-1. Poullet Y. Legal aspects of data protection in medical informatics. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 138—60. (Studies in health technology and informatics; vol. 1). 25 Rienhoff 0. Digital archives and communication highways in health care require a second look at the legal framework of the seventies. Int J Biomed Comput 1994 Feb:35 Suppl:13-9. Robinson DM. A legal examination of computerized health information. Health Law Can 1993;14(2): 40-6. Robinson DM. A legal examination of format, signature and confidentiality aspects of computerized health information. In: Lun KC, Degoulet P, Piemme TE, Rienhoff O, editors. MEDINFO 92. Proceedings of the 7th World Congress on Medical Informatics; 1992 Sep 6-10; Geneva, Switzerland. Vol. 2. Amsterdam: North-Holland: 1992. p. 1554—60. Smith D. The challenges of new technologies applying the UK Data Protection Act to document image processing. Int J Biomed Comput 1994 Feb;35 Suppl:81-6. Tervo-Pellikka R. The principles of data protection concerning patient related data in Finland. Int J Biomed Comput 1994 Feb;35 Suppl:39—50. Thiry E. Personal medical and social data: their processing and legal protection. Med Law 1993; 12(6-8):643-9. Vulliet-Tavernier S. [The protection of medical information data in France]. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: 105 Press; 1991. p. 181-90. (Studies in health technology and informatics; vol. 1). (Fre). Weigelt E, Scherb H. [Data protection and data access (I): federal data protection law and the social welfare code with reference to carrying out occupational medicine epidemiologic studies in Germany]. Gesundheitswesen 1992 Nov;54(11): 666-72. (Ger) Weigelt E, Scherb H. [Data protection and data access (11): Physician‘s responsibility for confidentiality, federal statistics law and data collection by authorization with reference to implementing occupational medicine epidemiologic studies in Germany]. Gesundheitswesen 1993 Jan;55(]):8—15. (Ger). 26 OTHER BIBLIOGRAPHIES Computer security and computer viruses [bibliography]. Tolland (CT): NERAC, Inc.; 1995 Dec. Available from: NTIS, Springfield, VA; PB96-8587l7. Prepared from Conference Papers Index. Jaisingh C, Fountain P, compilers. Smart cards [bibliography]. London: Institute of Electrical Engineers; 1994. 91 p. Includes information pack. Tavani HT. A computer ethics bibliography. Comput Soc 1995 Dec;25(4):9—38. Section 7, Computers and privacy; p.18-24. ORGANIZATIONS General Center for Democracy and Technology 1634 Eye Street NW, Suite 1100 Washington, DC 20006 202/637-9800 (Voice) 202/637-0968 (Fax) Email: info@cdt.org http://www.cdt.org CERT (Computer Emergency Response Team) Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213’3890 412/268-7090 (24—Hour Hotline) 412/268—6989 (Fax) Email: cert@cert.org http://www.cert.org Computer Professionals for Social Responsibility (CPSR) PO. Box 717 Palo Alto, CA 94302 415/322-3778 (Voice) 415/322-4748 (Fax) Email: admin@cpsr.org http://www.cpsr.org Computer Science and Telecommunications Board National Research Council 2101 Constitution Avenue, NW, HA560 Washington, DC 20418 202/334-2605 (Voice) 202/334-2318 (Fax) Email: cstb@nas.edu http://www.nas.edu Computer Security Resource Clearinghouse Computer Systems Laboratory National Institute of Standards and Technology Bldg. 820, Room 426 Gaithersburg, MD 20899 301/975—2832 (Voice) 301/975—3282 (Voice Hotline) Email: ramona.roach@nist.gov http://www.ncsl.nist.gov http://csrc.nist.gov Computer Security Technology Center Lawrence Livermore National Laboratory L-303 PO. Box 808 Livermore, CA 94551 510/423-6224 (Voice) 510/423-8002 (Fax) Email: cstc@llnl.gov http://ciac.llnl.gov/ 27 Electronic Frontier Foundation 1667 K Street, NW Suite 801 Washington, DC 20006-1650 202/861-7700 (Voice) 202/861-1258 (Fax) Email: info@eff.org http://www.eff.org Electronic Privacy Information Center 666 Pennsylvania Avenue, SE Suite 301 Washington, DC 20003 202/544-9240 (Voice) 202/547-5482 (Fax) Email: info@epic.org http://epic.org Information Infrastructure Task Force Secretariat Susannah B. Schiller Program Office > National Institute of Standards and Technology A 1000 Admin Gaithersburg, MD 20899 301/975-4529 (Voice) 301/216-0529 (Fax) Email: susannah.schiller@nist.gov http://iitf.doc.gov Internet Engineering Task Force c/o Corporation for National Research Initiatives (CNRI) 1895 Preston White Drive Suite 100 Reston, VA 22091 703/620-8990 (Voice) Email: ietf-web@cnri.reston.va.us httpzllwww.cnri.reston.va.us Internet Society 12020 Sunrise Valley Drive Suite 270 Reston, VA 22091 703/648-9888 (Voice) Email: isoc@isoc.org http://info.isoc.org National Computer Security Association 10 South Courthouse Avenue Carlisle, PA 17013 717-258-1816 (Voice) 717-243-8642 (Fax) Email: mlightfoot@ncsa.com http://www.ncsa.com 28 National Security Agency Publications Office INFOSEC Awareness Division Attn: Y13/IAOC 9000 Savage Road Ft. Meade, MD 20755-6000 410/766-8729 (Voice) http://www.nsa.org:8080 Privacy Forum c/o Lauren Weinstein Vortex Technology Woodland Hills, CA 818/225-2800 (Voice) 818/225-7203 (Fax) Email: privacy@vortex.com http://www.vortex.com Privacy Journal PO. Box 28577 Providence, RI 02908 401/274-7861 (Voice) Email: 0005101719@mcimai1.com Privacy Rights Clearinghouse Center for Public Interest Law 5998 Alcala Park San Diego, CA 92110 619/260-4806 (Voice) 619/298—3396 (Voice I-Iotline) 619/260-4753 (Fax) Email: prc@teetot.acusd.edu httpzl/www.manymedia.com/prc/ Health American Bar Association Section of Science and Technology Health Care Informatics Subsection Francoise Gilbert, Chair Altheimer & Gray Suite 4000 10 South Wacker Drive Chicago, Il 60606 312/715-4984 (Voice) 312/715-4800 (Fax) Email: fgilbert@interserv.com American Health Information Management Association (AHIMA) 919 N. Michigan Avenue, Suite 1400 Chicago, IL 60611 312/787-2672 (Voice) 312/787—5926 (Fax) 202/218-3535 (Voice - Washington, DC Office) 202/682-0078 (Fax - Washington, DC Office) http://www.ahima.org American Medical Informatics Association 4915 St. Elmo Avenue, Suite 401 Bethesda, MD 20814 301/657-1291 (Voice) 301/657-1296 (Fax) Email: mail@amia2.amia.org http://amia2.amia.org American National Standards Institute Healthcare Informatics Standards Planning Panel 11 West 42nd Street New York, NY 10036 212/642-4969 (Voice) 212/398-0023 (Fax) Email: scornish@ansi.org http://www.ansi.org American Society for Testing and Materials Committee on Healthcare Informatics (E31) (with Subcommittees: E31.17 - Access, Privacy & Confidentiality of Medical Records; E3120 - Authentication of Computer-Based Health Information; E31.21 - Health Information Networks) 100 Barr Harbor Drive West Conshohocken, PA 19428-2959 610/832-9555 (Voice) 610/832-9666 (Fax) Email: tluthy@local.astm.org Arent Fox Kintner Plotkin & Kahn Advisors in Technology and Information Law (including Telemedicine) 1050 Connecticut Avenue, NW Washington, DC 20036-5339 202/857—6000 (Voice) 202/857—6395 (Fax) Email: infolaw@arentfox.com http://www.arentf0x.com/ American Telemedicine Association 901 15th Street, NW, Suite 230 Washington, DC 20005 202/408-1400 (Voice) 202/408-1 134 (Fax) Email: jlinkous@idi.net Community Medical Network Society 5500 Interstate North Parkway, Suite 435 Atlanta, GA 30328 770/850-0540 (Voice) 770/850-9616 (Fax) Email: comnet@comnetsociety.org http://www.comnetsociety.org/~comnet Computer-Based Patient Record Institute (CPRI) 1000 E. Woodfield Road, Suite 102 Schaumburg, IL 60173 847/706-6746 (Voice) 847/706-6747 (Fax) Email: cprinet@aol.com http://www.cpri.org European Committee for Standardisation Technical Committee 251 (Medical Informatics) Working Group 6 (Healthcare Security, Privacy, Quality & Safety) Dr. Gunnar Klein, Chair Swedish Institute for Health Services Development (SPRI) PO. Box 70487 S-10726 Stockholm, Sweden 46-8-7024745 (Voice) 46-8—7024799 (Fax) Email: gunnar.klein@spri.se http://miginfo.rug.ac.bez8001/centc251/prestand/ wg6/wg6.htm Health Information Confidentiality Resource Center Health Information Administration Health Services Department School of Public Health and Community Medicine University of Washington 1107 NE 45th Street, Suite 355 JD-02 Seattle, WA 98105 206/543-8810 (Voice) 206/685-4719 (Fax) Email: mahanken@u.washington.edu Interdepartmental Health Privacy Working Group Nan D. Hunter, Chair Deputy General Counsel Department of Health and Human Services Room 713 Humphrey Building 200 Independence Avenue Washington, DC 20201 202/690-7780 (Voice) 202/690-7998 (Fax) Email: nhunter@ospag.ssw.dhhs.gov Medical Records Institute 567 Walnut Street PO. Box 289 Newton, MA 02160 617/964-3923 (Voice) 617/964-3926 (Fax) Email: cust_serv@medrecinst.c0m http://www.medrecinst.com 29 Workgroup for Electronic Data Interchange (WEDI) 10 Rogers Street, Unit 321 Cambridge, MA 02142 617/374-9170 (Voice) 617/494-0727 (Fax) Email: wedi@shore.net Order Form GRATEFUL MED® Software For Macintosh & IBM Please send me copies of GRATEFUL Please send me copies of GRATEFUL Billing Fee* = Total $ P.O. #: * Add $7.50 Billing Fee if using a Purchase Order. Please attach this form to any purchase order you use. MED for the MED for IBM and Macintosh. compatibles. Order No. PB93- Order No. PB92— 502433/GBB at $29.95 105444/GBB at $29.95 each. each. Total Mac versions + Total IBM versions + Enclosed is check / money order payable to NTIS for $ __. Charge to (check one): American Express [3 VISA E] MasterCard D Card Number Exp. Signature (Required to validate order): Send to: US. Department of Commerce National Technical Information Service 5285 Port Royal Rd. Springfield, VA 22161 Telephone: 1-800—553-6847 For ordering by FAX: (703) 321—8547 (Only for orders using credit card or purchase order) ' Note: The information you provide below will be used to mail you yearly upgrades of the software. Last Name: First Initial: Title: Company/ Organization: Address: City/State / Zip: Phone Number: ( ) In addition to your order you will receive information on obtaining a user code required to access the National Library of Medicine ’3 datafiles. May 1994 National Library of Medicine Reference Bibliography Series CURRENT _____Currenf BHBMOGRAPHES Bibliographies IN haematite Ln l l * Physical Medicme Activity and Cardiovascular $47.00 per year. Health GPO List ID: CBM96 Approximately ten bibliog- raphies per year are produced on a variety of biomedical topics, excluding AIDS. Top— ics are chosen for their current popular interest in distinct "“‘°""““‘"""”“ "mm“ "m“ W‘" “'"m‘ subject areas of biomedicine. National Library of Medicine * Subscribers receive all issues for a given calendar year without regard to the date of order. Superintendent of Documents Subscriptions Order Form fl Order Processing Code: * Charge your order: 55 77 It’s Easy! _ VISA' Please Type or Print (Form is aligned for typewriter use.) To fax your orders (202) 512—2233 Prices include regular domestic postage and handling and are subject to change. Qty. (List ID) Title . Price hies in Medicine Internataonal customers please add 259‘. Total for Subscriptions (Company ‘" Personal Name) (Please WP“ 0' Pm“) For privacy protection, check the box below: D Do not make my name available to other mailers Please choose method of payment: E Check Payable to the Superintendent of Documents D GPO Deposit Account Em _D (City. State. ZIP Code) [3 VISA or MasterCard Account Lillllllllllllllllffl [313:] (Credit card expiration date) Thank youfor your order! (Additional address/attention line) (Street address) (Daytime phone including area code) (Purchase Order No.) Mail To: Superintendent of Documents PO. BOX 371954. Pittsburgh. PA 15250—7954 (Authorizing Signature) 3/96 mm. W. am.» ”my ‘2‘ ”A.“ ,W_g:vu~x m “babe