Week 2: Health Information Systems, Privacy, Security, and Ethical Considerations Flashcards

1
Q

What are the 3 key systems?

A
  • networks
  • internet
  • web services and interfaces
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are networks?

A
  • computers must network or connect with each other to transmit data from one computer to another
  • many different types of network connections are possible, with the potential for an unlimited number of computers linked together
  • most medical data are segregated into small networks that are not shared widely
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 4 main types of networks?

A
  • personal area networks (PANs)
  • local area networks (LANs)
  • wide or global area networks (WANs, GANs)
  • virtual private networks (VPNs)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are personal area networks (PANs)?

A
  • close proximity networks usually to connect accessories
  • low power requirements
  • fast connectivity
  • security issues with wireless networks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are some examples of personal area networks (PANs)?

A
  • computer accessories (keyboards)
  • wireless headsets
  • printers
  • phones
  • wrist-band fitness devices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some examples of wireless personal area networks (PANs)?

A
  • bluetooth
  • infrared devices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are local area networks (LANs)?

A
  • typically seen in offices or hospitals to share data, accessories, and other resources
  • larger networks require hubs or routers to process and send data to the correct devices
  • can be expensive to create large LANs but useful for small projects
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are some examples of local area networks (LANs)?

A
  • pharmacy with 6 computers, 3 printers, 2 scanners, and 1 fax machine can be on one LAN
  • internet cafe with 10 computers connected together
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are wireless (WiFi) networks (WLANs)?

A
  • slower and more expensive than LAN, but easier to install
  • does not require any hubs (can just connect), but needs a router
  • can be one part of a larger LAN, or can connect multiple LANs together
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are some examples of wireless (WiFi) networks (WLANs)?

A
  • hospital with 50 computers connected to a LAN, with 20 tablets/phones connected via WLAN
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are wide area networks (WANs)?

A

networks that extend beyond cities or countries

  • connects multiple LANs together
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are some examples of wide area networks (WANs)?

A
  • Health Authority network connecting all of the records across multiple hospitals
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are global area networks (GANs)?

A

networks connected with other networks with ‘unlimited’ geographic area

  • bigger than WANs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are some examples of global area networks (GANs)?

A
  • internet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are virtual private networks (VPNs)?

A
  • shares a private LAN or WLAN with other users
  • requires multiple levels of authentication
  • data is encrypted by sender and decrypted at receiver
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are some examples of virtual private networks (VPNs)?

A
  • accessing patient charts from your work computer via home computer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is bandwidth?

A

capacity to transmit packets of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is packet loss?

A

packets of data that do not make it to the destination

  • different data standards mean sometimes lost packets are not resent
  • ie. live streaming video
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is latency or delay?

A

delay in receiving a packet, or lag

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the internet?

A

largest and most important global network of networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Why is the internet the preferred network for accessing and transmitting data?

A
  • large scale use and availability
  • bandwidth capability
  • ability to layer other technologies and standards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is the Advanced Research Projects Agency Network (ARPANET)?

A

program to connect universities and research organizations together (1960s)

23
Q

What is the world wide web?

A
  • operates on top of the internet via web browsers
  • browsers are able to connect and translate content on a screen for users to view
24
Q

What is service-oriented architecture?

A

aims to configure software systems to maximize efficiency, reduce redundancy, and minimize errors and costs

  • requires splitting up activities in the system, then re-integrating them using a shared/standardized way
25
Q

What are the 3 benefits that a service-oriented architecture will enable?

A
  • reduction in paperwork and data-entry activities
  • consistent information across the entire system
  • faster responses to any future system changes and implementation of new capabilities
26
Q

What are some examples of how service-oriented architecture could be used in healthcare?

A
  • downloading patient info from PharmaNet saves us from typing in all the information again
  • you have one central printer that you want everybody in the building to use
  • you have multiple different screens to do your tasks (pharmacy system, drug ordering website from the wholesaler, browser with your clinical resources)
  • you want to create a pharmacy-patient system to increase refill compliance: refill reminders are sent to the patient via mobile app, refills can then be ordered via same mobile app, Rx is automatically queued for filling at the pharmacy, counting machine dispenses the product, patient is notified when the refill is ready for pickup
27
Q

What is the best way to combat patient concerns?

A

by providing good tech-enabled care and perceived high-quality care

28
Q

What ultimately prevents adoption and interoperability in health?

A

permissions and liability become a significant issue

29
Q

What are the 3 pillars of security?

A
  • confidentiality
  • availability
  • integrity
30
Q

Pillars of Security

What is confidentiality most easily identifiable with?

A

healthcare

31
Q

Pillars of Security

What is the goal of confidentiality?

A

prevent data loss

32
Q

Pillars of Security

What are the methods of confidentiality?

A

usernames, passwords, encryption, etc.

33
Q

Pillars of Security

What can confidentiality be caused by?

A
  • carelessness of the user (exposing passwords, using insecure passwords, opting out of enhanced security protocols, etc.)
  • malicious attacks
  • etc.
34
Q

Pillars of Security

What is the goal of availability?

A

system and network availability during unexpected outages

35
Q

Pillars of Security

What are the methods of availability?

A
  • backup generators or power supplies
  • backup files
36
Q

Pillars of Security

What can availability be attributed to?

A

malicious attacks or viruses intended to cause outages or other natural or accidental issues (ie. fire)

37
Q

Pillars of Security

What is the goal of integrity?

A

maintain trustworthiness and permanence of data

38
Q

Pillars of Security

What are the methods of integrity?

A

data backup and archival tools

39
Q

Pillars of Security

What can integrity be caused by?

A
  • data corruption
  • malicious data manipulation
  • data loss by natural or other causes
40
Q

What are security tools that can help maintain the 3 pillars of security?

A

tools designed to deter and prevent access

  • firewall
  • access control lists
  • authentication
  • monitoring and auditing systems
41
Q

What are some of the many different and innovative ways for authentication?

A
  • smart card technologies, tokens, username and password
  • biometrics and physical user identifiers – fingerprint, retinal scan, voice imprint, facial recognition, etc.
42
Q

What are 3 reasons why a system may have varying levels/degrees of authentication?

A
  • sensitivity of data
  • system capabilities
  • resources available pay for the upkeep
43
Q

What are 3 ways to ensure authentication?

A
  • biometrics
  • single sign on
  • smart card systems
44
Q

How do biometrics ensure authentication?

A
  • fingerprint
  • retinal scan
  • voice imprint
  • facial recognition
  • etc.
45
Q

What is simple sign on?

A

one set of credentials to access many of the logins one uses everyday securely

  • ie. Gmail, Facebook, Apple ID, etc.
  • third-party password managers have a similar concept
46
Q

What are smart card systems?

A

vital information with a self-contained processor and memory

  • low cost, ease of use, portability and durability, and ability to support multiple applications
  • encrypted patient information, biometric signatures and personal identification (PIN)
  • but lack of standardization and ability to positively identify or confirm identity (ie. if you lost your card and someone used it)
47
Q

What is a digital signature?

A

digital certificate – different keys are used to create and verify digital signature

  • sender’s private key
  • sender’s public key

computer receives message by using key to unencrypt the message

48
Q

What is a wet signature?

A

using a pen to sign (ink)

49
Q

What are 3 reasons why hackers target health organizations?

A
  • health organizations likely can afford to pay ransom – one physician office can expect $3-5000 per ransomware
  • risk of media coverage and system downtime pressures victims to pay quickly
  • health organizations have a history of underinvesting in IT
50
Q

Who is responsible for the regulation of privacy?

A

province

  • each province uses a different system
  • ie. PharmaNet in BC vs. Pharmaceutical Information Network or Netcare in AB
51
Q

Describe privacy acts in Canada.

A
  • goal is for unified Canadian standards
  • ie. PIPA or FIPPA
52
Q

How can security breaches and attacks be more than just ‘hackers’?

A

physical or logical access

  • insider employees and staff
  • pharmacy robbery

accidental or negligent disclosure

  • inadequate control of paper records
  • inadvertent release of sensitive information to unauthorized parties
  • overheard conversations
53
Q

What are 5 ways to protect data?

A
  • encryption programs
  • password protection on hardware and software
  • anti-virus, anti-spyware, and malware software
  • ‘clean’ computers before discarding or remove identifying material from electronic files/databases
  • be cautious of, or avoid, social media
54
Q

What are some examples of ethical issues with eHealth?

A
  • should organizations be able to keep data for reasons beyond my health
  • do I expect an organization to inform me anytime my data is used
  • I want care providers to share my health data, but when would it be too much
  • many family physicians and pharmacies are for-profit organizations, shouldn’t I get a cut of the profits they make from my data