In today's world, there is rapid growth in health-care industry on the conversion of patients' records into electronic form. Electronic health record (EHR) is used to create and manage health records of patients in a digital format. The security and privacy are major concerns for increasing patient's trust and information integration. The health information of persons should be secure and private within individuals and providers for getting healthier results as well as healthier persons. Privacy means the right of persons who keep information within themselves, without disclosing to others.The information that is shared as consequences of medical relationship should be protected because it is considered confidential.This paper also describes about the Health Insurance Portability and Accountability Act (HIPAA) rules which gives assurances to tolerant wellbeing data held by Covered Entities (CEs) and Business Associates (BAs) and give patients various privileges for that data. A breach is, by and large, an impermissible use or disclosure under the privacy rule that bargains the security or protection of Protected Health Information (PHI). The model comprises numerous modules, every one of which is accountable for taking an alternate sort of errand. This measured plan goes for basic and productive access control choice relying upon the patient's circumstance and the requester's relegated jobs.

Chapter Contents:

• 3.1 Introduction
• 3.1.1 What is EHR (electronic health record)?
• 3.1.2 Workflow of traditional medical care system
• 3.1.3 Workflow of electronic health record system
• 3.1.4 Advantages of the EHR system
• 3.2 Scratch for privacy and security concern
• 3.2.1 Background of health information privacy and security
• 3.2.2 Privacy and confidentiality
• 3.2.3 Security
• 3.2.4 Problems arise in security and privacy
• 3.3 The HIPAA rules and patient's rights for health care
• 3.3.1 The HIPAA privacy rule
• 3.3.2 The HIPAA security rule
• 3.3.3 The breach notification rule
• 3.4 Hazard capacity method for breaches
• 3.4.1 Revealing breaches
• 3.4.2 Examination and enforcement of potential ACT violations
• 3.4.3 Understanding patients' health information rights
• 3.5 Generalize E-health-care models
• 3.6 Conclusions and current scope of research
• References

Inspec keywords: data privacy; health care; authorisation; electronic health records

Other keywords: access control; HIPAA rules; privacy; patients trust; EHR; CEs; covered entities; confidential; protected health information; business associates; PHI; Health Insurance Portability and Accountability Act rules; health-care system; BAs; information integration; security; electronic health record

Subjects: Biology and medical computing; Medical administration; Data security