Intertrust; Solutions for Security, Privacy, Governance, and Trust for Healthcare
Medical information is everywhere, but only rarely where it needs to be to make a difference. A public health researcher studying the propagation of a new disease needs timely, comprehensive information drawn from front-line health care institutions across the country. A family doctor seeing a new patient might avoid repeating expensive tests if he could only access the patient's lab results from last year. Health data recorded by home monitoring systems sit locked in a personal computer, when it should be informing diagnosis and treatment in the hands of a clinical practitioner. All of these examples depend on the frictionless flow of medical information through a heterogeneous network of devices and systems. Unfortunately, this information flow is not happening.
In an ideal world, comprehensive electronic health records would be available instantly to doctors, researchers, and other stakeholders, regardless of the original source of the information. In practice, sharing data across institutions involves significant risks to the security and privacy of patient data. Although HIPAA Security and Privacy Rules have been in effect since April 2006, security and privacy breaches continue to occur on a massive scale [1,
2, 3].
Given these risks, many institutions that handle medical information rely on the simplest security solution: isolation. These institutions can claim that they are in compliance with security and privacy rules when they limit access, but governing medical information by keeping it locked away undermines the ability to make effective use of that information. When institutions do release information, they have little assurance that it will be governed in a manner that is consistent with their policies, or with the wishes of their patients. The same problem exists at all levels in our health care system. A patient that might benefit from the use of a home health monitoring system has no control over the rules governing her information once it leaves her home, nor any way to determine who has accessed it and for what purposes. For many, it is safer to simply opt out, ensuring that no one has access.
The lack of persistent governance throughout the lifecycle of medical information means that every interface between two systems is a potential point of compromise. In a technologically diverse environment where the security and privacy of medical information cannot be guaranteed across institutions, compliance with regulations requiring security and privacy becomes an intractable problem. Although it is universally acknowledged that implementation of a comprehensive electronic health record is critical to reforming health care in the United States, technology adoption lags significantly behind that of other developed nations [4, 5 , 6, 7]. Care providers cite interoperability and compliance as primary concerns.
Until medical information can flow seamlessly through a heterogeneous network of systems with appropriate levels of security, trust, governance, and privacy, it is destined to be isolated in disjoint islands of data that cannot be bridged. When information is blocked, the potential of technologies that have revolutionized enterprise and financial information systems, and promise to do the same in health care, can never be fully realized.
We envision a future in which medical information moves effortlessly across diverse systems to the points where it can be used effectively in the provision of care. As information traverses networks, it will be secure, private, governed, and trustworthy. Medical information workflows will be built on top of a variety of pervasive data communications technologies such as web services, email, wireless, and Internet-based exchange protocols. A decentralized trust management infrastructure, designed with careful attention to risk management, will ensure that systems maintain security, privacy, and governance of the information they handle. Building on our extensive background of innovation in trusted distributed computing, our research program will define and build the tools that bring this future into being.
