[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Patient medical files on Net
WSJ - 2/20/96, page B1
"Click! Doctor to Post Patient Files on Net" by G. Bruce Knecht
"An audacious experiment ...
[snip]
"Deep in the heart of Appalachian coal country, a doctor is about to
put his patients' records on the World Wide Web. The Doctor, Bruce
Merkin, works at a community health clinic in Wayne, W. Va."
[snip]
"Dr. Merkin and Vasudevan Jagan-nathaniel, a West Virginia University
professor who is responsible for developing the software for the
system, say they have yet to decide how secure the system should be.
At one extreme, they could encrypt the information, offering the
highest possible degree of protection. But encryption is expensive
and time consuming and thus could hinder the goals of cutting costs
and rapidly transmitting information."
[snip]
Cypherpunks:
The WSJ report seems to indicate that the system is to be deployed
without any encryption safeguards.
After talking by phone to Lee Oxley ([email protected]) at Valley
Health in Wayne, WV, I got clarifications of what was in the WSJ
story. The present pilot system is an intranet system with dedicated
frame relay links and does use encryption. Eventually they may deploy
a system that would be internet based. They are considering how much
protection to put into the system. The reference in the article about
encryption costs was intended to be about CPU cycles not dollars.
Vasudevan Jagan-nathaniel's email address is [email protected]
Some obvious proposals would be to use something like SSL to do server
to workstation encryption. I don't know what issues may exist such as
the effort to install SSL, key management, and processing delays due
to session keys and traffic encryption. In addition, how could an
on-call doctor access patient records through an ISP and maintain
patient privacy. An obvious issue (which I know have been discussed
on this list) has to do with the trade-off between key size and
privacy.
Any other thoughts?
Martin G. Diehl