Skip to main content
PMC home page
Proceedings of the Annual Symposium on Computer Application in Medical Care logoLink to Proceedings of the Annual Symposium on Computer Application in Medical Care
. 1994:392–396.

A framework for "Need to Know" authorizations in medical computer systems: responding to the constitutional requirements.

V M Brannigan 1
PMCID: PMC2247951  PMID: 7949957

Abstract

"Need to Know" systems which restrict access to computerized data to those with a specified need for the data have been described as part of the solution to the problem of privacy in health care information systems. However, no operational "need to know" system is described in the medical literature. Recent legal developments in constitutional privacy protection make a "need to know" system mandatory, not optional. In sophisticated information systems users can utilize the unique characteristics of the system itself to implement a high level "need to know" system, based on the institution's own patient treatment pattern. This article provides an analytical tool for helping to define a "need to know" system with reference to the specific problems of health care institutions.

Full text

PDF
394

Selected References

These references are in PubMed. This may not be the complete list of references from this article.

  1. Brannigan V. M. Computerized patient information under the Privacy Act: a regulatory effectiveness analysis. Proc Annu Symp Comput Appl Med Care. 1992:741–744. [PMC free article] [PubMed] [Google Scholar]
  2. Brannigan V. M., Dayhoff R. E. Medical informatics. The revolution in law, technology, and medicine. J Leg Med. 1986 Mar;7(1):1–53. doi: 10.1080/01947648609513462. [DOI] [PubMed] [Google Scholar]
  3. Brannigan V. M. Patient privacy: a consumer protection approach. J Med Syst. 1984 Dec;8(6):501–505. doi: 10.1007/BF02321768. [DOI] [PubMed] [Google Scholar]
  4. Brannigan V. M. Protection of patient data in multi-institutional medical computer networks: regulatory effectiveness analysis. Proc Annu Symp Comput Appl Med Care. 1993:59–63. [PMC free article] [PubMed] [Google Scholar]
  5. France F. H., Gaunt P. N. The need for security--a clinical view. Int J Biomed Comput. 1994 Feb;35 (Suppl):189–194. [PubMed] [Google Scholar]
  6. Gostin L. O., Turek-Brezina J., Powers M., Kozloff R., Faden R., Steinauer D. D. Privacy and security of personal information in a new health care system. JAMA. 1993 Nov 24;270(20):2487–2493. [PubMed] [Google Scholar]
  7. Kluge E. H. Health information, privacy, confidentiality and ethics. Int J Biomed Comput. 1994 Feb;35 (Suppl):23–27. [PubMed] [Google Scholar]
  8. Tonks A. Information management and patient privacy in the NHS. BMJ. 1993 Nov 13;307(6914):1227–1228. doi: 10.1136/bmj.307.6914.1227. [DOI] [PMC free article] [PubMed] [Google Scholar]

Articles from Proceedings of the Annual Symposium on Computer Application in Medical Care are provided here courtesy of American Medical Informatics Association

RESOURCES