Legal Issues on Patient Confidentiality and Informed Consent in Medical Law
VerifiedAdded on 2023/06/10
|36
|11951
|461
AI Summary
This article discusses the legal issues surrounding patient confidentiality and informed consent in medical law. It covers the doctor-patient relationship, confidentiality laws, and the importance of informed consent. It also examines the Indian Penal Code and Information Technology Act 2000 in relation to data privacy and protection.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: MEDICAL LAW
Medical Law
Name of the Student
Name of the University
Author Note
Medical Law
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1MEDICAL LAW
Chapter 1:
Introduction:
The concept of informed consent in regard to medical research and treatment is still
unknown to the medical researchers and practitioners as well. In this regard, it is noteworthy to
mention here that the doctor-patient relationship in India is governed by the relationship of trust
and authorization1. However, in modern era, the concept of informed consent is still ignored
while dealing with the issues of the patients in daily medical practices. In order to complicate
such issue further, the India law has not given proper specifications regarding the age limit in
which an individual can give a valid consent.
It is evident that, still now, the Indian Penal Code has been silent regarding the legal
validity of the consent received from persons aged between twelve and eighteen. It is worthwhile
to mention here that, at this age limit the concept of “right to confidentiality” can be emphasized
upon; the Courts are at the authority to define it or it can be defined by the statutory provisions2.
Therefore, mention can be made regarding the fact that, there is a requirement of statutory
provision for the purpose of removing the existing ambiguities and uncertainties in the way of
the concept of age consent. As a result of it, an individual’s right to medical confidentiality at a
particular age can be examined.
In the case of Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC3),
it was recognized by the Supreme Court of India that, a majority of the Indian citizens requiring
medical attention and treatment falls below the poverty line. In this regard, it can be observed
1Birkhead, Guthrie S., Michael Klompas, and Nirav R. Shah. "Uses of electronic health records for public health
surveillance to advance public health." Annual review of public health 36 (2015): 345-359.
2Boonstra, Albert, Arie Versluis, and Janita FJ Vos. "Implementing electronic health records in hospitals: a
systematic literature review." BMC health services research14.1 (2014): 370.
3Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC).
Chapter 1:
Introduction:
The concept of informed consent in regard to medical research and treatment is still
unknown to the medical researchers and practitioners as well. In this regard, it is noteworthy to
mention here that the doctor-patient relationship in India is governed by the relationship of trust
and authorization1. However, in modern era, the concept of informed consent is still ignored
while dealing with the issues of the patients in daily medical practices. In order to complicate
such issue further, the India law has not given proper specifications regarding the age limit in
which an individual can give a valid consent.
It is evident that, still now, the Indian Penal Code has been silent regarding the legal
validity of the consent received from persons aged between twelve and eighteen. It is worthwhile
to mention here that, at this age limit the concept of “right to confidentiality” can be emphasized
upon; the Courts are at the authority to define it or it can be defined by the statutory provisions2.
Therefore, mention can be made regarding the fact that, there is a requirement of statutory
provision for the purpose of removing the existing ambiguities and uncertainties in the way of
the concept of age consent. As a result of it, an individual’s right to medical confidentiality at a
particular age can be examined.
In the case of Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC3),
it was recognized by the Supreme Court of India that, a majority of the Indian citizens requiring
medical attention and treatment falls below the poverty line. In this regard, it can be observed
1Birkhead, Guthrie S., Michael Klompas, and Nirav R. Shah. "Uses of electronic health records for public health
surveillance to advance public health." Annual review of public health 36 (2015): 345-359.
2Boonstra, Albert, Arie Versluis, and Janita FJ Vos. "Implementing electronic health records in hospitals: a
systematic literature review." BMC health services research14.1 (2014): 370.
3Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC).
2MEDICAL LAW
that most of them are illiterate and do not understand the complexity of the modern medical
terms, conditions, concepts as well as the treatment procedures. They do not have proper
understanding regarding the functioning of various body organs and the probable effect if such
organs were removed after a certain time4. They are not given proper access to costly diagnostic
procedures and have to act according to the guidelines prescribed by the doctors and medical
practitioners. Presently, the Indian Penal Code has stated in the provisions of Section 87 that a
person aged above 18 years can provide a valid consent however; according to the provisions of
Section 89 of the Indian Penal Code a child aged less than 12 years cannot provide valid consent.
In modern era, individuals are often confused with the concept of confidentiality and the
value of trade secrets. In this regard, privacy refers to the utilization and disclosure of personal
information which is only applicable in cases regarding the information provided to specific
group of individuals. As the concept of personal information is such that it can be regarded as the
manifestation of individual personality5. In this context, the Courts of India most importantly the
Supreme Court of India have rightly recognized the right to privacy as it forms an integral part of
right to life and liberty. The right to life and liberty is a fundamental right guaranteed to every
individual under the Indian Constitution. In this regard, the right to privacy has been provided to
every individual and utmost importance has been given by the Indian Judiciary keeping in
consideration the security of the state and community interests.
At present, no specific legislations are there dealing with data privacy and protection of
data. However, the protection of privacy and data can be derived from various laws in regard to
4 Dhanireddy, Shireesha, et al. "The urban underserved: attitudes towards gaining full access to electronic medical
records." Health Expectations 17.5 (2014): 724-732.
5 Corona, Lauren E., et al. "Use of other treatments before hysterectomy for benign conditions in a statewide hospital
collaborative." American journal of obstetrics and gynecology212.3 (2015): 304-e1.
that most of them are illiterate and do not understand the complexity of the modern medical
terms, conditions, concepts as well as the treatment procedures. They do not have proper
understanding regarding the functioning of various body organs and the probable effect if such
organs were removed after a certain time4. They are not given proper access to costly diagnostic
procedures and have to act according to the guidelines prescribed by the doctors and medical
practitioners. Presently, the Indian Penal Code has stated in the provisions of Section 87 that a
person aged above 18 years can provide a valid consent however; according to the provisions of
Section 89 of the Indian Penal Code a child aged less than 12 years cannot provide valid consent.
In modern era, individuals are often confused with the concept of confidentiality and the
value of trade secrets. In this regard, privacy refers to the utilization and disclosure of personal
information which is only applicable in cases regarding the information provided to specific
group of individuals. As the concept of personal information is such that it can be regarded as the
manifestation of individual personality5. In this context, the Courts of India most importantly the
Supreme Court of India have rightly recognized the right to privacy as it forms an integral part of
right to life and liberty. The right to life and liberty is a fundamental right guaranteed to every
individual under the Indian Constitution. In this regard, the right to privacy has been provided to
every individual and utmost importance has been given by the Indian Judiciary keeping in
consideration the security of the state and community interests.
At present, no specific legislations are there dealing with data privacy and protection of
data. However, the protection of privacy and data can be derived from various laws in regard to
4 Dhanireddy, Shireesha, et al. "The urban underserved: attitudes towards gaining full access to electronic medical
records." Health Expectations 17.5 (2014): 724-732.
5 Corona, Lauren E., et al. "Use of other treatments before hysterectomy for benign conditions in a statewide hospital
collaborative." American journal of obstetrics and gynecology212.3 (2015): 304-e1.
3MEDICAL LAW
information technology, the intellectual property rights and the crimes and contractual relations.
From the very beginning, the Information Technology Act 2000 has been providing a safeguard
against certain breaches regarding data protection of computer systems. The Information
Technology Act 2000 deals with provisions for the purpose of preventing unauthorized use of
computers, computer systems and data stored within it. The Act provided personal liability in
case of illegal and unauthorized access to computers, computer systems and the information
stored within it. It is worthwhile to mention here that, the Information Technology Act 2000 has
been silent in regard to the liability on the part of the internet service providers and network
service providers dealing with data handling. According to the provisions of Section 79 of the
Information Technology Act 2000, the liability on the part of the entities can be emphasized in
regard to the concept of knowledge and capacity before the determination of existing scope of
penalties. It signifies the fact that, the network service provider and the outsourcing service
provider cannot be held liable for the acts on the part of a third party data. However, it is
important to prove that, such contravention has been caused without his prior consent and
knowledge and that he has exercised due diligence and care to prevent such offence or
contravention. In the case of Kharak Singh Vs. State of U.P (AIR 1963 SC 12956, it was
observed that if there is any violation of the provisions of the Information Technology Act 2000
in an organization, the directors were held personally liable for negligent or intentional actions.
The Indian Penal Code has not specified the liabilities for the breach of data privacy.
However, the provisions of Section 403of the Indian Penal Code has imposed criminal penalty in
regard to dishonest misappropriation of a movable property for personal use. In this regard, the
Intellectual Property Rights Act and the Indian Copyright Act has been prescribing mandatory
6 Kharak Singh vs. State of U.P (AIR 1963 SC 1295.
information technology, the intellectual property rights and the crimes and contractual relations.
From the very beginning, the Information Technology Act 2000 has been providing a safeguard
against certain breaches regarding data protection of computer systems. The Information
Technology Act 2000 deals with provisions for the purpose of preventing unauthorized use of
computers, computer systems and data stored within it. The Act provided personal liability in
case of illegal and unauthorized access to computers, computer systems and the information
stored within it. It is worthwhile to mention here that, the Information Technology Act 2000 has
been silent in regard to the liability on the part of the internet service providers and network
service providers dealing with data handling. According to the provisions of Section 79 of the
Information Technology Act 2000, the liability on the part of the entities can be emphasized in
regard to the concept of knowledge and capacity before the determination of existing scope of
penalties. It signifies the fact that, the network service provider and the outsourcing service
provider cannot be held liable for the acts on the part of a third party data. However, it is
important to prove that, such contravention has been caused without his prior consent and
knowledge and that he has exercised due diligence and care to prevent such offence or
contravention. In the case of Kharak Singh Vs. State of U.P (AIR 1963 SC 12956, it was
observed that if there is any violation of the provisions of the Information Technology Act 2000
in an organization, the directors were held personally liable for negligent or intentional actions.
The Indian Penal Code has not specified the liabilities for the breach of data privacy.
However, the provisions of Section 403of the Indian Penal Code has imposed criminal penalty in
regard to dishonest misappropriation of a movable property for personal use. In this regard, the
Intellectual Property Rights Act and the Indian Copyright Act has been prescribing mandatory
6 Kharak Singh vs. State of U.P (AIR 1963 SC 1295.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4MEDICAL LAW
punishment for committing piracy of copyrighted data. According to the provisions of Section
63B of the Indian Copyright Act if an individual intentionally makes use of any computer data
then he shall be punished for a considerable period of minimum six months and maximum three
years. However, it is important on the part of the Indian Courts to recognize the copyright
contained in such databases and that whether the copyright was infringed. If any infringement is
caused in respect to such databases, the existing outsourcing company may take an action under
the Indian Copyright Act.
Chapter 2:
The legal issues on patient confidentiality:
2.1. Introduction:
The legal issues regarding patient confidentiality comprises of the preservation of
confidential information of the patients. These legal issues can be can be reinforced by the
principles law in regard to the specific areas of law of contract, negligence, defamation and
certain fiduciary duties7. However, the laws pertaining to medical confidences are regarding the
disclosure of confidential matters. The legal issues involving confidentiality of the patients are
concerned with unlawful conduct in relation to health. This Chapter will review the laws related
to confidentiality and the principles governing doctor-patient relationship.
2.2. Patient Confidentiality:
7Flint, Alexander C., et al. "Impact of increased early statin administration on ischemic stroke outcomes: a
multicenter electronic medical record intervention." Journal of the American Heart Association 5.8 (2016):
e003413.
punishment for committing piracy of copyrighted data. According to the provisions of Section
63B of the Indian Copyright Act if an individual intentionally makes use of any computer data
then he shall be punished for a considerable period of minimum six months and maximum three
years. However, it is important on the part of the Indian Courts to recognize the copyright
contained in such databases and that whether the copyright was infringed. If any infringement is
caused in respect to such databases, the existing outsourcing company may take an action under
the Indian Copyright Act.
Chapter 2:
The legal issues on patient confidentiality:
2.1. Introduction:
The legal issues regarding patient confidentiality comprises of the preservation of
confidential information of the patients. These legal issues can be can be reinforced by the
principles law in regard to the specific areas of law of contract, negligence, defamation and
certain fiduciary duties7. However, the laws pertaining to medical confidences are regarding the
disclosure of confidential matters. The legal issues involving confidentiality of the patients are
concerned with unlawful conduct in relation to health. This Chapter will review the laws related
to confidentiality and the principles governing doctor-patient relationship.
2.2. Patient Confidentiality:
7Flint, Alexander C., et al. "Impact of increased early statin administration on ischemic stroke outcomes: a
multicenter electronic medical record intervention." Journal of the American Heart Association 5.8 (2016):
e003413.
5MEDICAL LAW
The general principles of confidential information have been outlined in the provisions of the
common law system. In this regard a duty of confidence arises on the part of the medical
practitioners when he discloses any reasonable information to the patient. However, till date
there has been no criminal conviction of a doctor for actions regarding breach of confidence in
spite of the occurrence of various civil claims and awarding damages which was observed in the
case of Cornelius v Taranto [2001] 68 BMR 628; where duty of confidence has been breached
with the revelation of medical information without receiving prior consent. In this regard, it is
worthwhile to mention here that, the medical practitioner is said to have breached a patient’s
confidentiality when he obtained in his part-
I. A necessary quality of confidence.
II. Disclosed information without receiving prior permission and detriment to the individual
to whom it has been originally communicated.
III. Has been under the domain of a public interest to protect such confidentiality.
It is worth mentioning that, confidentiality has been the core duties in medical practice. The
nature of confidentiality must be such that, it requires the doctors to keep the information related
to the patient’s health private unless there is consent on the other part to release such
information9. Patient confidentiality is important because most of the time patients share relevant
information regarding their health to the medical practitioners. Therefore, if the confidentiality of
such information is not protected then the trust vested in patient-doctor relationship diminishes.
8Cornelius v Taranto [2001] 68 BMR 62.
9Fritz, Fleur, Binyam Tilahun, and Martin Dugas. "Success criteria for electronic medical record implementations in
low-resource settings: a systematic review." Journal of the American Medical Informatics Association 22.2 (2015):
479-488.
The general principles of confidential information have been outlined in the provisions of the
common law system. In this regard a duty of confidence arises on the part of the medical
practitioners when he discloses any reasonable information to the patient. However, till date
there has been no criminal conviction of a doctor for actions regarding breach of confidence in
spite of the occurrence of various civil claims and awarding damages which was observed in the
case of Cornelius v Taranto [2001] 68 BMR 628; where duty of confidence has been breached
with the revelation of medical information without receiving prior consent. In this regard, it is
worthwhile to mention here that, the medical practitioner is said to have breached a patient’s
confidentiality when he obtained in his part-
I. A necessary quality of confidence.
II. Disclosed information without receiving prior permission and detriment to the individual
to whom it has been originally communicated.
III. Has been under the domain of a public interest to protect such confidentiality.
It is worth mentioning that, confidentiality has been the core duties in medical practice. The
nature of confidentiality must be such that, it requires the doctors to keep the information related
to the patient’s health private unless there is consent on the other part to release such
information9. Patient confidentiality is important because most of the time patients share relevant
information regarding their health to the medical practitioners. Therefore, if the confidentiality of
such information is not protected then the trust vested in patient-doctor relationship diminishes.
8Cornelius v Taranto [2001] 68 BMR 62.
9Fritz, Fleur, Binyam Tilahun, and Martin Dugas. "Success criteria for electronic medical record implementations in
low-resource settings: a systematic review." Journal of the American Medical Informatics Association 22.2 (2015):
479-488.
6MEDICAL LAW
Patient’s data is treated as private property by the hospitals and healthcare units. They are
selling the data for various clinical and medical researches and many drug development and
related companies. As per the Indian laws for the medical records the data of the patient is
treated as private property of the healthcare centers. Patients and insurers have the access to the
recorded information but still it is not completely protected. But law does not provide ownership
of the medical data exclusively, which can be transferred readily10. This is against the
confidentiality of the patients’ health records as no consent is taken from them while selling the
data to the researchers or developers.
Ethical and legal laws govern the concept of consent with respect to self determination,
individual integrity, and autonomy. The same should apply to electronic medical records systems
and the consent of the individual patient to whom the record belongs to is important in case of
access to that record by anyone other than him. This governs the right of the patient for the
confidentiality of his or her medical and personal information. Three categories of consent can
be explained i.e. implied consent, expressed consent, and informed consent. Implied consent
involves words or the behavior of the patient. Expressed consent involves oral or written consent.
Informed consent stands for detailed explanation of the situation or issue to the patient in non
medical terms and then taking his or her consent. Consent includes three related aspects which
are capacity, knowledge, and voluntariness. In today’s medical practice and healthcare valid
consent of the patient is important in any kind of diagnosis, examination, or treatment. Same
consent should be applicable when it comes to accessing the personal medical records of the
patient11.
10 Rodwin, M. A. (2010). Patient Data: Property, Privacy & the Public Interest. LEGAL STUDIES
RESEARCH PAPER SERIES.
11 CHATURVEDI, A. (2007). Consent — Its Medico-legal Aspects. Medicine Update.
Patient’s data is treated as private property by the hospitals and healthcare units. They are
selling the data for various clinical and medical researches and many drug development and
related companies. As per the Indian laws for the medical records the data of the patient is
treated as private property of the healthcare centers. Patients and insurers have the access to the
recorded information but still it is not completely protected. But law does not provide ownership
of the medical data exclusively, which can be transferred readily10. This is against the
confidentiality of the patients’ health records as no consent is taken from them while selling the
data to the researchers or developers.
Ethical and legal laws govern the concept of consent with respect to self determination,
individual integrity, and autonomy. The same should apply to electronic medical records systems
and the consent of the individual patient to whom the record belongs to is important in case of
access to that record by anyone other than him. This governs the right of the patient for the
confidentiality of his or her medical and personal information. Three categories of consent can
be explained i.e. implied consent, expressed consent, and informed consent. Implied consent
involves words or the behavior of the patient. Expressed consent involves oral or written consent.
Informed consent stands for detailed explanation of the situation or issue to the patient in non
medical terms and then taking his or her consent. Consent includes three related aspects which
are capacity, knowledge, and voluntariness. In today’s medical practice and healthcare valid
consent of the patient is important in any kind of diagnosis, examination, or treatment. Same
consent should be applicable when it comes to accessing the personal medical records of the
patient11.
10 Rodwin, M. A. (2010). Patient Data: Property, Privacy & the Public Interest. LEGAL STUDIES
RESEARCH PAPER SERIES.
11 CHATURVEDI, A. (2007). Consent — Its Medico-legal Aspects. Medicine Update.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7MEDICAL LAW
2.3. Doctor Patient Relationship:
The foundation of a doctor-patient relationship is based upon trust. With the creation of
an environment of trust, it has encouraged patients to seek reasonable care and make honest
revelations about health conditions during every health visit. The willingness on the part of the
patient to seek help and care increases considerably. It is important for the patients to share and
disclose all the medical history and information about them to the physician or the doctor for
proper medication and correct diagnosis of the issue. If there is no proper trust between on the
doctor from the patient’s side, he or she will feel hesitant in sharing all the personal details and
pertain to sharing of incomplete information. This will lead to ineffective diagnosis of the issue
and hence care and treatment provided to the patient will not be helpful and curable. It may harm
the patient adversely. It is necessary for the healthcare units and hospitals to have policies
regarding confidentiality and privacy of the personal medical records of the patient in order to
maintain the doctor-patient trust. This will help in encouraging patients to share sensitive
information to the doctor during the medical visits and leads to effective and correct treatment of
the health issue. Patient built their immense trust on the doctor and believes that he or she is
completely safe in the hands of him. It is the doctor who saves lives of people and gives
treatment and cure on time for betterment of the health of the patients. This trust should be
maintained by the doctors also and they should understand it as their responsibility towards the
confidentiality of the patients’ medical records and their personal information as saved in the
electronic medical record system. This information is very much personal to the individual and
should be accessed by anyone other than the patient upon the consent of the patient itself. The
confidentiality and privacy of the medical records and health related information of the patient
2.3. Doctor Patient Relationship:
The foundation of a doctor-patient relationship is based upon trust. With the creation of
an environment of trust, it has encouraged patients to seek reasonable care and make honest
revelations about health conditions during every health visit. The willingness on the part of the
patient to seek help and care increases considerably. It is important for the patients to share and
disclose all the medical history and information about them to the physician or the doctor for
proper medication and correct diagnosis of the issue. If there is no proper trust between on the
doctor from the patient’s side, he or she will feel hesitant in sharing all the personal details and
pertain to sharing of incomplete information. This will lead to ineffective diagnosis of the issue
and hence care and treatment provided to the patient will not be helpful and curable. It may harm
the patient adversely. It is necessary for the healthcare units and hospitals to have policies
regarding confidentiality and privacy of the personal medical records of the patient in order to
maintain the doctor-patient trust. This will help in encouraging patients to share sensitive
information to the doctor during the medical visits and leads to effective and correct treatment of
the health issue. Patient built their immense trust on the doctor and believes that he or she is
completely safe in the hands of him. It is the doctor who saves lives of people and gives
treatment and cure on time for betterment of the health of the patients. This trust should be
maintained by the doctors also and they should understand it as their responsibility towards the
confidentiality of the patients’ medical records and their personal information as saved in the
electronic medical record system. This information is very much personal to the individual and
should be accessed by anyone other than the patient upon the consent of the patient itself. The
confidentiality and privacy of the medical records and health related information of the patient
8MEDICAL LAW
forms a very important aspect of the doctor-patient relationship12. For health issues regarding
reproductive systems, psychiatric health concerns and public health, the concept of
confidentiality assures that, private information in relation to the above mentioned health
conditions shall not be disclosed without prior approval. It is the duty of the healthcare staff and
doctor to protect the electronically saved medical information of the patients. Even the family
members or friends of the patient can access the information with prior consent of the individual
patient concerned.
It is evident that, the obligation of confidentiality has been prohibiting medical
practitioners from disclosing certain information related to the patient’s health conditions
without prior permission. However, it has proved to be beneficial for the medical practitioners to
take precautions on their part to ensure that they were authorized to such access. The extent of
appropriate on the part of the health care practitioners often requires that relevant information
regarding the patient’s health are discussed among the health care team13. In such cases, the
health care teams are authorized to discuss confidential information among themselves. In this
regard, mention can be made of electronic medical records which create major challenges to
confidentiality. According to the provisions of Health Information Portability and Accountability
Act of 1997 (HIPAA), it is important on the part of the institutions to develop policies for the
purpose of protecting the privacy concern of the electronic information of the patients which
includes procedures for computer accessibility and security.
12Gellert, George A., Ricardo Ramirez, and S. Luke Webster. "The rise of the medical scribe industry: implications
for the advancement of electronic health records." Jama 313.13 (2015): 1315-1316.
13Goldstein, Benjamin A., et al. "Opportunities and challenges in developing risk prediction models with electronic
health records data: a systematic review." Journal of the American Medical Informatics Association 24.1 (2017):
198-208.
forms a very important aspect of the doctor-patient relationship12. For health issues regarding
reproductive systems, psychiatric health concerns and public health, the concept of
confidentiality assures that, private information in relation to the above mentioned health
conditions shall not be disclosed without prior approval. It is the duty of the healthcare staff and
doctor to protect the electronically saved medical information of the patients. Even the family
members or friends of the patient can access the information with prior consent of the individual
patient concerned.
It is evident that, the obligation of confidentiality has been prohibiting medical
practitioners from disclosing certain information related to the patient’s health conditions
without prior permission. However, it has proved to be beneficial for the medical practitioners to
take precautions on their part to ensure that they were authorized to such access. The extent of
appropriate on the part of the health care practitioners often requires that relevant information
regarding the patient’s health are discussed among the health care team13. In such cases, the
health care teams are authorized to discuss confidential information among themselves. In this
regard, mention can be made of electronic medical records which create major challenges to
confidentiality. According to the provisions of Health Information Portability and Accountability
Act of 1997 (HIPAA), it is important on the part of the institutions to develop policies for the
purpose of protecting the privacy concern of the electronic information of the patients which
includes procedures for computer accessibility and security.
12Gellert, George A., Ricardo Ramirez, and S. Luke Webster. "The rise of the medical scribe industry: implications
for the advancement of electronic health records." Jama 313.13 (2015): 1315-1316.
13Goldstein, Benjamin A., et al. "Opportunities and challenges in developing risk prediction models with electronic
health records data: a systematic review." Journal of the American Medical Informatics Association 24.1 (2017):
198-208.
9MEDICAL LAW
In India the doctor-patient relationship is based more upon the trust rather than the laws
of confidentiality or laws of consent. Many patients are not even well informed about the
importance of confidentiality and privacy when it comes to their personal medical and health
records. In spite of various laws regarding right to protection of individuals information, there
still exists anomalies in the Indian Law regarding the specific age of eligibility to give consent
for the access of the information. It should be relooked and the age should be defined in terms of
medical confidentiality. There is also a need to evolve various protocols in case of getting
consent for the access of medical information from the children, mentally ill patients, and
illiterate patients. There is a need for the increase in the awareness among the patients about the
patients’ rights for confidentiality and privacy of their information14.
2.4. Laws relating to confidentiality:
The laws governing the preservation of the confidential information of the patients are
depicted in the Health Services Act 1988. According to the provisions of Section 141 of the
Health Services Act 1988, the medical practitioners practicing in public and private hospitals are
authorized to preserve the confidential information related to the patient’s health. In W v Edgell
[1990] 1 ALL ER 83515, it was established that the relation between a doctor and patient is such
that, it imposes a duty of confidence upon the health care practitioners. In this case, it was
observed that the claimant was a prisoner who applied an application in order to get transferred
into a community hospital. In such process, the lawyers acting on the behalf of the claimant
sought a psychiatric report from Dr. Edgell who emphasized on the part that the patient is
dangerous to the community. In this regard, Dr. Edgell has sent the report to the medical director
14 Mathiharan, Karunakaran. "Law on consent and confidentiality in India: A need for clarity." The National Medical
Journal of India 27 (2014): 39-42.
15W v Edgell [1990] 1 ALL ER 835.
In India the doctor-patient relationship is based more upon the trust rather than the laws
of confidentiality or laws of consent. Many patients are not even well informed about the
importance of confidentiality and privacy when it comes to their personal medical and health
records. In spite of various laws regarding right to protection of individuals information, there
still exists anomalies in the Indian Law regarding the specific age of eligibility to give consent
for the access of the information. It should be relooked and the age should be defined in terms of
medical confidentiality. There is also a need to evolve various protocols in case of getting
consent for the access of medical information from the children, mentally ill patients, and
illiterate patients. There is a need for the increase in the awareness among the patients about the
patients’ rights for confidentiality and privacy of their information14.
2.4. Laws relating to confidentiality:
The laws governing the preservation of the confidential information of the patients are
depicted in the Health Services Act 1988. According to the provisions of Section 141 of the
Health Services Act 1988, the medical practitioners practicing in public and private hospitals are
authorized to preserve the confidential information related to the patient’s health. In W v Edgell
[1990] 1 ALL ER 83515, it was established that the relation between a doctor and patient is such
that, it imposes a duty of confidence upon the health care practitioners. In this case, it was
observed that the claimant was a prisoner who applied an application in order to get transferred
into a community hospital. In such process, the lawyers acting on the behalf of the claimant
sought a psychiatric report from Dr. Edgell who emphasized on the part that the patient is
dangerous to the community. In this regard, Dr. Edgell has sent the report to the medical director
14 Mathiharan, Karunakaran. "Law on consent and confidentiality in India: A need for clarity." The National Medical
Journal of India 27 (2014): 39-42.
15W v Edgell [1990] 1 ALL ER 835.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10MEDICAL LAW
of the secure hospital and the Home Office. However, the claimant attempted to seek an
injunction to restrain disclosure of the report as it contained confidential information. In this
regard, the Court was of the opinion that, the action on the part of Dr. Edgell is held to be a
breach of confidence on the basis of public interest. In this case, it was decided by the Court that,
the disclosure can only be justified if the nature of the danger was such that it could be
foreseeable by any reasonable man of ordinary prudence.
In R v Department of Health [2001] QB 424 (CA)16, it was established that there is no
obligation of confidence in regard to the information which cannot be utilized for the purpose of
identifying the patient. In this case, the claimant was a data collection organization and the
service was regarding the collection of anonymized data from the pharmacists that prescribed the
capabilities of general practitioners. However, the claimant wanted to sell such information
commercially. In this regard, the Department of Health (DH) initiated a policy which
emphasized on the fact that pharmacists are not allowed to disclose data as it would constitute
breach of confidentiality. Similarly in the case of H (A Healthcare Worker) V Associated
Newspapers Limited: Ca 27 Feb 200217, the issue was regarding the disclosure of HIV condition
of a health care assistant. The local newspapers were willing to publish the name of the health
care institution in which he worked. In this case, the Court decided the matter accordingly and
held that the newspapers are not authorized to disclose the name of the health worked including
the place in which he worked because it would provide enough information to the community in
identifying the patient.
2.5. Legal issues:
16R v Department of Health [2001] QB 424 (CA).
17H (A Healthcare Worker) V Associated Newspapers Limited: Ca 27 Feb 2002.
of the secure hospital and the Home Office. However, the claimant attempted to seek an
injunction to restrain disclosure of the report as it contained confidential information. In this
regard, the Court was of the opinion that, the action on the part of Dr. Edgell is held to be a
breach of confidence on the basis of public interest. In this case, it was decided by the Court that,
the disclosure can only be justified if the nature of the danger was such that it could be
foreseeable by any reasonable man of ordinary prudence.
In R v Department of Health [2001] QB 424 (CA)16, it was established that there is no
obligation of confidence in regard to the information which cannot be utilized for the purpose of
identifying the patient. In this case, the claimant was a data collection organization and the
service was regarding the collection of anonymized data from the pharmacists that prescribed the
capabilities of general practitioners. However, the claimant wanted to sell such information
commercially. In this regard, the Department of Health (DH) initiated a policy which
emphasized on the fact that pharmacists are not allowed to disclose data as it would constitute
breach of confidentiality. Similarly in the case of H (A Healthcare Worker) V Associated
Newspapers Limited: Ca 27 Feb 200217, the issue was regarding the disclosure of HIV condition
of a health care assistant. The local newspapers were willing to publish the name of the health
care institution in which he worked. In this case, the Court decided the matter accordingly and
held that the newspapers are not authorized to disclose the name of the health worked including
the place in which he worked because it would provide enough information to the community in
identifying the patient.
2.5. Legal issues:
16R v Department of Health [2001] QB 424 (CA).
17H (A Healthcare Worker) V Associated Newspapers Limited: Ca 27 Feb 2002.
11MEDICAL LAW
The legal issues arising as a result of disclosure of the privacy and confidentiality of the
patient in regard to their medical condition can be well defined by the provisions of both
common and statutory laws. It is worth noting that, in most of the cases, the privacy concerns on
the part of the patient is declared to be paramount. This is due to the reason that in most of the
cases, in regard to the underlying circumstances, where maintenance of the patient’s privacy
could pose as a major risk to the community; the medical practitioners would not be bound by
the restrictions depicted in the relevant Acts and statutes. In such cases, these medical
practitioners shall be obliged by way of statute in disclosing certain information related to the
health status of the patients.
Chapter 3:
3. Laws relating to Access medical records in India:
3.1. Introduction:
A medical record serves as an important aspect of patient care and it is an important
document for legal, ethical and administrative purposes. Its access should be taken care of as
it contains all the personal information about the patient. Wrong access and improper updating
of the medical records can lead to data loss or even discrepancies in the further treatment of
the patient and even lead to harmful effects on the health of the patient. Any misuse or wrong
access of this document can lead to leak of personal information of the patients and is against
the privacy of the patients’ records. Therefore, medical records are required to be preserved
carefully and it has proved to be beneficial in protecting the rights and interests of the
patients. In some cases, these medical records have saved the medical practitioners from
The legal issues arising as a result of disclosure of the privacy and confidentiality of the
patient in regard to their medical condition can be well defined by the provisions of both
common and statutory laws. It is worth noting that, in most of the cases, the privacy concerns on
the part of the patient is declared to be paramount. This is due to the reason that in most of the
cases, in regard to the underlying circumstances, where maintenance of the patient’s privacy
could pose as a major risk to the community; the medical practitioners would not be bound by
the restrictions depicted in the relevant Acts and statutes. In such cases, these medical
practitioners shall be obliged by way of statute in disclosing certain information related to the
health status of the patients.
Chapter 3:
3. Laws relating to Access medical records in India:
3.1. Introduction:
A medical record serves as an important aspect of patient care and it is an important
document for legal, ethical and administrative purposes. Its access should be taken care of as
it contains all the personal information about the patient. Wrong access and improper updating
of the medical records can lead to data loss or even discrepancies in the further treatment of
the patient and even lead to harmful effects on the health of the patient. Any misuse or wrong
access of this document can lead to leak of personal information of the patients and is against
the privacy of the patients’ records. Therefore, medical records are required to be preserved
carefully and it has proved to be beneficial in protecting the rights and interests of the
patients. In some cases, these medical records have saved the medical practitioners from
12MEDICAL LAW
personal liability in cases involving medical negligence18. It is known to all that, in every
hospital there must be a Medical Records Department that shall be responsible for storage,
maintenance and preservation of various medical records. However, in recent era, these
medical records are being replaced by electronic medical records which can be easily accessed
by the order of the Court. The information stored in electronic medical record system should
be regarded as confidential and protected against any kind of loss or wrong access. It is the
right of the patient to have his or her medical records protected from any type of data theft or
data misuse. Doctors and physicians should make it a strict rule that the personal and medical
information of the patient should not be transferred without their consent to any individual or
to any researcher. This Chapter shall review the laws relating to the access of medical records
in India.
3.2. Access to medical records:
It is worthwhile to refer here that, the ownership of the medical records of the patients
belongs to the medical institutions while the information depicted in them belongs to the
patients. It is evident that all the original documents containing the information of the patients
are detained by the medical institutions. The nature of these contents is such that, it should not be
disclosed to third parties. In order to get access to these medical records, guidelines are depicted
in the Medical Council of India. According to the Medical Council of India, the request made by
the patient for the purpose of accessing their medical records shall be made which will be
acknowledged and released within the specified period of 72 hours. However, any unauthorized
disclosure of information would be amounting to piracy and defamation. In the similar manner,
18Liao, Katherine P., et al. "Development of phenotype algorithms using electronic medical records and
incorporating natural language processing." Bmj 350 (2015): h1885.
personal liability in cases involving medical negligence18. It is known to all that, in every
hospital there must be a Medical Records Department that shall be responsible for storage,
maintenance and preservation of various medical records. However, in recent era, these
medical records are being replaced by electronic medical records which can be easily accessed
by the order of the Court. The information stored in electronic medical record system should
be regarded as confidential and protected against any kind of loss or wrong access. It is the
right of the patient to have his or her medical records protected from any type of data theft or
data misuse. Doctors and physicians should make it a strict rule that the personal and medical
information of the patient should not be transferred without their consent to any individual or
to any researcher. This Chapter shall review the laws relating to the access of medical records
in India.
3.2. Access to medical records:
It is worthwhile to refer here that, the ownership of the medical records of the patients
belongs to the medical institutions while the information depicted in them belongs to the
patients. It is evident that all the original documents containing the information of the patients
are detained by the medical institutions. The nature of these contents is such that, it should not be
disclosed to third parties. In order to get access to these medical records, guidelines are depicted
in the Medical Council of India. According to the Medical Council of India, the request made by
the patient for the purpose of accessing their medical records shall be made which will be
acknowledged and released within the specified period of 72 hours. However, any unauthorized
disclosure of information would be amounting to piracy and defamation. In the similar manner,
18Liao, Katherine P., et al. "Development of phenotype algorithms using electronic medical records and
incorporating natural language processing." Bmj 350 (2015): h1885.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13MEDICAL LAW
failure on the part of the medical institution to maintain confidentiality would constitute an issue
regarding medical negligence. There are cases related to transferring of the personal information
of patients to researchers for studies. This is also regarded as violating the right of patients for
privacy of their personal information19. Therefore, in regard to accessing of medical records, the
doctors are at the authority to communicate confidential information to the patients if such
information is concerned with the interests of the public as a whole. However, various statutory
obligations are there for the purpose of providing proper intimation to the police in cases where
the medical practitioner is entrusted with the treatment of an individual who has committed any
criminal activity. In such cases, Court orders are necessary for the purpose of releasing certain
information about the patient’s health. In general practice, there is a right vested on every
institution to implement policies of its own in order to retain the patient’s medical records. In this
regard, the medical institutions must identify relevant cases which are likely to involve litigation.
The medical institutions shall preserve the records of such medical cases unless a release letter is
finalized by the Court.
It has been suggested that the design of the electronic medical record system should be
such that the exchange of all the sorted medical information and health data of the patients can
take place according to the public standards. In order to give access to the patients to their own
health and medical records along with maintaining the privacy and security of the data, there
should a mechanism to give its access to patients themselves only and their doctors with their
consent. Patients can only modify, annotate, create, use, disseminate and delete the record. It has
been seen that fragmentation of medical records by many of the electronic medical record system
takes place by using incompatible means of storing, processing, acquiring, and communicate
19Thompson, Gwen, et al. "Impact of the electronic medical record on mortality, length of stay, and cost in the
hospital and ICU: a systematic review and metaanalysis." Critical care medicine 43.6 (2015): 1276-1282.
failure on the part of the medical institution to maintain confidentiality would constitute an issue
regarding medical negligence. There are cases related to transferring of the personal information
of patients to researchers for studies. This is also regarded as violating the right of patients for
privacy of their personal information19. Therefore, in regard to accessing of medical records, the
doctors are at the authority to communicate confidential information to the patients if such
information is concerned with the interests of the public as a whole. However, various statutory
obligations are there for the purpose of providing proper intimation to the police in cases where
the medical practitioner is entrusted with the treatment of an individual who has committed any
criminal activity. In such cases, Court orders are necessary for the purpose of releasing certain
information about the patient’s health. In general practice, there is a right vested on every
institution to implement policies of its own in order to retain the patient’s medical records. In this
regard, the medical institutions must identify relevant cases which are likely to involve litigation.
The medical institutions shall preserve the records of such medical cases unless a release letter is
finalized by the Court.
It has been suggested that the design of the electronic medical record system should be
such that the exchange of all the sorted medical information and health data of the patients can
take place according to the public standards. In order to give access to the patients to their own
health and medical records along with maintaining the privacy and security of the data, there
should a mechanism to give its access to patients themselves only and their doctors with their
consent. Patients can only modify, annotate, create, use, disseminate and delete the record. It has
been seen that fragmentation of medical records by many of the electronic medical record system
takes place by using incompatible means of storing, processing, acquiring, and communicate
19Thompson, Gwen, et al. "Impact of the electronic medical record on mortality, length of stay, and cost in the
hospital and ICU: a systematic review and metaanalysis." Critical care medicine 43.6 (2015): 1276-1282.
14MEDICAL LAW
patient’s data. Even the updating and addition of new information to the medical records should
be protected and can be made available to be done by patients or the specific doctors only.
According to the public standards and related doctrines, the access and permission should be in
the hands of the patients only in case of their electronic medical and health records. Software for
electronic medical record system should be build with the compliance of public standards and
concerned laws. Along with privacy to access the medical information of the patients, it will also
enable interoperability and connectivity, even in case of most diverse systems. Control of the
patients will make it possible to protect the medical and health records as per their individual
preferences. This will also help in preventing the misuse of the patient’s medical and personal
information. Access to the medical information can be easily protected by using password
protected files and folders. The password can be set by the patients only within the software
used. By enforcement and establishment of various laws and standards in context to privacy to
the access of personal and medical information of the individuals, all the medical data can be
stored securely over the internet with no or minimum access to the outsiders20.
3.3. Laws:
It is worth mentioning that, well maintained medical records shall definitely assist the
doctors and the medical practitioners from escaping personal liability in cases involving medical
negligence. In the case of Md. Aslam v. Ideal Nursing Home Orissa SCDRC 1994 (1) CPR
61921, a drastic step was taken on the part of the State Commission in regard to the regulations
governing the functioning of the nursing homes and in such process made valuable suggestions
regarding the preservation of medical records. Similarly in the case of Poona Medical
20 Eysenbach, Gunther and Alejandro R. Jadad. "Evidence-based Patient Choice and Consumer health informatics in
the Internet age." Journal of Medical Internet Research 3.2 (2001).
21Md. Aslam v. Ideal Nursing Home Orissa SCDRC 1994 (1) CPR 619.
patient’s data. Even the updating and addition of new information to the medical records should
be protected and can be made available to be done by patients or the specific doctors only.
According to the public standards and related doctrines, the access and permission should be in
the hands of the patients only in case of their electronic medical and health records. Software for
electronic medical record system should be build with the compliance of public standards and
concerned laws. Along with privacy to access the medical information of the patients, it will also
enable interoperability and connectivity, even in case of most diverse systems. Control of the
patients will make it possible to protect the medical and health records as per their individual
preferences. This will also help in preventing the misuse of the patient’s medical and personal
information. Access to the medical information can be easily protected by using password
protected files and folders. The password can be set by the patients only within the software
used. By enforcement and establishment of various laws and standards in context to privacy to
the access of personal and medical information of the individuals, all the medical data can be
stored securely over the internet with no or minimum access to the outsiders20.
3.3. Laws:
It is worth mentioning that, well maintained medical records shall definitely assist the
doctors and the medical practitioners from escaping personal liability in cases involving medical
negligence. In the case of Md. Aslam v. Ideal Nursing Home Orissa SCDRC 1994 (1) CPR
61921, a drastic step was taken on the part of the State Commission in regard to the regulations
governing the functioning of the nursing homes and in such process made valuable suggestions
regarding the preservation of medical records. Similarly in the case of Poona Medical
20 Eysenbach, Gunther and Alejandro R. Jadad. "Evidence-based Patient Choice and Consumer health informatics in
the Internet age." Journal of Medical Internet Research 3.2 (2001).
21Md. Aslam v. Ideal Nursing Home Orissa SCDRC 1994 (1) CPR 619.
15MEDICAL LAW
Foundation Ruby Hall Clinic v. Marutirao L. Titkare NCDRC 1995 (1) CPJ 232: 1995 (1)
CPR 661 (NCDRC) 1996 CCJ 7022, it was held by the National Commission that, not providing
the medical records does that constitute the fact that negligence has occurred or there was any
deficiency of service. In this case, it was further held by the Commission that, no evidences were
provided before the National Commission in order to prove by the application of law or by way
of practice that, there were obligations on the part of the hospital to provide the patient with the
full information regarding the surgery that has been performed.
In the year 1996, January, it was held by the Bombay High Court in Raghunath G.
Raheja v. Maharastra Medical Council (198 Bom AIR 1996)23, that it is the duty of the doctors
to provide the medical records of the patients to the relatives after levying appropriate fees from
them. In this regard, it was also held that, the medical practitioners and hospitals cannot claim
any confidentiality in regard to the medical records relating to the patient. According to the
Indian Medical Council (Professional conduct, Etiquette and Ethics) Regulations, 2002, it is
important on the part of the physicians to maintain the medical records for a considerable period
of three years from the date of the commencement of the treatment. In this regard, if any request
has been made by the patient or by his relative regarding the access of medical records, then the
doctor or the medical attendant is bound to do so within a stipulated period of 72 hours.
Similarly, in the case of Nihal Kaur v. Director, PGI, Chandigarh 1996 (3) CPJ 112
(Chandigarh (U.T.) CDRC)24, the State Commission was of the opinion that, the medical
practitioners were negligent in their actions in regard to the medical records. In the case of V P
22Poona Medical Foundation Ruby Hall Clinic v. Marutirao L. Titkare NCDRC 1995 (1) CPJ 232: 1995 (1) CPR 661
(NCDRC) 1996 CCJ 70.
23Raghunath G. Raheja v. Maharastra Medical Council (198 Bom AIR 1996).
24Nihal Kaur v. Director, PGI, Chandigarh 1996 (3) CPJ 112 (Chandigarh (U.T.) CDRC).
Foundation Ruby Hall Clinic v. Marutirao L. Titkare NCDRC 1995 (1) CPJ 232: 1995 (1)
CPR 661 (NCDRC) 1996 CCJ 7022, it was held by the National Commission that, not providing
the medical records does that constitute the fact that negligence has occurred or there was any
deficiency of service. In this case, it was further held by the Commission that, no evidences were
provided before the National Commission in order to prove by the application of law or by way
of practice that, there were obligations on the part of the hospital to provide the patient with the
full information regarding the surgery that has been performed.
In the year 1996, January, it was held by the Bombay High Court in Raghunath G.
Raheja v. Maharastra Medical Council (198 Bom AIR 1996)23, that it is the duty of the doctors
to provide the medical records of the patients to the relatives after levying appropriate fees from
them. In this regard, it was also held that, the medical practitioners and hospitals cannot claim
any confidentiality in regard to the medical records relating to the patient. According to the
Indian Medical Council (Professional conduct, Etiquette and Ethics) Regulations, 2002, it is
important on the part of the physicians to maintain the medical records for a considerable period
of three years from the date of the commencement of the treatment. In this regard, if any request
has been made by the patient or by his relative regarding the access of medical records, then the
doctor or the medical attendant is bound to do so within a stipulated period of 72 hours.
Similarly, in the case of Nihal Kaur v. Director, PGI, Chandigarh 1996 (3) CPJ 112
(Chandigarh (U.T.) CDRC)24, the State Commission was of the opinion that, the medical
practitioners were negligent in their actions in regard to the medical records. In the case of V P
22Poona Medical Foundation Ruby Hall Clinic v. Marutirao L. Titkare NCDRC 1995 (1) CPJ 232: 1995 (1) CPR 661
(NCDRC) 1996 CCJ 70.
23Raghunath G. Raheja v. Maharastra Medical Council (198 Bom AIR 1996).
24Nihal Kaur v. Director, PGI, Chandigarh 1996 (3) CPJ 112 (Chandigarh (U.T.) CDRC).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
16MEDICAL LAW
Shanta v. Cosmopolitan Hospitals (P) Ltd 1997 (1) CPR 377 (Kerala SCDRC)25, it was
observed that there was a failure on the part of the hospital to deliver the X-ray reports of the
patients was considered to be breach of duty by the State Commission. As a result of such an act
on the part of the hospital, the patient was deprived of his right of information regarding the
nature of the injury sustained by him. In the case of Force v. M Ganeswara Rao 1998 (3) CPR
251; 1998 (1) CPJ 413 (AP SCDRC)26, it was held by the State Commission that the medical
attendants were negligent in their actions as the case sheet prepared by them did not contain the
proper details of previous treatment. The consent documents were even missing from the
Medical Records Department. In this regard, mention can be made about the case of Dr C
Venkatasamy, Director, Aravind Eye Hospital v. N Mariappan Tamil Nadu State Consumer
Disputes Redressal Commission in order R.P.No.15/1998 dated 18/10/200227, it was observed
that free eye treatment was offered by the hospital in which the patient was not treated properly.
The Hospital claimed in their part that they are not liable under the provisions of the Consumer
Protection Act.
Chapter 4:
Data Security of Electronic medical records:
25V P Shanta v. Cosmopolitan Hospitals (P) Ltd 1997 (1) CPR 377 (Kerala SCDRC).
26 Force v. M Ganeswara Rao 1998 (3) CPR 251; 1998 (1) CPJ 413 (AP SCDRC).
27Dr C Venkatasamy, Director, Aravind Eye Hospital v. N Mariappan Tamil Nadu State Consumer Disputes
Redressal Commission in order R.P.No.15/1998 dated 18/10/2002.
Shanta v. Cosmopolitan Hospitals (P) Ltd 1997 (1) CPR 377 (Kerala SCDRC)25, it was
observed that there was a failure on the part of the hospital to deliver the X-ray reports of the
patients was considered to be breach of duty by the State Commission. As a result of such an act
on the part of the hospital, the patient was deprived of his right of information regarding the
nature of the injury sustained by him. In the case of Force v. M Ganeswara Rao 1998 (3) CPR
251; 1998 (1) CPJ 413 (AP SCDRC)26, it was held by the State Commission that the medical
attendants were negligent in their actions as the case sheet prepared by them did not contain the
proper details of previous treatment. The consent documents were even missing from the
Medical Records Department. In this regard, mention can be made about the case of Dr C
Venkatasamy, Director, Aravind Eye Hospital v. N Mariappan Tamil Nadu State Consumer
Disputes Redressal Commission in order R.P.No.15/1998 dated 18/10/200227, it was observed
that free eye treatment was offered by the hospital in which the patient was not treated properly.
The Hospital claimed in their part that they are not liable under the provisions of the Consumer
Protection Act.
Chapter 4:
Data Security of Electronic medical records:
25V P Shanta v. Cosmopolitan Hospitals (P) Ltd 1997 (1) CPR 377 (Kerala SCDRC).
26 Force v. M Ganeswara Rao 1998 (3) CPR 251; 1998 (1) CPJ 413 (AP SCDRC).
27Dr C Venkatasamy, Director, Aravind Eye Hospital v. N Mariappan Tamil Nadu State Consumer Disputes
Redressal Commission in order R.P.No.15/1998 dated 18/10/2002.
17MEDICAL LAW
4.1. Introduction:
The privacy and security concerns of the patients have been given much impetus in
modern context. With the adoption of electronic health records in the healthcare industry, data
security can be effectively assured. In this regard, in consideration to the existing legal
regulations, it is important to evaluate and discuss the security techniques in healthcare industries
for the purpose of adopting effective electronic health records system28. It is important to
mention, in this regard that the data security methods and techniques has been categorized on the
basis of three different themes which can be categorized as physical, administrative, and
technical. Physical aspects involve physical updating of records by the staff or the patients into
the data management system software over the internet or cloud server. First step is to enter the
data manually into the computer system from paper and it requires proper vigilance and accuracy
because if there is any inaccuracy or mistake in physical data entering or updating into the
computer system, this will lead to inaccuracy in the further data management of the patient.
Administrative aspect of data security in the healthcare industry involve management and regular
maintenance of the medical and health related data of the patients on the cloud server and the
data management system. This involves major role of the hospital or healthcare centre staff and
to some extent also involves the role of the patient. Any kind of error while administrative
management of the online health record of the patients, can lead to a serious problem and loss of
sensitive information. When it comes to technical aspect of the data security and privacy of the
medical records of the patients in the healthcare industry, it involves knowledge of technical
knowhow of the patients as well as the staff present at the healthcare centers. It also involves
technically sound data management system and technical issues related with it. There can be loss
28 Gottlieb, Laura M., et al. "Moving electronic medical records upstream: incorporating social determinants of
health." American Journal of Preventive Medicine 48.2 (2015): 215-218.
4.1. Introduction:
The privacy and security concerns of the patients have been given much impetus in
modern context. With the adoption of electronic health records in the healthcare industry, data
security can be effectively assured. In this regard, in consideration to the existing legal
regulations, it is important to evaluate and discuss the security techniques in healthcare industries
for the purpose of adopting effective electronic health records system28. It is important to
mention, in this regard that the data security methods and techniques has been categorized on the
basis of three different themes which can be categorized as physical, administrative, and
technical. Physical aspects involve physical updating of records by the staff or the patients into
the data management system software over the internet or cloud server. First step is to enter the
data manually into the computer system from paper and it requires proper vigilance and accuracy
because if there is any inaccuracy or mistake in physical data entering or updating into the
computer system, this will lead to inaccuracy in the further data management of the patient.
Administrative aspect of data security in the healthcare industry involve management and regular
maintenance of the medical and health related data of the patients on the cloud server and the
data management system. This involves major role of the hospital or healthcare centre staff and
to some extent also involves the role of the patient. Any kind of error while administrative
management of the online health record of the patients, can lead to a serious problem and loss of
sensitive information. When it comes to technical aspect of the data security and privacy of the
medical records of the patients in the healthcare industry, it involves knowledge of technical
knowhow of the patients as well as the staff present at the healthcare centers. It also involves
technically sound data management system and technical issues related with it. There can be loss
28 Gottlieb, Laura M., et al. "Moving electronic medical records upstream: incorporating social determinants of
health." American Journal of Preventive Medicine 48.2 (2015): 215-218.
18MEDICAL LAW
of all or part of the medical data saved over the cloud server electronically due to any kind of
technical fault or discrepancy. It is known to all that the information contained within electronic
health records are quite sensitive in nature. Due to this reason, there is a requirement to introduce
advanced security techniques. However, it is important on the part of these data security
techniques to address the existing threats of the healthcare sectors. There present both advantages
and disadvantages of the electronic medical records in the healthcare industry. Let’s discuss in
detail major pros and cons of the online healthcare data management system.
4.2. Advantages of electronic medical records:
In recent trends, there has been a transition from paper based records to storing of records
electronically. As a result of such drastic implementation, the healthcare sectors benefitted a lot.
An electronic health record (EHR) can be defined as the computerized format comprising of the
health related information of the patient in a digital manner29. The main importance of electronic
health records is to facilitate sharing of data in regard to the medical records, history and
medications of the patients. The information of the patients can be accessed remotely from any
part of the globe in just a click with all the medical history and details and updating of the
records also made easy and effortless. This made the whole process hassle free and very much
convenient both for the patient as well as doctors. Other than this, a lot of benefits can be
explained that comes with the transition from papers to online data management practices in the
healthcare industry. Each benefit is important in their own way and usage both in case of
management as well as accessing of the information. Therefore the advantages of the electronic
medical records can be categorized as-
29 Nguyen, Lemai, Emilia Bellucci, and Linh Thuy Nguyen. "Electronic health records implementation: an
evaluation of information system impact and contingency factors." International journal of medical
informatics 83.11 (2014): 779-796.
of all or part of the medical data saved over the cloud server electronically due to any kind of
technical fault or discrepancy. It is known to all that the information contained within electronic
health records are quite sensitive in nature. Due to this reason, there is a requirement to introduce
advanced security techniques. However, it is important on the part of these data security
techniques to address the existing threats of the healthcare sectors. There present both advantages
and disadvantages of the electronic medical records in the healthcare industry. Let’s discuss in
detail major pros and cons of the online healthcare data management system.
4.2. Advantages of electronic medical records:
In recent trends, there has been a transition from paper based records to storing of records
electronically. As a result of such drastic implementation, the healthcare sectors benefitted a lot.
An electronic health record (EHR) can be defined as the computerized format comprising of the
health related information of the patient in a digital manner29. The main importance of electronic
health records is to facilitate sharing of data in regard to the medical records, history and
medications of the patients. The information of the patients can be accessed remotely from any
part of the globe in just a click with all the medical history and details and updating of the
records also made easy and effortless. This made the whole process hassle free and very much
convenient both for the patient as well as doctors. Other than this, a lot of benefits can be
explained that comes with the transition from papers to online data management practices in the
healthcare industry. Each benefit is important in their own way and usage both in case of
management as well as accessing of the information. Therefore the advantages of the electronic
medical records can be categorized as-
29 Nguyen, Lemai, Emilia Bellucci, and Linh Thuy Nguyen. "Electronic health records implementation: an
evaluation of information system impact and contingency factors." International journal of medical
informatics 83.11 (2014): 779-796.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
19MEDICAL LAW
Improvement of quality of care:
Introduction of electronic medical record system in the healthcare has reduced the level of
medical errors to a great extent and hence improved the overall quality of patient’s care. It also
helps the patient to better understand their medical condition and the cure prescribed. It is
evident that computerised notes are easier to read and access than formal handwriting of a
physician. Digitized daily care checklists and medical updates about the admitted patient make it
easier and more efficient for the nurses to keep check regularly on the health of the patient. This
reduces the scope of any error and also saves time of the healthcare staff leading to better quality
of the service30. As a result of it, the risk of error is reduced considerably and positive impact is
created upon the quality of care towards the patient.
Maintaining efficacy:
Electronic medical records help in maintaining efficiency because due to its advent, the
medical practitioners and the medical staffs shall be benefitted as there is no need to search
relevant patient documents. This is due to the reason that, users would be able to access
electronic health records timely and efficiently. Electronic medical record system makes it easier
and quick for the patients to share their issues and health information with the physician or the
doctor and this enables on time treatment and proactive care. Personal health record helps
patients to manage their own health related information, track the progress and improvements
and accordingly plan their medication and diets. This will lead to better and effective cure and on
time examination and its treatment, making the process smooth and also helps in curing the
disease at the earlier stages. The same data can be anytime shared with the dietician or the doctor
30Zahabi, Maryam, David B. Kaber, and Manida Swangnetr. "Usability and safety in electronic medical records
interface design: a review of recent literature and guideline formulation." Human factors 57.5 (2015): 805-834.
Improvement of quality of care:
Introduction of electronic medical record system in the healthcare has reduced the level of
medical errors to a great extent and hence improved the overall quality of patient’s care. It also
helps the patient to better understand their medical condition and the cure prescribed. It is
evident that computerised notes are easier to read and access than formal handwriting of a
physician. Digitized daily care checklists and medical updates about the admitted patient make it
easier and more efficient for the nurses to keep check regularly on the health of the patient. This
reduces the scope of any error and also saves time of the healthcare staff leading to better quality
of the service30. As a result of it, the risk of error is reduced considerably and positive impact is
created upon the quality of care towards the patient.
Maintaining efficacy:
Electronic medical records help in maintaining efficiency because due to its advent, the
medical practitioners and the medical staffs shall be benefitted as there is no need to search
relevant patient documents. This is due to the reason that, users would be able to access
electronic health records timely and efficiently. Electronic medical record system makes it easier
and quick for the patients to share their issues and health information with the physician or the
doctor and this enables on time treatment and proactive care. Personal health record helps
patients to manage their own health related information, track the progress and improvements
and accordingly plan their medication and diets. This will lead to better and effective cure and on
time examination and its treatment, making the process smooth and also helps in curing the
disease at the earlier stages. The same data can be anytime shared with the dietician or the doctor
30Zahabi, Maryam, David B. Kaber, and Manida Swangnetr. "Usability and safety in electronic medical records
interface design: a review of recent literature and guideline formulation." Human factors 57.5 (2015): 805-834.
20MEDICAL LAW
for taking their review and feedback upon the progress or the changes needs to be made in the
medication or diets. Caregiver can be regularly updated about the improvements in the health of
the patient and can access the records whenever required and from any digital device, resulting in
better connection between the patient and the caregiver31.
Limiting space requirement:
Electronic health record helps in saving a huge amount of space of the office which has
been pre-occupied by the documents containing the case history of the patients. With more and
more changes in the lifestyle, more health issues are arising day by day and that has resulted in
increased number of patients in any small or big hospital and even at the health centres. It is very
much difficult to manage such level of medical records and information on papers and then get
that much of storage space for maintaining and storing that data properly for uncountable years.
In case of any loss of space or any kind of calamity whether natural or manmade, such as
demolition or transfer of the medical setup, documents in the form of paper can be lost or get
damaged easily. This will lead to loss of medical information and health records of the patients
without any backup. In case of electronic health record management, all the data is saved over
the servers in the cloud and hence there is no requirement of storage space for storing the papers
and documents. Even the backup can be easily created for each kind of information about the
patients and hence, this will not lead to any kind of loss of medical records. Patients can save
copies of their medical and health records on their systems too32.
The access to patients:
31 Tang, Paul C., et al. "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to
Adoption." Journal of the American Medical Informatics Association 13.2 (2006): 121–126.
32 Li, Zhuo-Rong, et al. "A secure electronic medical record sharing mechanism in the cloud computing platform."
IEEE 15th International Symposium on Consumer Electronics (ISCE). IEEE, 2011. 98-103.
for taking their review and feedback upon the progress or the changes needs to be made in the
medication or diets. Caregiver can be regularly updated about the improvements in the health of
the patient and can access the records whenever required and from any digital device, resulting in
better connection between the patient and the caregiver31.
Limiting space requirement:
Electronic health record helps in saving a huge amount of space of the office which has
been pre-occupied by the documents containing the case history of the patients. With more and
more changes in the lifestyle, more health issues are arising day by day and that has resulted in
increased number of patients in any small or big hospital and even at the health centres. It is very
much difficult to manage such level of medical records and information on papers and then get
that much of storage space for maintaining and storing that data properly for uncountable years.
In case of any loss of space or any kind of calamity whether natural or manmade, such as
demolition or transfer of the medical setup, documents in the form of paper can be lost or get
damaged easily. This will lead to loss of medical information and health records of the patients
without any backup. In case of electronic health record management, all the data is saved over
the servers in the cloud and hence there is no requirement of storage space for storing the papers
and documents. Even the backup can be easily created for each kind of information about the
patients and hence, this will not lead to any kind of loss of medical records. Patients can save
copies of their medical and health records on their systems too32.
The access to patients:
31 Tang, Paul C., et al. "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to
Adoption." Journal of the American Medical Informatics Association 13.2 (2006): 121–126.
32 Li, Zhuo-Rong, et al. "A secure electronic medical record sharing mechanism in the cloud computing platform."
IEEE 15th International Symposium on Consumer Electronics (ISCE). IEEE, 2011. 98-103.
21MEDICAL LAW
Most of the electronic health records maintain a patient portal containing the medical
history and relevant health information regarding the patients. So that at any point of time the
information can be easily accessed remotely by the patient or his / her caretaker and doctor in
care of need. Patient can easily see the detailed information and update it regularly through
various digital devices. Information about the regular health updates of the patients can be easily
passed on to the doctor for any kind of feedback if required. There are devices that can check the
blood sugar level, blood pressure, etc. and simultaneously transfer the results to the server and
save the current status. This result can then be compared with previous results of the same digital
devices and the progress can be estimated in the treatment for example lowering or increase in
the level of blood pressure or blood sugar level of the patient. This helps in regular check-up and
tracking of the disease or any kind of medical condition on daily basis by the patient himself and
can be passed on to the physician33.
Financial incentives:
With the successful installation of an electronic health records medical claims like
Medicare and Medicaid can be obtained which means that the patient is eligible to receive
benefits from the deferral government. Electronic medical record system has been proved to save
large amount of data management cost as there is requirement of no storage space when
infrastructure is concerned. All the data is stored on the server over the internet. The data can be
easily updated and accessed directly by the patients and the doctors. It saves the need of extra
staff for managing and maintaining the papers and documents every now and then to update and
save the medical records. Even the paper cost is getting saved with electronic health record
system. By saving time of wring everything manually by the physicians and other caretaking
33 Bates, David W., et al. "A Proposal for Electronic Medical Records in U.S. Primary Care." Journal of the
American Medical Informatics Association 10.1 (2003): 1–10.
Most of the electronic health records maintain a patient portal containing the medical
history and relevant health information regarding the patients. So that at any point of time the
information can be easily accessed remotely by the patient or his / her caretaker and doctor in
care of need. Patient can easily see the detailed information and update it regularly through
various digital devices. Information about the regular health updates of the patients can be easily
passed on to the doctor for any kind of feedback if required. There are devices that can check the
blood sugar level, blood pressure, etc. and simultaneously transfer the results to the server and
save the current status. This result can then be compared with previous results of the same digital
devices and the progress can be estimated in the treatment for example lowering or increase in
the level of blood pressure or blood sugar level of the patient. This helps in regular check-up and
tracking of the disease or any kind of medical condition on daily basis by the patient himself and
can be passed on to the physician33.
Financial incentives:
With the successful installation of an electronic health records medical claims like
Medicare and Medicaid can be obtained which means that the patient is eligible to receive
benefits from the deferral government. Electronic medical record system has been proved to save
large amount of data management cost as there is requirement of no storage space when
infrastructure is concerned. All the data is stored on the server over the internet. The data can be
easily updated and accessed directly by the patients and the doctors. It saves the need of extra
staff for managing and maintaining the papers and documents every now and then to update and
save the medical records. Even the paper cost is getting saved with electronic health record
system. By saving time of wring everything manually by the physicians and other caretaking
33 Bates, David W., et al. "A Proposal for Electronic Medical Records in U.S. Primary Care." Journal of the
American Medical Informatics Association 10.1 (2003): 1–10.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
22MEDICAL LAW
staff, more effectiveness can be seen and less staff can be employed to do other tasks in better
way. This will also reduce the overall cost spend on the staff by the hospitals and other
healthcare units. Patients find it difficult to visit the hospital or the healthcare centre physically
every time for small routine check-ups and updates. They can do it virtually over the digital
devices and get it checked by the doctors from anywhere. This will save the time as well as cost
of the patients too34.
4.3. Disadvantages of Electronic medical record with paper records:
During the early years, the medical history of the patients was stored in paper records.
This age old method has been replaced with electronic storing devices after electronic medical
records came into being. Now all the information related to medical issues and medical history of
the patient can be retrieved and accessed by the patients and the doctors electronically from
anywhere and anytime. With emergence of technology like online data management system and
cloud servers, all the paper records are being transferred and maintained over the internet
electronically in most of the healthcare centres and hospitals35. It is noteworthy to mention here
that electronic medical records have certain disadvantages as compared to paper records which
can be emphasized as-
1. Issues regarding privacy and security:
It is a common issue with the usage of modern computer system is that it can be easily
hacked. Similarly, electronic health record systems are vulnerable to hacking. As a result of it
any kind of confidential information related to a sensitive patient can fall in the hands of a wrong
34 Hillestad, Richard, et al. "Can electronic medical record systems transform health care? Potential health benefits,
savings, and costs." Health affairs 24.5 (2005): 1103-1117.
35Srivastava, Shirish C., and G. Shainesh. "Bridging the Service Divide through Digitally Enabled Service
innovations; Evidence from Indian Health Care Service Providers." MIS Q 39.1 (2015).
staff, more effectiveness can be seen and less staff can be employed to do other tasks in better
way. This will also reduce the overall cost spend on the staff by the hospitals and other
healthcare units. Patients find it difficult to visit the hospital or the healthcare centre physically
every time for small routine check-ups and updates. They can do it virtually over the digital
devices and get it checked by the doctors from anywhere. This will save the time as well as cost
of the patients too34.
4.3. Disadvantages of Electronic medical record with paper records:
During the early years, the medical history of the patients was stored in paper records.
This age old method has been replaced with electronic storing devices after electronic medical
records came into being. Now all the information related to medical issues and medical history of
the patient can be retrieved and accessed by the patients and the doctors electronically from
anywhere and anytime. With emergence of technology like online data management system and
cloud servers, all the paper records are being transferred and maintained over the internet
electronically in most of the healthcare centres and hospitals35. It is noteworthy to mention here
that electronic medical records have certain disadvantages as compared to paper records which
can be emphasized as-
1. Issues regarding privacy and security:
It is a common issue with the usage of modern computer system is that it can be easily
hacked. Similarly, electronic health record systems are vulnerable to hacking. As a result of it
any kind of confidential information related to a sensitive patient can fall in the hands of a wrong
34 Hillestad, Richard, et al. "Can electronic medical record systems transform health care? Potential health benefits,
savings, and costs." Health affairs 24.5 (2005): 1103-1117.
35Srivastava, Shirish C., and G. Shainesh. "Bridging the Service Divide through Digitally Enabled Service
innovations; Evidence from Indian Health Care Service Providers." MIS Q 39.1 (2015).
23MEDICAL LAW
person. The medical records contain a lot of personal and detailed information of the patients that
can be accessed by anyone with false intensions and can be put to violation. With any kind of
fault or failure of the server on which the medical records are saved, whole data about the
patients will be lost completely. Among the various different issues that comes during the
adoption and efficient implementation of the electronic data management system in the
healthcare industry, major issue comes up is the data security and privacy. Still patient’s
information is not completely safe and protected on the online data management systems36.
2. Providing inaccurate information:
Providing wrong and inaccurate information related to the patient’s health can be
observed in the electronic medical records. It is true that, each and every day, new record are
being added however; it is necessary to keep these information updated in the electronic medical
records37. If the medical authorities fail to do so the patient shall rely upon inaccurate data which
do not occur in case of paper records. In a day a large pool of patients visit a hospital or a
healthcare centre. There occur manual entries of the medical information and data of the patients
by the staff of the hospital. This is very much possible that there can be inaccuracy in the
medical data updating and completeness of the information. This inaccuracy can occur with any
level of updating the records. For example a patient is serious and due to need of immediate
treatment some information is missed to be uploaded on the server, then this will affect the
further treatment and lead to inaccuracy of the medical record. Prescriptions are updated and sent
to patients regularly as per the current information and status of the health stored over the server
36 Ludwick, D. A. and John Doucette. "Adopting electronic medical records in primary care: lessons learned from
health information systems implementation experience in seven countries." International Journal of Medical
Informatics 78.1 (2009): 22-31.
37Asija, Ruchika, and Rajarathnam Nallusamy. "Healthcare saas based on a data model with built-in security and
privacy." International Journal of Cloud Applications and Computing (IJCAC) 6.3 (2016): 1-14.
person. The medical records contain a lot of personal and detailed information of the patients that
can be accessed by anyone with false intensions and can be put to violation. With any kind of
fault or failure of the server on which the medical records are saved, whole data about the
patients will be lost completely. Among the various different issues that comes during the
adoption and efficient implementation of the electronic data management system in the
healthcare industry, major issue comes up is the data security and privacy. Still patient’s
information is not completely safe and protected on the online data management systems36.
2. Providing inaccurate information:
Providing wrong and inaccurate information related to the patient’s health can be
observed in the electronic medical records. It is true that, each and every day, new record are
being added however; it is necessary to keep these information updated in the electronic medical
records37. If the medical authorities fail to do so the patient shall rely upon inaccurate data which
do not occur in case of paper records. In a day a large pool of patients visit a hospital or a
healthcare centre. There occur manual entries of the medical information and data of the patients
by the staff of the hospital. This is very much possible that there can be inaccuracy in the
medical data updating and completeness of the information. This inaccuracy can occur with any
level of updating the records. For example a patient is serious and due to need of immediate
treatment some information is missed to be uploaded on the server, then this will affect the
further treatment and lead to inaccuracy of the medical record. Prescriptions are updated and sent
to patients regularly as per the current information and status of the health stored over the server
36 Ludwick, D. A. and John Doucette. "Adopting electronic medical records in primary care: lessons learned from
health information systems implementation experience in seven countries." International Journal of Medical
Informatics 78.1 (2009): 22-31.
37Asija, Ruchika, and Rajarathnam Nallusamy. "Healthcare saas based on a data model with built-in security and
privacy." International Journal of Cloud Applications and Computing (IJCAC) 6.3 (2016): 1-14.
24MEDICAL LAW
about the patient. Any kind of inaccuracy in the records will lead to prescription of wrong
medicine or can miss any important medicine. This will lead to harmful effects on the health of
the patient. This makes paper records more accurate in comparison to electronic records
management system in the healthcare industry38.
3. Inaccessibility:
Electronic medical records enables an individual to access the medical case data
efficiently. However, many people are not aware of the modern technology. Therefore, as a
result of it, it will be difficult for them to access their medical updates from time to time. Patients
are of every age group, teenagers, infants, kids, young adults, and old age people. Most of them
are old people with major health issues and need continuous and timely checkups and health
updates in order to maintain proper check on their health in the old age. In comparison to young
adults and teenagers, elderly and old age people are not that much tech savvy. They find it
difficult to manage and maintain each and everything over the internet or electronically. A major
part of the patients does not even know how to operate computer systems efficiently, then how
will they access and update their medical records electronically. This makes the whole process of
online management of the medical and health records difficult for the patients to understand.
Many times this lead to failure in updating of the current situation or medication by the patients
in their medical records and it creates inaccuracy and incomplete data39.
4. Potential Liability issues:
38 Ernst, M. E., et al. "Medication discrepancies in an outpatient electronic medical record." American Journal of
Health-System Pharmacy 58.21 (2001): 2072-2075.
39 Walsh, Stephen H. "The clinician's perspective on electronic health records and how they can affect patient care."
Bmj 328.7449 (2004): 1184-1187.
about the patient. Any kind of inaccuracy in the records will lead to prescription of wrong
medicine or can miss any important medicine. This will lead to harmful effects on the health of
the patient. This makes paper records more accurate in comparison to electronic records
management system in the healthcare industry38.
3. Inaccessibility:
Electronic medical records enables an individual to access the medical case data
efficiently. However, many people are not aware of the modern technology. Therefore, as a
result of it, it will be difficult for them to access their medical updates from time to time. Patients
are of every age group, teenagers, infants, kids, young adults, and old age people. Most of them
are old people with major health issues and need continuous and timely checkups and health
updates in order to maintain proper check on their health in the old age. In comparison to young
adults and teenagers, elderly and old age people are not that much tech savvy. They find it
difficult to manage and maintain each and everything over the internet or electronically. A major
part of the patients does not even know how to operate computer systems efficiently, then how
will they access and update their medical records electronically. This makes the whole process of
online management of the medical and health records difficult for the patients to understand.
Many times this lead to failure in updating of the current situation or medication by the patients
in their medical records and it creates inaccuracy and incomplete data39.
4. Potential Liability issues:
38 Ernst, M. E., et al. "Medication discrepancies in an outpatient electronic medical record." American Journal of
Health-System Pharmacy 58.21 (2001): 2072-2075.
39 Walsh, Stephen H. "The clinician's perspective on electronic health records and how they can affect patient care."
Bmj 328.7449 (2004): 1184-1187.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
25MEDICAL LAW
With the implementation of electronic medical records, various potential liability issues
are associated with it. It might occur that medical data can get lost or can be destroyed when
there is a sudden transition from paper based data to a digitalized system. As a result of it
treatment errors can arise40. Since it is believed that doctors are given the authority to have access
to medical data by using the electronic medical record; therefore the doctors shall be held liable
if they did not access the information properly. In many small and big clinical centres, still the
basic prescription is made on papers and then that information in manually uploaded by the staff
over the server on the online data management system. This can result in any kind of mistake
during updating the medical records from paper to online system. At the time of rush or when
there are more number of patients, prescription can be exchanged and information can overlap
during updating it on the system, this will create a major inaccuracy and loss of data. In
pathologies and testing labs, it is very much important to maintain the accuracy and proper
updating of records about the reports of the patients. Any kind of mistake or wrong information
update can lead to severe consequences for the medical health of the patient41.
4.4 Data Security:
Data security involves planning, development and the execution of security policies and
procedures for the purpose of providing appropriate authentication and authorization to the
existing data and information system. The specifications of data security and its protection are
not uniform as it differs from one country to another42. Therefore, data security is referred to the
process of protecting digital privacy which is generally applied in order to prevent illegal or
40 Kaushik, Anjali, and Aparna Raman. "The new data-driven enterprise architecture for e-healthcare: Lessons from
the Indian public sector." Government Information Quarterly 32.1 (2015): 63-74.
41 Barrows, Randolph C. and Paul D. Clayton. "Privacy, Confidentiality, and Electronic Medical Records." Journal
of the American Medical Informatics Association 3.2 (1996): 139–148.
42 Islam, SM Riazul, et al. "The internet of things for health care: a comprehensive survey." IEEE Access 3 (2015):
678-708.
With the implementation of electronic medical records, various potential liability issues
are associated with it. It might occur that medical data can get lost or can be destroyed when
there is a sudden transition from paper based data to a digitalized system. As a result of it
treatment errors can arise40. Since it is believed that doctors are given the authority to have access
to medical data by using the electronic medical record; therefore the doctors shall be held liable
if they did not access the information properly. In many small and big clinical centres, still the
basic prescription is made on papers and then that information in manually uploaded by the staff
over the server on the online data management system. This can result in any kind of mistake
during updating the medical records from paper to online system. At the time of rush or when
there are more number of patients, prescription can be exchanged and information can overlap
during updating it on the system, this will create a major inaccuracy and loss of data. In
pathologies and testing labs, it is very much important to maintain the accuracy and proper
updating of records about the reports of the patients. Any kind of mistake or wrong information
update can lead to severe consequences for the medical health of the patient41.
4.4 Data Security:
Data security involves planning, development and the execution of security policies and
procedures for the purpose of providing appropriate authentication and authorization to the
existing data and information system. The specifications of data security and its protection are
not uniform as it differs from one country to another42. Therefore, data security is referred to the
process of protecting digital privacy which is generally applied in order to prevent illegal or
40 Kaushik, Anjali, and Aparna Raman. "The new data-driven enterprise architecture for e-healthcare: Lessons from
the Indian public sector." Government Information Quarterly 32.1 (2015): 63-74.
41 Barrows, Randolph C. and Paul D. Clayton. "Privacy, Confidentiality, and Electronic Medical Records." Journal
of the American Medical Informatics Association 3.2 (1996): 139–148.
42 Islam, SM Riazul, et al. "The internet of things for health care: a comprehensive survey." IEEE Access 3 (2015):
678-708.
26MEDICAL LAW
unauthorized access to computers and databases. It protects data from overall corruption. Data
security is important for healthcare sectors for maintaining the confidentiality of medical
conditions of the patients. Privacy and security of medical data is of major importance when it
comes to successful adoption of any kind of medical assistive technology. Information related to
age, gender, and health status, etc. are recorded and analysed in the records. All these personal
information should be kept securely under strict vigilance43. With time the cost of health
premiums, health insurance, and healthcare facilities are increasing continuously. There comes
the need for same level of proactive wellness and healthcare. This has led to the introduction and
usage of digitized systems of maintaining medical records of the patients in electronic form. In
healthcare industry, this has brought a paradigm shift. This has resulted in timeliness,
complexity, and diversity in the sheer volume of healthcare data recorded in the healthcare
industry. It is true that digital health records maintaining systems and big data is helping the
medical and healthcare industry in making the process fast and proactive but with this, comes the
major issues of data privacy and security. These aspects consist of the major reasons behind
continuously growing vulnerabilities and threats emerging in the healthcare industry44. With the
emergence of cloud technology and saving all the personal online healthcare records of the
patients on cloud, it becomes easy to access, manage, and maintain this information in a
centralized way by the patients as well as by the doctors. This reduces the overall operational
cost and makes the whole process electronically available. But this has led to loss of personal
control on the personal health information by the patients. This calls for encryption of the
43 Wilkowska, Wiktoria and Martina Ziefle. "Privacy and data security in E-health: Requirements from the user’s
perspective." Health Informatics Journal 18.3 (2012): 191-201.
44 Patil, Harsh Kupwade and Ravi Seshadri. "Big Data Security and Privacy Issues in Healthcare." IEEE
International Congress on Big Data. IEEE, 2014. 762-765.
unauthorized access to computers and databases. It protects data from overall corruption. Data
security is important for healthcare sectors for maintaining the confidentiality of medical
conditions of the patients. Privacy and security of medical data is of major importance when it
comes to successful adoption of any kind of medical assistive technology. Information related to
age, gender, and health status, etc. are recorded and analysed in the records. All these personal
information should be kept securely under strict vigilance43. With time the cost of health
premiums, health insurance, and healthcare facilities are increasing continuously. There comes
the need for same level of proactive wellness and healthcare. This has led to the introduction and
usage of digitized systems of maintaining medical records of the patients in electronic form. In
healthcare industry, this has brought a paradigm shift. This has resulted in timeliness,
complexity, and diversity in the sheer volume of healthcare data recorded in the healthcare
industry. It is true that digital health records maintaining systems and big data is helping the
medical and healthcare industry in making the process fast and proactive but with this, comes the
major issues of data privacy and security. These aspects consist of the major reasons behind
continuously growing vulnerabilities and threats emerging in the healthcare industry44. With the
emergence of cloud technology and saving all the personal online healthcare records of the
patients on cloud, it becomes easy to access, manage, and maintain this information in a
centralized way by the patients as well as by the doctors. This reduces the overall operational
cost and makes the whole process electronically available. But this has led to loss of personal
control on the personal health information by the patients. This calls for encryption of the
43 Wilkowska, Wiktoria and Martina Ziefle. "Privacy and data security in E-health: Requirements from the user’s
perspective." Health Informatics Journal 18.3 (2012): 191-201.
44 Patil, Harsh Kupwade and Ravi Seshadri. "Big Data Security and Privacy Issues in Healthcare." IEEE
International Congress on Big Data. IEEE, 2014. 762-765.
27MEDICAL LAW
medical data by the patients before making it stored on the cloud. Data encryption makes it too
much challenging for anyone else to access the information as uploaded over the cloud server
and makes the process efficient in relation with security and privacy aspects of the health data45.
One way of securing the personal information of the patients in case of medical records is by
partitioning of the medical and the personal data from the information. Each portion is provided
with an identification code. The part of the data containing personal information can be
encrypted so as make it accessible only by the ones who have key for that encryption. The
medical data part of the information is not encrypted and doctors can easily access that part
whenever they need to. Each of these two parts of the data can be separately uploaded on the
cloud system and can be accessed separately. Whole set of medical records can be only
accessible by the people who get the key for accessing the complete medical records46.
Chapter 5:
Conclusion:
In the conclusion, it can be stated that, a well preserved medical record has the capacity
to maintain the details of a patient’s medical history. Confidentiality is something which is
related to an individual’s self respect and trust. In medical practice, trust is the main foundation
governing a doctor patient relationship. Therefore, it is important to preserve confidential
45 Li, Ming, et al. "Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data
Access Control in Multi-owner Settings." International conference on security and privacy in communication
systems. Berlin, Heidelberg: Springer, 2010. 89-106.\
46 Koo, Charles C. and Yuh-Ming Shyy. Washington, DC: Patent U.S. Patent No. 6,874,085. 2005.
medical data by the patients before making it stored on the cloud. Data encryption makes it too
much challenging for anyone else to access the information as uploaded over the cloud server
and makes the process efficient in relation with security and privacy aspects of the health data45.
One way of securing the personal information of the patients in case of medical records is by
partitioning of the medical and the personal data from the information. Each portion is provided
with an identification code. The part of the data containing personal information can be
encrypted so as make it accessible only by the ones who have key for that encryption. The
medical data part of the information is not encrypted and doctors can easily access that part
whenever they need to. Each of these two parts of the data can be separately uploaded on the
cloud system and can be accessed separately. Whole set of medical records can be only
accessible by the people who get the key for accessing the complete medical records46.
Chapter 5:
Conclusion:
In the conclusion, it can be stated that, a well preserved medical record has the capacity
to maintain the details of a patient’s medical history. Confidentiality is something which is
related to an individual’s self respect and trust. In medical practice, trust is the main foundation
governing a doctor patient relationship. Therefore, it is important to preserve confidential
45 Li, Ming, et al. "Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data
Access Control in Multi-owner Settings." International conference on security and privacy in communication
systems. Berlin, Heidelberg: Springer, 2010. 89-106.\
46 Koo, Charles C. and Yuh-Ming Shyy. Washington, DC: Patent U.S. Patent No. 6,874,085. 2005.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
28MEDICAL LAW
information in a proper way. This is due to the reason that accurately preserved case notes has
been safeguarding the ethical and legal interests of the patients for a long time. However, it acts
as a shield to the healthcare practitioners from professional misconduct. In modern era, where
litigation is considered to be inevitable, every healthcare institution should develop an organized
Medical Records Department for the purpose of safeguarding confidential information related to
the patient’s health condition. These records can be easily retrieved from electronic health
records whenever necessary. It is noteworthy to mention here that, from the very beginning there
have been a sudden shift from manual records system to electronic medical records as a reason of
ease of storage and retrieval. It is evident that in modern era, the manual counterparts have been
successfully replaced digital types notes. This is due to the reason that the age old manual
technique was time consuming and sometimes inaccurate.
Digitally typed notes into an electronic device save much time and provides accuracy
than handwritten notes. However, these electronic medical records do have few drawbacks as
well which includes privacy concerns, misuse of information in regard to the range of advantages
offered by these digitalized technique. Mention can be made about alleged medical malpractice
which proves to be a major disadvantage of such digitalized practice. In spite of all these, it is
known to all that electronic records are admissible as evidences presented before the court. Data
encryption techniques can be adopted in order make the medical and personal records accessible
with the use of key only. This can reduce the risk of information los or information misuse in
case of online data management system in the healthcare industry. This will also help in making
the information accessible to doctors and patients only and help in maintain the accuracy of the
health related medical information. Regular updating and proper check on the medical records
can make the process better and efficient. It can be finally concluded that, it is important to
information in a proper way. This is due to the reason that accurately preserved case notes has
been safeguarding the ethical and legal interests of the patients for a long time. However, it acts
as a shield to the healthcare practitioners from professional misconduct. In modern era, where
litigation is considered to be inevitable, every healthcare institution should develop an organized
Medical Records Department for the purpose of safeguarding confidential information related to
the patient’s health condition. These records can be easily retrieved from electronic health
records whenever necessary. It is noteworthy to mention here that, from the very beginning there
have been a sudden shift from manual records system to electronic medical records as a reason of
ease of storage and retrieval. It is evident that in modern era, the manual counterparts have been
successfully replaced digital types notes. This is due to the reason that the age old manual
technique was time consuming and sometimes inaccurate.
Digitally typed notes into an electronic device save much time and provides accuracy
than handwritten notes. However, these electronic medical records do have few drawbacks as
well which includes privacy concerns, misuse of information in regard to the range of advantages
offered by these digitalized technique. Mention can be made about alleged medical malpractice
which proves to be a major disadvantage of such digitalized practice. In spite of all these, it is
known to all that electronic records are admissible as evidences presented before the court. Data
encryption techniques can be adopted in order make the medical and personal records accessible
with the use of key only. This can reduce the risk of information los or information misuse in
case of online data management system in the healthcare industry. This will also help in making
the information accessible to doctors and patients only and help in maintain the accuracy of the
health related medical information. Regular updating and proper check on the medical records
can make the process better and efficient. It can be finally concluded that, it is important to
29MEDICAL LAW
ensure the security of a computer system for the purpose of maintaining privacy and preventing
unauthorized access to medical information.
ensure the security of a computer system for the purpose of maintaining privacy and preventing
unauthorized access to medical information.
30MEDICAL LAW
References:
Cases:
1. Cornelius v Taranto [2001] 68 BMR 62.
2. Dr C Venkatasamy, Director, Aravind Eye Hospital v. N Mariappan Tamil Nadu State
Consumer Disputes Redressal Commission in order R.P.No.15/1998 dated 18/10/2002.
3. Force v. M Ganeswara Rao 1998 (3) CPR 251; 1998 (1) CPJ 413 (AP SCDRC).
4. H (A Healthcare Worker) V Associated Newspapers Limited: Ca 27 Feb 2002.
5. Kharak Singh vs. State of U.P (AIR 1963 SC 1295.
6. Md. Aslam v. Ideal Nursing Home Orissa SCDRC 1994 (1) CPR 619.
7. Nihal Kaur v. Director, PGI, Chandigarh 1996 (3) CPJ 112 (Chandigarh (U.T.) CDRC).
8. Poona Medical Foundation Ruby Hall Clinic v. Marutirao L. Titkare NCDRC 1995 (1)
CPJ 232: 1995 (1) CPR 661 (NCDRC) 1996 CCJ 70.
9. Raghunath G. Raheja v. Maharastra Medical Council (198 Bom AIR 1996).
10. Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC).
11. V P Shanta v. Cosmopolitan Hospitals (P) Ltd 1997 (1) CPR 377 (Kerala SCDRC).
12. W v Edgell [1990] 1 ALL ER 835.
Journals:
13. Asija, Ruchika, and Rajarathnam Nallusamy. "Healthcare saas based on a data model
with built-in security and privacy." International Journal of Cloud Applications and
Computing (IJCAC) 6.3 (2016): 1-14.
References:
Cases:
1. Cornelius v Taranto [2001] 68 BMR 62.
2. Dr C Venkatasamy, Director, Aravind Eye Hospital v. N Mariappan Tamil Nadu State
Consumer Disputes Redressal Commission in order R.P.No.15/1998 dated 18/10/2002.
3. Force v. M Ganeswara Rao 1998 (3) CPR 251; 1998 (1) CPJ 413 (AP SCDRC).
4. H (A Healthcare Worker) V Associated Newspapers Limited: Ca 27 Feb 2002.
5. Kharak Singh vs. State of U.P (AIR 1963 SC 1295.
6. Md. Aslam v. Ideal Nursing Home Orissa SCDRC 1994 (1) CPR 619.
7. Nihal Kaur v. Director, PGI, Chandigarh 1996 (3) CPJ 112 (Chandigarh (U.T.) CDRC).
8. Poona Medical Foundation Ruby Hall Clinic v. Marutirao L. Titkare NCDRC 1995 (1)
CPJ 232: 1995 (1) CPR 661 (NCDRC) 1996 CCJ 70.
9. Raghunath G. Raheja v. Maharastra Medical Council (198 Bom AIR 1996).
10. Samira Kohli vs. Prabha Manchanda Dr. & ANR 1(2008) CPJ 56 (SC).
11. V P Shanta v. Cosmopolitan Hospitals (P) Ltd 1997 (1) CPR 377 (Kerala SCDRC).
12. W v Edgell [1990] 1 ALL ER 835.
Journals:
13. Asija, Ruchika, and Rajarathnam Nallusamy. "Healthcare saas based on a data model
with built-in security and privacy." International Journal of Cloud Applications and
Computing (IJCAC) 6.3 (2016): 1-14.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
31MEDICAL LAW
14. Barrows, Randolph C. and Paul D. Clayton. "Privacy, Confidentiality, and Electronic
Medical Records." Journal of the American Medical Informatics Association 3.2 (1996):
139–148.
15. Bates, David W., et al. "A Proposal for Electronic Medical Records in U.S. Primary
Care." Journal of the American Medical Informatics Association 10.1 (2003): 1–10.
16. Birkhead, Guthrie S., Michael Klompas, and Nirav R. Shah. "Uses of electronic health
records for public health surveillance to advance public health." Annual review of public
health 36 (2015): 345-359.
17. Boonstra, Albert, Arie Versluis, and Janita FJ Vos. "Implementing electronic health
records in hospitals: a systematic literature review." BMC health services research14.1
(2014): 370.
18. Chaturvedi, Anil. "Consent — Its Medico-legal Aspects." Medicine Update (2007): 883-
887.
19. Corona, Lauren E., et al. "Use of other treatments before hysterectomy for benign
conditions in a statewide hospital collaborative." American journal of obstetrics and
gynecology212.3 (2015): 304-e1.
20. Dhanireddy, Shireesha, et al. "The urban underserved: attitudes towards gaining full
access to electronic medical records." Health Expectations 17.5 (2014): 724-732.
21. Ernst, M. E., et al. "Medication discrepancies in an outpatient electronic medical record."
American Journal of Health-System Pharmacy 58.21 (2001): 2072-2075.
22. Eysenbach, Gunther and Alejandro R. Jadad. "Evidence-based Patient Choice and
Consumer health informatics in the Internet age." Journal of Medical Internet Research
3.2 (2001).
14. Barrows, Randolph C. and Paul D. Clayton. "Privacy, Confidentiality, and Electronic
Medical Records." Journal of the American Medical Informatics Association 3.2 (1996):
139–148.
15. Bates, David W., et al. "A Proposal for Electronic Medical Records in U.S. Primary
Care." Journal of the American Medical Informatics Association 10.1 (2003): 1–10.
16. Birkhead, Guthrie S., Michael Klompas, and Nirav R. Shah. "Uses of electronic health
records for public health surveillance to advance public health." Annual review of public
health 36 (2015): 345-359.
17. Boonstra, Albert, Arie Versluis, and Janita FJ Vos. "Implementing electronic health
records in hospitals: a systematic literature review." BMC health services research14.1
(2014): 370.
18. Chaturvedi, Anil. "Consent — Its Medico-legal Aspects." Medicine Update (2007): 883-
887.
19. Corona, Lauren E., et al. "Use of other treatments before hysterectomy for benign
conditions in a statewide hospital collaborative." American journal of obstetrics and
gynecology212.3 (2015): 304-e1.
20. Dhanireddy, Shireesha, et al. "The urban underserved: attitudes towards gaining full
access to electronic medical records." Health Expectations 17.5 (2014): 724-732.
21. Ernst, M. E., et al. "Medication discrepancies in an outpatient electronic medical record."
American Journal of Health-System Pharmacy 58.21 (2001): 2072-2075.
22. Eysenbach, Gunther and Alejandro R. Jadad. "Evidence-based Patient Choice and
Consumer health informatics in the Internet age." Journal of Medical Internet Research
3.2 (2001).
32MEDICAL LAW
23. Flint, Alexander C., et al. "Impact of increased early statin administration on ischemic
stroke outcomes: a multicenter electronic medical record intervention." Journal of the
American Heart Association 5.8 (2016): e003413.
24. Fritz, Fleur, Binyam Tilahun, and Martin Dugas. "Success criteria for electronic medical
record implementations in low-resource settings: a systematic review." Journal of the
American Medical Informatics Association 22.2 (2015): 479-488.
25. Gellert, George A., Ricardo Ramirez, and S. Luke Webster. "The rise of the medical
scribe industry: implications for the advancement of electronic health
records." Jama 313.13 (2015): 1315-1316.
26. Goldstein, Benjamin A., et al. "Opportunities and challenges in developing risk
prediction models with electronic health records data: a systematic review." Journal of
the American Medical Informatics Association 24.1 (2017): 198-208.
27. Gottlieb, Laura M., et al. "Moving electronic medical records upstream: incorporating
social determinants of health." American Journal of Preventive Medicine 48.2 (2015):
215-218.
28. Hillestad, Richard, et al. "Can electronic medical record systems transform health care?
Potential health benefits, savings, and costs." Health affairs 24.5 (2005): 1103-1117.
29. Islam, SM Riazul, et al. "The internet of things for health care: a comprehensive
survey." IEEE Access 3 (2015): 678-708.
30. Kaushik, Anjali, and Aparna Raman. "The new data-driven enterprise architecture for e-
healthcare: Lessons from the Indian public sector." Government Information
Quarterly 32.1 (2015): 63-74.
23. Flint, Alexander C., et al. "Impact of increased early statin administration on ischemic
stroke outcomes: a multicenter electronic medical record intervention." Journal of the
American Heart Association 5.8 (2016): e003413.
24. Fritz, Fleur, Binyam Tilahun, and Martin Dugas. "Success criteria for electronic medical
record implementations in low-resource settings: a systematic review." Journal of the
American Medical Informatics Association 22.2 (2015): 479-488.
25. Gellert, George A., Ricardo Ramirez, and S. Luke Webster. "The rise of the medical
scribe industry: implications for the advancement of electronic health
records." Jama 313.13 (2015): 1315-1316.
26. Goldstein, Benjamin A., et al. "Opportunities and challenges in developing risk
prediction models with electronic health records data: a systematic review." Journal of
the American Medical Informatics Association 24.1 (2017): 198-208.
27. Gottlieb, Laura M., et al. "Moving electronic medical records upstream: incorporating
social determinants of health." American Journal of Preventive Medicine 48.2 (2015):
215-218.
28. Hillestad, Richard, et al. "Can electronic medical record systems transform health care?
Potential health benefits, savings, and costs." Health affairs 24.5 (2005): 1103-1117.
29. Islam, SM Riazul, et al. "The internet of things for health care: a comprehensive
survey." IEEE Access 3 (2015): 678-708.
30. Kaushik, Anjali, and Aparna Raman. "The new data-driven enterprise architecture for e-
healthcare: Lessons from the Indian public sector." Government Information
Quarterly 32.1 (2015): 63-74.
33MEDICAL LAW
31. Koo, Charles C. and Yuh-Ming Shyy. Washington, DC: Patent U.S. Patent No.
6,874,085. 2005.
32. Liao, Katherine P., et al. "Development of phenotype algorithms using electronic medical
records and incorporating natural language processing." Bmj 350 (2015): h1885.
33. Li, Ming, et al. "Securing Personal Health Records in Cloud Computing: Patient-Centric
and Fine-Grained Data Access Control in Multi-owner Settings." International
conference on security and privacy in communication systems. Berlin, Heidelberg:
Springer, 2010. 89-106.
34. Li, Zhuo-Rong, et al. "A secure electronic medical record sharing mechanism in the
cloud computing platform." IEEE 15th International Symposium on Consumer
Electronics (ISCE). IEEE, 2011. 98-103.
35. Ludwick, D. A. and John Doucette. "Adopting electronic medical records in primary
care: lessons learned from health information systems implementation experience in
seven countries." International Journal of Medical Informatics 78.1 (2009): 22-31.
36. Mathiharan, Karunakaran. "Law on consent and confidentiality in India: A need for
clarity." The National Medical Journal of India 27 (2014): 39-42.
37. Nguyen, Lemai, Emilia Bellucci, and Linh Thuy Nguyen. "Electronic health records
implementation: an evaluation of information system impact and contingency
factors." International journal of medical informatics 83.11 (2014): 779-796.
38. Patil, Harsh Kupwade and Ravi Seshadri. "Big Data Security and Privacy Issues in
Healthcare." IEEE International Congress on Big Data. IEEE, 2014. 762-765.
39. Rodwin, Marc A. "Patient Data: Property, Privacy & the Public Interest." American
journal of law & medicine 36.4 (2010): 586-618.
31. Koo, Charles C. and Yuh-Ming Shyy. Washington, DC: Patent U.S. Patent No.
6,874,085. 2005.
32. Liao, Katherine P., et al. "Development of phenotype algorithms using electronic medical
records and incorporating natural language processing." Bmj 350 (2015): h1885.
33. Li, Ming, et al. "Securing Personal Health Records in Cloud Computing: Patient-Centric
and Fine-Grained Data Access Control in Multi-owner Settings." International
conference on security and privacy in communication systems. Berlin, Heidelberg:
Springer, 2010. 89-106.
34. Li, Zhuo-Rong, et al. "A secure electronic medical record sharing mechanism in the
cloud computing platform." IEEE 15th International Symposium on Consumer
Electronics (ISCE). IEEE, 2011. 98-103.
35. Ludwick, D. A. and John Doucette. "Adopting electronic medical records in primary
care: lessons learned from health information systems implementation experience in
seven countries." International Journal of Medical Informatics 78.1 (2009): 22-31.
36. Mathiharan, Karunakaran. "Law on consent and confidentiality in India: A need for
clarity." The National Medical Journal of India 27 (2014): 39-42.
37. Nguyen, Lemai, Emilia Bellucci, and Linh Thuy Nguyen. "Electronic health records
implementation: an evaluation of information system impact and contingency
factors." International journal of medical informatics 83.11 (2014): 779-796.
38. Patil, Harsh Kupwade and Ravi Seshadri. "Big Data Security and Privacy Issues in
Healthcare." IEEE International Congress on Big Data. IEEE, 2014. 762-765.
39. Rodwin, Marc A. "Patient Data: Property, Privacy & the Public Interest." American
journal of law & medicine 36.4 (2010): 586-618.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
34MEDICAL LAW
40. Srivastava, Shirish C., and G. Shainesh. "Bridging the Service Divide through Digitally
Enabled Service innovations; Evidence from Indian Health Care Service Providers." MIS
Q 39.1 (2015).
41. Tang, Paul C., et al. "Personal Health Records: Definitions, Benefits, and Strategies for
Overcoming Barriers to Adoption." Journal of the American Medical Informatics
Association 13.2 (2006): 121–126.
42. Thompson, Gwen, et al. "Impact of the electronic medical record on mortality, length of
stay, and cost in the hospital and ICU: a systematic review and metaanalysis." Critical
care medicine 43.6 (2015): 1276-1282.
43. Walsh, Stephen H. "The clinician's perspective on electronic health records and how they
can affect patient care." Bmj 328.7449 (2004): 1184-1187.
44. Wilkowska, Wiktoria and Martina Ziefle. "Privacy and data security in E-health:
Requirements from the user’s perspective." Health Informatics Journal 18.3 (2012): 191-
201.
45. Zahabi, Maryam, David B. Kaber, and Manida Swangnetr. "Usability and safety in
electronic medical records interface design: a review of recent literature and guideline
formulation." Human factors 57.5 (2015): 805-834.
40. Srivastava, Shirish C., and G. Shainesh. "Bridging the Service Divide through Digitally
Enabled Service innovations; Evidence from Indian Health Care Service Providers." MIS
Q 39.1 (2015).
41. Tang, Paul C., et al. "Personal Health Records: Definitions, Benefits, and Strategies for
Overcoming Barriers to Adoption." Journal of the American Medical Informatics
Association 13.2 (2006): 121–126.
42. Thompson, Gwen, et al. "Impact of the electronic medical record on mortality, length of
stay, and cost in the hospital and ICU: a systematic review and metaanalysis." Critical
care medicine 43.6 (2015): 1276-1282.
43. Walsh, Stephen H. "The clinician's perspective on electronic health records and how they
can affect patient care." Bmj 328.7449 (2004): 1184-1187.
44. Wilkowska, Wiktoria and Martina Ziefle. "Privacy and data security in E-health:
Requirements from the user’s perspective." Health Informatics Journal 18.3 (2012): 191-
201.
45. Zahabi, Maryam, David B. Kaber, and Manida Swangnetr. "Usability and safety in
electronic medical records interface design: a review of recent literature and guideline
formulation." Human factors 57.5 (2015): 805-834.
35MEDICAL LAW
1 out of 36
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.