Maintaining the Confidentiality of Medical Records Shared over the Internet and the World Wide Web

Abstract

The Boston Electronic Medical Record Collaborative is working to develop a system that will use the World Wide Web to transfer computer-based patient information to clinicians in emergency departments. Maintaining adequate confidentiality of these records while still facilitating patient care is paramount to this effort. This paper describes an explicit protocol that would make it possible to electronically identify patients and providers, secure permission for release of records, and track information that is transmitted. It is hoped that other, similar efforts now underway will be able to use and build on this model. Comment on this proposal is invited from all parties with an interest in confidentiality. The system will be used only with “scrubbed” data-data from which all identifiers have been removed-until it is generally agreed that the confidentiality methods proposed here are appropriate and sufficient.