There is a lot of buzz these days in the health industry and related entities. This buzz marks the beginning of a new age in health industry technology. It comprises of easy and quick online access to an individual’s personal health records from anywhere around the globe. This also includes granting access to the health record for anyone (provider, pharmacy, other family members, etc.) that the individual selects. The buzz is so loud that even technology giants like Microsoft and Google could not refrain from it. Both these companies mostly involved with technology have allocated significant resources (budget, manpower, etc) to coming up with the right approach for implementing online Electronic Health Records (EHR).
As the health industry braces for the technological challenges that come with providing health records electronically online, so does the area of Identity and Access Management (IAM). Providing EHRs online in a secure manner asks for a paradigm shift in the field of security and IAM. For starters in today’s world organizations struggle with implementing the right identity and access privileges to its customers for online applications that require information access across third parties. EHRs will require access to a health record online for any entity or object or user across the country and also will require different privileges for different entities or objects or users. This requires a completely new approach to IAM and when you mix these challenges with the HIPAA and other federal regulations, a fundamental shift in IAM approach is inevitable.
In the posts to follow, I will discuss how the IAM can be implemented for EHRs.
No comments:
Post a Comment