- <!doctype html public "-//w3c//dtd html 4.0 transitional//en">
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="ProgId" content="Word.Document">
- <meta name="Generator" content="Microsoft Word 9">
- <meta name="Originator" content="Microsoft Word 9">
- <meta name="GENERATOR" content="Mozilla/4.76 [en] (Windows NT 5.0; U) [Netscape]">
- <title>Are Health Professionals meeting the minimum-security requirements for
- Health Information Systems (HIS) in the New Zealand Hea</title>
- <link rel=File-List href="./HIS%20Security%20Article_files/filelist.xml">
- <link rel=Edit-Time-Data href="./HIS%20Security%20Article_files/editdata.mso">
- <!--[if !mso]>
- <style>
- v\:* {behavior:url(#default#VML);}
- o\:* {behavior:url(#default#VML);}
- w\:* {behavior:url(#default#VML);}
- .shape {behavior:url(#default#VML);}
- </style>
- <![endif]-->
- <!--[if gte mso 9]><xml>
- <o:DocumentProperties>
- <o:Author>Roeters</o:Author>
- <o:LastAuthor>Roeters</o:LastAuthor>
- <o:Revision>2</o:Revision>
- <o:TotalTime>375</o:TotalTime>
- <o:LastPrinted>2002-06-23T05:12:00Z</o:LastPrinted>
- <o:Created>2002-06-24T10:16:00Z</o:Created>
- <o:LastSaved>2002-06-24T10:16:00Z</o:LastSaved>
- <o:Pages>13</o:Pages>
- <o:Words>4813</o:Words>
- <o:Characters>27437</o:Characters>
- <o:Lines>228</o:Lines>
- <o:Paragraphs>54</o:Paragraphs>
- <o:CharactersWithSpaces>33694</o:CharactersWithSpaces>
- <o:Version>9.2720</o:Version>
- </o:DocumentProperties>
- </xml><![endif]-->
- <!--[if gte mso 9]><xml>
- <w:WordDocument>
- <w:DrawingGridHorizontalSpacing>4.5 pt</w:DrawingGridHorizontalSpacing>
- <w:DisplayHorizontalDrawingGridEvery>2</w:DisplayHorizontalDrawingGridEvery>
- <w:DisplayVerticalDrawingGridEvery>2</w:DisplayVerticalDrawingGridEvery>
- </w:WordDocument>
- </xml><![endif]-->
- <style>
- <!--
- /* Font Definitions */
- @font-face
- {font-family:Times;
- panose-1:0 0 0 0 0 0 0 0 0 0;
- mso-font-alt:"Times New Roman";
- mso-font-charset:0;
- mso-generic-font-family:roman;
- mso-font-format:other;
- mso-font-pitch:variable;
- mso-font-signature:3 0 0 0 1 0;}
- @font-face
- {font-family:Wingdings;
- panose-1:5 0 0 0 0 0 0 0 0 0;
- mso-font-charset:2;
- mso-generic-font-family:auto;
- mso-font-pitch:variable;
- mso-font-signature:0 268435456 0 0 -2147483648 0;}
- /* Style Definitions */
- p.MsoNormal, li.MsoNormal, div.MsoNormal
- {mso-style-parent:"";
- margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";
- mso-ansi-language:EN-NZ;}
- h1
- {mso-style-next:Normal;
- margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- page-break-after:avoid;
- mso-outline-level:1;
- mso-layout-grid-align:none;
- text-autospace:none;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-font-kerning:0pt;
- mso-ansi-language:EN-NZ;
- font-weight:bold;}
- h2
- {mso-style-next:Normal;
- margin-top:12.0pt;
- margin-right:0cm;
- margin-bottom:3.0pt;
- margin-left:0cm;
- mso-pagination:widow-orphan;
- page-break-after:avoid;
- mso-outline-level:2;
- font-size:14.0pt;
- font-family:Arial;
- mso-ansi-language:EN-NZ;
- font-weight:bold;
- font-style:italic;}
- h3
- {mso-style-next:Normal;
- margin-top:12.0pt;
- margin-right:0cm;
- margin-bottom:3.0pt;
- margin-left:0cm;
- mso-pagination:widow-orphan;
- page-break-after:avoid;
- mso-outline-level:3;
- font-size:13.0pt;
- font-family:Arial;
- mso-ansi-language:EN-NZ;
- font-weight:bold;}
- h4
- {mso-style-next:Normal;
- margin:0cm;
- margin-bottom:.0001pt;
- text-align:center;
- mso-pagination:widow-orphan;
- page-break-after:avoid;
- mso-outline-level:4;
- font-size:18.0pt;
- mso-bidi-font-size:12.0pt;
- font-family:"Times New Roman";
- color:#FF6600;
- mso-ansi-language:EN-NZ;
- font-weight:bold;}
- h5
- {mso-style-next:Normal;
- margin:0cm;
- margin-bottom:.0001pt;
- text-align:center;
- mso-pagination:widow-orphan;
- page-break-after:avoid;
- mso-outline-level:5;
- font-size:12.0pt;
- font-family:"Times New Roman";
- color:#FF6600;
- mso-ansi-language:EN-NZ;
- font-weight:bold;}
- h6
- {mso-style-next:Normal;
- margin:0cm;
- margin-bottom:.0001pt;
- text-align:center;
- mso-pagination:widow-orphan;
- page-break-after:avoid;
- mso-outline-level:6;
- font-size:18.0pt;
- mso-bidi-font-size:12.0pt;
- font-family:"Times New Roman";
- color:red;
- mso-ansi-language:EN-NZ;
- font-weight:normal;}
- p.MsoHeader, li.MsoHeader, div.MsoHeader
- {margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- tab-stops:center 216.0pt right 432.0pt;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";
- mso-ansi-language:EN-NZ;}
- p.MsoFooter, li.MsoFooter, div.MsoFooter
- {margin:0cm;
- margin-bottom:.0001pt;
- mso-pagination:widow-orphan;
- tab-stops:center 216.0pt right 432.0pt;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";
- mso-ansi-language:EN-NZ;}
- p.MsoBodyText, li.MsoBodyText, div.MsoBodyText
- {margin:0cm;
- margin-bottom:.0001pt;
- text-align:center;
- mso-pagination:widow-orphan;
- font-size:26.0pt;
- mso-bidi-font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";
- mso-ansi-language:EN-NZ;
- font-weight:bold;}
- p.MsoBodyText2, li.MsoBodyText2, div.MsoBodyText2
- {margin:0cm;
- margin-bottom:.0001pt;
- text-align:center;
- mso-pagination:widow-orphan;
- font-size:18.0pt;
- mso-bidi-font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";
- mso-ansi-language:EN-NZ;
- font-weight:bold;}
- p.MsoBodyText3, li.MsoBodyText3, div.MsoBodyText3
- {margin-right:36.0pt;
- mso-margin-top-alt:auto;
- mso-margin-bottom-alt:auto;
- margin-left:0cm;
- mso-pagination:widow-orphan;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";
- mso-ansi-language:EN-NZ;}
- a:link, span.MsoHyperlink
- {color:#3366FF;
- mso-text-animation:none;
- text-decoration:none;
- text-underline:none;
- text-decoration:none;
- text-line-through:none;}
- a:visited, span.MsoHyperlinkFollowed
- {color:purple;
- text-decoration:underline;
- text-underline:single;}
- p
- {margin-right:0cm;
- mso-margin-top-alt:auto;
- mso-margin-bottom-alt:auto;
- margin-left:0cm;
- mso-pagination:widow-orphan;
- font-size:12.0pt;
- font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";}
- @page Section1
- {size:612.0pt 792.0pt;
- margin:72.0pt 67.5pt 72.0pt 89.85pt;
- mso-header-margin:36.0pt;
- mso-footer-margin:36.0pt;
- mso-footer:url("./HIS%20Security%20Article_files/header.htm") f1;
- mso-paper-source:0;}
- div.Section1
- {page:Section1;}
- /* List Definitions */
- @list l0
- {mso-list-id:289629960;
- mso-list-type:hybrid;
- mso-list-template-ids:-1338986014 67698699 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l0:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0D8;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Wingdings;}
- @list l1
- {mso-list-id:377508630;
- mso-list-type:hybrid;
- mso-list-template-ids:327719292 67698693 -1574797304 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l1:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0A7;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Wingdings;}
- @list l1:level2
- {mso-level-number-format:bullet;
- mso-level-text:-;
- mso-level-tab-stop:72.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- mso-hansi-font-family:"Courier New";}
- @list l2
- {mso-list-id:405153843;
- mso-list-type:hybrid;
- mso-list-template-ids:-1012652276 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l2:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l3
- {mso-list-id:437481626;
- mso-list-type:hybrid;
- mso-list-template-ids:908209518 727194324 -1903503524 -1810073082 -1383988242 530625538 1027617828 -1501416064 -572198782 745313210;}
- @list l3:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0B7;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- mso-ansi-font-size:10.0pt;
- font-family:Symbol;}
- @list l4
- {mso-list-id:457601054;
- mso-list-type:hybrid;
- mso-list-template-ids:-252797428 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l4:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l5
- {mso-list-id:509223363;
- mso-list-type:hybrid;
- mso-list-template-ids:-862960568 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l5:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l6
- {mso-list-id:624196186;
- mso-list-type:hybrid;
- mso-list-template-ids:540710594 1852235690 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l6:level1
- {mso-level-text:"\(%1\)";
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l7
- {mso-list-id:626394540;
- mso-list-type:hybrid;
- mso-list-template-ids:-1807686718 1064075432 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l7:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l8
- {mso-list-id:729573967;
- mso-list-type:hybrid;
- mso-list-template-ids:725881758 -2094762376 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l8:level1
- {mso-level-start-at:3;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l9
- {mso-list-id:745806464;
- mso-list-type:hybrid;
- mso-list-template-ids:-806993424 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l9:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l10
- {mso-list-id:769817223;
- mso-list-type:hybrid;
- mso-list-template-ids:-604569862 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l10:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l11
- {mso-list-id:786315730;
- mso-list-type:hybrid;
- mso-list-template-ids:-166553744 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l11:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l12
- {mso-list-id:795878757;
- mso-list-type:hybrid;
- mso-list-template-ids:-1584597906 67698693 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l12:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0A7;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Wingdings;}
- @list l13
- {mso-list-id:855536290;
- mso-list-type:hybrid;
- mso-list-template-ids:292432524 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l13:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l14
- {mso-list-id:983659878;
- mso-list-type:hybrid;
- mso-list-template-ids:645174470 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l14:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l15
- {mso-list-id:1084449174;
- mso-list-type:hybrid;
- mso-list-template-ids:327719292 67698693 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l15:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0A7;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Wingdings;}
- @list l15:level2
- {mso-level-number-format:bullet;
- mso-level-text:o;
- mso-level-tab-stop:72.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:"Courier New";
- mso-bidi-font-family:"Times New Roman";}
- @list l16
- {mso-list-id:1149245338;
- mso-list-type:hybrid;
- mso-list-template-ids:1418077430 1577494842 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l16:level1
- {mso-level-start-at:7;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l17
- {mso-list-id:1205101956;
- mso-list-type:hybrid;
- mso-list-template-ids:327719292 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l17:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0B7;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Symbol;}
- @list l17:level2
- {mso-level-number-format:bullet;
- mso-level-text:o;
- mso-level-tab-stop:72.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:"Courier New";
- mso-bidi-font-family:"Times New Roman";}
- @list l18
- {mso-list-id:1233125716;
- mso-list-type:hybrid;
- mso-list-template-ids:1521675316 67698699 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l18:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0D8;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Wingdings;}
- @list l19
- {mso-list-id:1282688750;
- mso-list-type:hybrid;
- mso-list-template-ids:-1252731814 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l19:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l20
- {mso-list-id:1466117749;
- mso-list-type:hybrid;
- mso-list-template-ids:-130380868 67698693 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l20:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0A7;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Wingdings;}
- @list l21
- {mso-list-id:1509981021;
- mso-list-type:hybrid;
- mso-list-template-ids:-1034256722 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l21:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l22
- {mso-list-id:1552420186;
- mso-list-type:hybrid;
- mso-list-template-ids:-1225741922 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l22:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l23
- {mso-list-id:1665625288;
- mso-list-type:hybrid;
- mso-list-template-ids:2025460 -2094762376 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l23:level1
- {mso-level-start-at:3;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l24
- {mso-list-id:1779372754;
- mso-list-type:hybrid;
- mso-list-template-ids:908209518 67698703 -1903503524 -1810073082 -1383988242 530625538 1027617828 -1501416064 -572198782 745313210;}
- @list l24:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l25
- {mso-list-id:2032487604;
- mso-list-type:hybrid;
- mso-list-template-ids:-1183565534 800498216 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l25:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l26
- {mso-list-id:2043552466;
- mso-list-type:hybrid;
- mso-list-template-ids:410292904 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
- @list l26:level1
- {mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;}
- @list l27
- {mso-list-id:2061512608;
- mso-list-type:hybrid;
- mso-list-template-ids:-1385551382 67698699 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
- @list l27:level1
- {mso-level-number-format:bullet;
- mso-level-text:\F0D8;
- mso-level-tab-stop:36.0pt;
- mso-level-number-position:left;
- text-indent:-18.0pt;
- font-family:Wingdings;}
- @list l23:level1 lfo26
- {mso-level-start-at:1;}
- ol
- {margin-bottom:0cm;}
- ul
- {margin-bottom:0cm;}
- -->
- </style>
- <!--[if gte mso 9]><xml>
- <o:shapedefaults v:ext="edit" spidmax="2050"/>
- </xml><![endif]-->
- <!--[if gte mso 9]><xml>
- <o:shapelayout v:ext="edit">
- <o:idmap v:ext="edit" data="1"/>
- </o:shapelayout></xml><![endif]-->
- </head>
- <body link="#3366FF" vlink="#800080" lang="EN-US" style="tab-interval:36.0pt">
-
- <div class=Section1>
- <center>
- <h1>
- <font color="#000000">Original paper</font></h1></center>
-
- <p>
- <br>
- <br>
- <br>
- <br>
- <br>
-
- <p class="MsoNormal"><b><font color="#000000">Are Health Professionals
- meeting the minimum-security requirements for Health Information Systems
- (HIS) in the New Zealand Health Service? (A pilot study in Residential
- Care)</font></b>
- <br>
- <br>
- <br>
- <br>
- <center>
- <p><span lang=EN-NZ><font color="#000000">Han Roeters</span><span lang=EN-NZ style='font-family:Times'><sup>12</span><span
- lang=EN-NZ></sup>
- and Alec Holt</span><span lang=EN-NZ style='font-family:Times'><sup>3</sup></font></span>
- <p><span lang=EN-NZ></span></center>
-
-
- <p class="MsoNormal"><span lang=EN-NZ style='font-family:Times'><font color="#000000"><sup>1 </span><span
- lang=EN-NZ></sup>Manager,
- Reevedon Elderly Care Complex, PO Box 142, Levin 5500, New Zealand.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ style='font-family:Times'><font color="#000000"><sup>2 </span><span
- lang=EN-NZ></sup>Health
- Informatics Group, University of Otago, Wellington School of Medicine,
- Wellington, New Zealand.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ style='font-family:Times'><font color="#000000"><sup>3</span><span
- lang=EN-NZ></sup>
- Health Informatics Group, Department of Information Science, University
- of Otago, Dunedin, New Zealand</font></span>
- <center>
- <p><span lang=EN-NZ></span></center>
-
-
- <p class="MsoHeader" style="tab-stops:36.0pt"><span lang=EN-NZ><font color="#000000">Corresponding
- Author</font></span>
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Han Roeters</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Health Informatics
- Group</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">University
- of Otago</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Dunedin </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">New Zealand</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Email: <span style='color:windowtext'><a href="mailto:roeters.nz@xtra.co.nz">roeters.nz@xtra.co.nz</a></font></span></span></div>
-
- <p><br><span lang=EN-NZ style='font-size:12.0pt;font-family:"Times New Roman";
- mso-fareast-font-family:"Times New Roman";color:maroon;mso-ansi-language:EN-NZ;
- mso-fareast-language:EN-US;mso-bidi-language:AR-SA'>
- <br>
- <h3>
- <span lang=EN-NZ><font color="#000000">Abstract </font></span></h3>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b>Background:</span><span lang=EN-NZ></b>
- Due to the accelerating development of technology and the globalisation
- of HIS, it is becoming increasingly important for health professionals
- to implement and maintain security measures for their HIS.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b>Objective:</span><span lang=EN-NZ></b>
- This research compares, British, American and New Zealand HIS security
- standards and researches minimum-security requirements available to compare
- this with the results of a survey in the NZ Residential Care Industry.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b>Methods</span><span lang=EN-NZ></b>:
- The research is a cross-sectional study that evaluates and compares descriptive
- qualitative data derived from a population sample by means of a questionnaire,
- and literature research with descriptive qualitative data on minimum-security
- requirements from other studies, established standards or legislation and
- literature. </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">A survey
- is designed and conducted in the facilities of a large residential (elderly)
- care provider in New Zealand. It is targeted to Managers, Care Managers,
- Registered Nurses and Administrators. The questionnaire investigates how
- HIS security in the residential care industry compares.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b>Results:</span><span lang=EN-NZ></b>
- The results of the literature search failed to return minimum-security
- requirements for HIS for any of the countries targeted in the research.
- The survey had a 58% return rate, this equates to a sample population of
- 28. Compliance with minimum-security requirements was below 50%. Statistics
- and graphs were designed and calculated in MSExcel with PHStat add-inn.</font></span></div>
-
-
- <p class="MsoNormal"><span lang=EN-NZ><b><font color="#000000">Conclusions: </font></b></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">Minimum-security
- requirements establish an important basis for consistency in developing
- health companies HIS security policies and procedures. Continuation of
- inconsistency in security procedures jeopardises the quality of patient
- care, the HIS and increases risk of litigation for health professionals
- and organizations. The minimum-security requirements in the NZ residential
- care industry are severely compromised and the risk of security breaches
- and data loss is high. Minimum-security requirements for HIS in the targeted
- countries are not available.</font></span>
-
- <p class="MsoHeader" style="tab-stops:36.0pt"><span lang=EN-NZ><font color="#000000">In
- this article the terms privacy, confidentiality, and security are used
- as defined by </font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">L.Gostin [<span style='color:red'>1</span>]:</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><i><font color="#000000">“Privacy
- is defined as the right of an individual to limit access by others to some
- aspect of the person. </font></i><o:p></o:p></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><i><font color="#000000">Confidentiality
- is a form of information privacy characterized by a special relationship,
- such as the physician-patient relationship. Personal information obtained
- in the course of this relationship should not be revealed to others unless
- the patient is first made aware and consents to the disclosure.</font></i><o:p></o:p></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><i><font color="#000000">Security
- encompasses a set of technical and administrative procedures designed to
- protect data systems against unwanted disclosure, modification, or destruction
- and to safeguard the system itself.”</font></i><o:p></o:p></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span>
- <h3>
- <span lang=EN-NZ><font color="#000000">Keywords</font></span></h3>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Security,
- Health Information Systems, Privacy, Confidentiality, New Zealand, Residential
- Care.</font></span></div>
-
- <h3>
- <span lang=EN-NZ><font color="#000000">Introduction</font></span></h3>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Since the
- 1990’s the use of computerised HIS in New Zealand and other first world
- countries has developed at an accelerating pace. In conjunction with this
- the <i>“concerns about privacy transcend the health care setting. Americans
- believe that their privacy rights are not adequately protected”</i> [<span style='color:#FF6600'>2</span>].
- These concerns were reflected in other countries including New Zealand.
- The New Zealand government developed the Health Information Privacy Code
- 1994 (http://www.knowledge-basket.co.nz/privacy/comply/HIPCWWW.pdf)
- to ensure privacy of health information.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">It is becoming
- increasingly difficult for the lawmakers to stay in line with new developments
- in our ever-accelerating technology. Privacy and security requirements
- are no exception.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><i>“With
- the advance of technology have come a variety of challenges to our privacy.
- It’s not that the Internet causes loss of privacy-but it has made us more
- aware of the issues surrounding privacy. The complexities involved in maintaining
- our privacy and security in a world where information is increasingly public
- can be daunting.”</span><span
- lang=EN-NZ></i> [<span style='color:#FF6600'>3</span>].
- Compounding this problem is the globalisation of information and the lack
- of global legislation to protect the privacy of our health information,
- <i>“it
- is easy to understand why some kinds of information should be accorded
- special status and legal protection based on their sensitivity and the
- great damage that can occur from unconsented disclosure.”</i>[<span style='color:#FF6600'>4</span>].
- The protection of our health information is imperative to maintaining the
- individual’s privacy.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><i>“The essence
- of security is to protect the availability, integrity and confidentiality
- of data and systems”</span><span
- lang=EN-NZ></i>[<span style='color:#FF6600'>5</span>].
- The lack of security has the potential to put: the patient, the clinician,
- the system and the organization at risk, the reason is that medical organizations
- <i>“tend
- to focus our greatest emphasis on patient care. But once you understand
- how profoundly a lack of IT security can effect your organization, right
- down to the clinical level, you come to appreciate the importance of it.”</i>[<span
- style='color:#FF6600'>6</span>] </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Unfortunately
- <i>“most
- hospitals and health systems don’t understand how much at risk they are”</i>
- [<span
- style='color:#FF6600'>7</span>]. </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Global security
- principles for health information systems do not exist because nobody owns
- or regulates the Internet. Most countries developed their own security
- legislation and principles. It is concerning that HIS have been in generalised
- use since the early 1980’s and most legislation and security guidelines
- originate from the late 1990’s. </font></span></div>
-
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">HIS risk assessment
- and implementation of security measures to ensure a secure, private and
- dynamic HIS is possibly one of the major tasks that the NZ Health Service
- and other countries need to have to deal with.</font></span>
- <br><span lang=EN-NZ style='font-size:13.0pt;font-family:Arial;mso-fareast-font-family:
- "Times New Roman";mso-ansi-language:EN-NZ;mso-fareast-language:EN-US;
- mso-bidi-language:AR-SA'>
- <br></span>
- <h3>
- <span lang=EN-NZ><font color="#000000">Methods</font></span></h3>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Comparing
- British, American and New Zealand HIS security principles.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><span style="mso-spacerun: yes"></span></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Dr Ross J.
- Anderson describes 9 security principles for the individual patient record,
- in his research, Security in Clinical Information Systems, which was commissioned
- by the British Medical Association (BMA) they are related to the following
- security elements [<span
- style='color:#FF6600'>8</span>]:</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Access control</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Record opening</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Control</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Consent and notification</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Persistence</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Attribution</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Information flow </font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Aggregation control</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l2 level1 lfo12;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">The trusted computing base</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoBodyText2" style="text-align:left"><span lang=EN-NZ
- style='font-size:12.0pt;font-weight:normal'><font color="#000000">The
- American security principles are found in a recommendation on the Health
- Insurance Portability and Accountability Act 1996 (HIPAA).</font><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><span style="mso-spacerun:
- yes"></span><font color="#000000"><i>“
- The Department of Health and Human Services has previously sent Congress
- recommendations for legislation to protect health information, which set
- forth the following 5 key principles </span><span lang=EN-NZ></i>[<span
- style='color:#FF6600'>9</span>]:</font><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l10 level1 lfo13;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">Boundaries</font></i><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l10 level1 lfo13;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">Security</font></i><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l10 level1 lfo13;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">Consumer control</font></i><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l10 level1 lfo13;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">Accountability</font></i><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l10 level1 lfo13;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">Public responsibility” </font></i><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">The American
- Congress adopted these principles during the discussions of the HIPAA bill.
- HHS (Department of health and Human services) and announced a final rule
- for the electronic standards for healthcare transactions in December 2000.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">The British
- and American security principles are incorporated in New Zealand in the
- health Information Privacy Code 1994 and the New Zealand security principles
- for health information standards for the NZ Health Intranet, which ensure
- that three security components are maintained [<span style='color:#FF6600'>10</span>]:</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l13 level1 lfo14;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">“System integrity - the
- functionality of the computer system should be maintained with all modules
- and subsystems functioning properly and in the way that the user expects
- and believes them to be operating </font></i><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l13 level1 lfo14;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><!--[if gte vml 1]><v:shapetype id="_x0000_t75" coordsize="21600,21600"
- o:spt="75" o:preferrelative="t" path="m@4@5l@4@11@9@11@9@5xe" filled="f"
- stroked="f">
- <v:stroke joinstyle="miter"/>
- <v:formulas>
- <v:f eqn="if lineDrawn pixelLineWidth 0"/>
- <v:f eqn="sum @0 1 0"/>
- <v:f eqn="sum 0 0 @1"/>
- <v:f eqn="prod @2 1 2"/>
- <v:f eqn="prod @3 21600 pixelWidth"/>
- <v:f eqn="prod @3 21600 pixelHeight"/>
- <v:f eqn="sum @0 0 1"/>
- <v:f eqn="prod @6 1 2"/>
- <v:f eqn="prod @7 21600 pixelWidth"/>
- <v:f eqn="sum @8 21600 0"/>
- <v:f eqn="prod @7 21600 pixelHeight"/>
- <v:f eqn="sum @10 21600 0"/>
- </v:formulas>
- <v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect"/>
- <o:lock v:ext="edit" aspectratio="t"/>
- </v:shapetype><v:shape id="_x0000_i1025" type="#_x0000_t75" alt=""
- style='width:.75pt;height:13.5pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image001.gif" o:href="http://www.nzhis.govt.nz/gfx/li.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image001.gif" BORDER=0 v:shapes="_x0000_i1025" height=18 width=1><![endif]><i><font color="#000000">Data
- availability - the data stored are preserved from damage or disorganisation,
- and are available to the user as and when required </font></i><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l13 level1 lfo14;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><!--[if gte vml 1]><v:shape id="_x0000_i1026" type="#_x0000_t75"
- alt="" style='width:.75pt;height:13.5pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image001.gif" o:href="http://www.nzhis.govt.nz/gfx/li.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image001.gif" BORDER=0 v:shapes="_x0000_i1026" height=18 width=1><![endif]><i><font color="#000000">Information
- privacy - the personal and confidential material stored is protected from
- access by unauthorised personnel, and is available only to those with a
- need to know and with the necessary privilege and authority to access it.” </font></i><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">The New Zealand
- security principles for health information standards for the NZ Health
- Intranet consist of 6 principles [<span style='color:#FF6600'>11</span>]:</font></span></div>
-
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l19 level1 lfo15;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Confidentiality</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l19 level1 lfo15;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Integrity</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l19 level1 lfo15;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Authenticity</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l19 level1 lfo15;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Non-repudiation</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l19 level1 lfo15;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Auditing</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l19 level1 lfo15;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Accountability</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">In addition
- the NZ Health Information Privacy act provides the following Health Information
- Privacy Rules [<span
- style='color:#FF6600'>12</span>]:</font></span></div>
-
- <div class="MsoNormal"><span style='font-size:11.0pt;mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoHeader" style="margin-left:36.0pt;text-indent:-18.0pt;mso-list:l5 level1 lfo16;
- tab-stops:list 36.0pt"><![if !supportLists]><span lang=EN-NZ><font color="#000000">1.<span
- style='font:7.0pt "Times New Roman"'></span></span><![endif]><span
- lang=EN-NZ>Purpose
- of collection of health information</font></span></div>
-
- <ol style='margin-top:0cm' start=2 type=1>
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Source of health information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Collection of health information
- from individual</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Manner of collection of health
- information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Storage and security of health
- information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Access to personal health
- information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Correction of health information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Accuracy etc of health information
- to be checked before use</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Retention of health information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Limits on use of health information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Limits on disclosure of health
- information</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l5 level1 lfo16;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Unique identifiers</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span style='font-size:11.0pt;mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Although
- all these standards are important building blocks for secure HIS and EDI
- (Electronic Data Interchange) they do not establish consistent minimum-security
- requirements.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">With the
- establishment of NZ e-government some progress is made towards the implementation
- of minimum standard. In the document on minimum standards for Internet
- Security in the New Zealand Government the following policies and guidelines
- for security management standards are set [<span style='color:red'>13</span>]:</font></span></div>
-
- <ul style='margin-top:0cm' type=disc>
- <li class="MsoNormal" style="mso-list:l17 level1 lfo25;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">“An IS management system
- following AS/NZS17799 Information Security Management (available from www.standards.co.nz
- )should be employed for all systems processing Government classified (including
- In-confidence) information or hosting government services.</font></i><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l17 level1 lfo25;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><i><font color="#000000">It security risks should
- be managed following the processes in either:</font></i><o:p></o:p></span></li>
- </ul>
-
- <div class="MsoNormal" style="margin-left:72.0pt;text-indent:-18.0pt;mso-list:l1 level2 lfo24;
- tab-stops:list 72.0pt"><![if !supportLists]><span lang=EN-NZ style='mso-hansi-font-family:
- "Courier New";mso-bidi-font-style:italic'><font color="#000000">-<span style='font:7.0pt "Times New Roman"'></span></span><![endif]><span lang=EN-NZ><i>NZ
- Security of IT (MNSIT) Publication 104: Risk Analysis (www.gcsb.govt.nzit/index.htm)
- or</i></font><o:p></o:p></span></div>
-
- <div class="MsoNormal" style="margin-left:72.0pt;text-indent:-18.0pt;mso-list:l1 level2 lfo24;
- tab-stops:list 72.0pt"><![if !supportLists]><span lang=EN-NZ style='mso-hansi-font-family:
- "Courier New";mso-bidi-font-style:italic'><font color="#000000">-<span style='font:7.0pt "Times New Roman"'></span></span><![endif]><span lang=EN-NZ><i>Standards
- New Zealand AS/NZS4360: Risk Management and HB231: IT Risk Management</i></font><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoHeader" style="tab-stops:36.0pt"><span lang=EN-NZ><font color="#000000">The
- document is still in draft form, completion and implementation might take
- several years and Internet security is only one element of HIS Security
- systems</font></span></div>
-
- <div class="MsoHeader" style="tab-stops:36.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><b><font color="#000000">There
- are 5 major barriers to HIS security systems. </font></b><o:p></o:p></span></div>
-
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b><i>First:</span><span
- lang=EN-NZ></span><span lang=EN-NZ></i></b>The
- human factor where required to operate HIS system. Any system is only as
- secure as the weakest link and no system is fully secure. Staff ‘s major
- concern is patient care; this in itself provides a heavy workload. Many
- people think that the greatest security concern for our health information
- is unauthorised on line access by “hackers”, this is possibly due to the
- front page news it makes and the embarrassment it causes when a hacker
- gains access. </font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">However most
- organizations largest concern is internal, <i>“an angry employee or a simple
- mistake is much more likely to occur than an outside hack and is tremendously
- harder to stop”</i> [<span
- style='color:#FF6600'>14</span>], lack of compliance
- with security policies due to other work pressures and /or lack of understanding
- and education would be the next largest concern.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b><i>Second:</span><span
- lang=EN-NZ></i></b>
- There is a lack of global HIS security standards and there is no minimum-security
- requirement that could be reflected in consistent policies and procedures
- throughout the health care industry.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b><i>Third: </span><span
- lang=EN-NZ></i></b>The
- accelerating speed of development of new technology. Technology is developing
- fast than the tool to secure the HIS. This is an ongoing concern that will
- continue to exist. There are a number of countermeasures available to protect
- the HIS. The NZHIS security publications describes that some of these measures
- include [<span style='color:#FF6600'>15</span>]:</font></span>
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l26 level1 lfo17;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Access control (comprising
- up to 3 parts: Something you know, something you have, something unique
- to you)</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l26 level1 lfo17;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Transaction logs and audit
- trails (for system and file access)</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l26 level1 lfo17;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Encryption (of the electronic
- health information prior to transfer)</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l26 level1 lfo17;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Archiving (relating to the
- ease of access, off-line storage and destroying of data)</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l26 level1 lfo17;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Virus protection and software
- fitness (appropriate software for it’s use)</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l26 level1 lfo17;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Informed users (who understand
- the follow the security policies)</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b><i>Fourth:</span><span
- lang=EN-NZ></i></b>
- The cost factor, good security systems are usually expensive to implement
- and there is no tangible evidence that they are effective. Most countries
- have problems stretching the health dollar to meet requirements. HIS security
- does not appear on the priority list.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><b><i>Fifth:</span><span
- lang=EN-NZ></i></b>
- Education, security education is not a common part of the HIS operators
- training.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Security
- is often viewed as an issue the IT department needs to solve and not as
- a common problem.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">To allow
- different health service software applications to communicate with each
- other, Health Level 7 (HL7) protocol was developed as a standard for health
- networks this has been adopted by New Zealand. The HL7 protocol managers
- have appointed a group that will focus on secure transactions and Internet
- security<i>. “The group will focus on the use of HL7 in communications
- environments where there is a need for authentication, encryption, non-repudiation,
- and digital signature. This group will focus on mechanisms for secure HL7
- transactions and not on standardizing security policies.”</i> [<span style='color:#FF6600'>16</span>].</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">It is concerning
- that HL7, which is considered the most advanced and widely adopted data
- transfer protocol is still developing their security mechanisms.</font></span></div>
-
-
- <p class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">To establish
- the degree of risk encountered by individuals and/or the health industry
- is difficult<i>. “The Internet is unlike anything humankind has ever experienced.
- It has no borders, no nationality, few rules, and is restricted only by
- the creativity of its users. As such, it defies many traditional roles
- of government and rules of order. This openness is its greatest strength
- and also its most defining weakness.</i>”[<span
- style='color:red'>17</span>].
- There is a multitude of factors which impact on the degree of risk and
- the Internet is only one aspect of these. Some other aspects are Access,
- System integrity, Date integrity and availability and Confidentiality/Privacy.
- It would be an impossible task to eliminate all the risks, paper based
- HIS have incurred a degree of risk as well. It is beneficial to minimise
- these risks factors because the cost both social and financial can be high. </font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">For example
- if a person’s health information would be available to insurances or employers,
- certain privileges might be denied (justified or not), or a disgruntled
- employee could destroy valuable databases and compromise treatments and/or
- New Zealand health providers could be held liable under the Health Information
- Privacy Act and incur hefty fines.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span>
- <h1 style="mso-layout-grid-align:auto;text-autospace:ideograph-numeric ideograph-other">
- <span
- lang=EN-NZ><font color="#000000">HIS security survey in the Residential
- Care Industry</font></span></h1>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">See Appendix
- one for Survey questions</font></span></div>
-
- <div class="MsoNormal"><span style='mso-ansi-language:EN-US'><font color="#000000">There
- is a difference in nature between the residential care industry (long term
- care) and other health information systems (more acute). In the acute setting
- there is a much higher need for online patient information transfer and
- due to this the protocols are more advanced using Health Level 7 compatible
- programs policies and procedures. Although it would be beneficial, the
- residential care industry in general is not connected to the NZ Health
- Intranet and electronic transfer of patient information is rather the exception
- than the norm. </font><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span style='mso-ansi-language:EN-US'><font color="#000000">To
- ascertain to what level minimum-security requirements in the residential
- care industry are met, </span><span
- lang=EN-NZ>questions were compiled
- from security principles illustrated in the book Protect Yourself on Line
- [<span style='color:red'>18</span>] and NZ Government Security Publications
- [<span style='color:red'>19</span>] </font></span><span
- style='mso-ansi-language:EN-US'><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span style='mso-ansi-language:EN-US'><font color="#000000">The
- questionnaire was structured around the following security areas:</font><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l21 level1 lfo18;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Virus screeners.</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l21 level1 lfo18;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Computer access</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l21 level1 lfo18;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Backup</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l21 level1 lfo18;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Encryption</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l21 level1 lfo18;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Audit trails</font></span></li>
-
- <li class="MsoNormal" style="mso-list:l21 level1 lfo18;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Education</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Structure
- of the 31 questions:</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">First question
- was to establish if staff was eligible to take part in the survey, to reduce
- redundant data. Staff who were not eligible because they did not use computerised
- HIS, were asked to complete demographic data only.18 of the questions had
- yes/no, or yes/no/don’t know answers and there were 8 other security questions.
- The survey finished with 4 demographic questions, which would establish
- the occupation, gender, age group and length of employment.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">If the majority
- 95% (to allow a 5% margin of error) of the questions 2.1 to 7.3 were answered
- correctly the residential care provider would be considered to meet the
- minimum-security requirements for HIS. </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">The mean
- of the yes/no/(don’t know) provides and indication of compliance with minimum-security
- requirements. If the survey mean is high, compliance is high because the
- population answers comply with the preferred answers (see Table 1).</font></span></div>
- <b><font color="#000000">Table1 Preferred answers (Table1.jpeg)</font></b>
- <br>
- <h3>
- <span lang=EN-NZ><font color="#000000">Results</font></span></h3>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">The survey
- was designed in Infopoll Designer [<span style='color:red'>20</span>] and
- transferred to a MSWord format to make this suitable for a mail out and
- targeted to Registered Nurses (RN), Administrators and Managers. After
- approval was obtained from the general manager, 48 Questionnaires were
- distributed by mail and there was a 58% return rate. </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">82 % of the
- returned surveys were staff that used health information systems. 18% of
- this category of staff did not. It is difficult to establish if this is
- a true reflection of the total population of staff. There might be bias
- in the fact that staff that do not use HIS are less likely to return the
- research survey. This 18 % was made up of 1 RN and 4 managers.</font></span></div>
-
- <div class="MsoHeader" style="tab-stops:36.0pt"><span lang=EN-NZ><font color="#000000">The
- acceptable mean would be around 95 </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">The survey
- mean was 41.95, with a standard deviation of 28.76. This means that the
- majority of preferred answers are within 28.76 around the mean. The standard
- error is 6.13 with a 95 % confidence level.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">I am unable
- to compare statistics in regard to compliance with minimum-security standards
- in the NZ health industry because they do not exist. There is only advisory
- material available which does not give a minimum standard. </font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">100% of the
- HIS computers was found to be equipped with a virus screener. There appears
- to be uncertainty about who is responsible to update the virus screener,
- 35 % of the surveyed population said they were not responsible and 26 %
- didn’t know. </font></span></div>
-
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">17% of the
- population updated and scanned their HIS computer fortnightly which is
- considered insufficient, due to the increasing speed of new viruses being
- developed, a minimum of a weekly update and scan is advisable. In addition
- to this 26% is not aware if the virus screener is set on automatic screening
- of all incoming information.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">Control of
- access to the HIS computer is an essential part of minimum-security standards.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">The survey
- results show that 78 % of the surveyed population share HIS computers with
- other staff, 70% share passwords and 48% know passwords of other staff.
- 52% of the computers carry only one password to access the computers and
- 35% carry no password. The majority of passwords are relatively uncomplicated
- (57% consists of letters only and 17% is made up of letters and numbers).
- This makes unauthorised access easy, in addition there are no audit trails
- and 57% of the staff use networked computers. This places the system at
- high risk of undetected unauthorised computer and network access. </font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">The risk of
- unauthorised access is increased; only 30% of the survey results indicate
- that the computers carry a screen saver password. </font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">For the computers
- who do carry passwords access is at risk. Access via an administrator’s
- password is minimal (only 22%) in addition, only 26% of the passwords are
- stored in a safe or comparable safe storage.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">Protection
- of what is considered sensitive information is severely challenged, only
- 48% is password protected and only 4% of the files are encrypted or password
- protected when Emailed, digital signatures are not used which make authentication
- of the sender impossible and interception easy.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">78% of the
- surveyed staff backup their HIS computer, unfortunately 17 % does this
- less than fortnightly. This equates to only 61% of the surveyed staff correctly
- backup their HIS information, therefore the risk of information loss is
- potentially high. A preset cyclical backup would be the preferred backup
- method.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">52% of the
- survey population has received education in regard to computer security,
- but the level and the type of education is not known.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">There were
- no obvious correlations between the demographic and the other survey data</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">In using the
- preferred answers the overall mean of the survey is 41.9%. This translates
- in 41.9% of the survey population returning the preferred answer. To maintain
- an acceptable minimum-security standard this figure should be 95% (this
- allows for a 5% margin of confidence), in all the surveyed areas (see Tables
- 2 -10.).</font></span>
- <p><b><font color="#000000">Tables 2-10. Survey Statistics and Graphs (Table1.jpeg
- to Table10.jpeg)</font></b>
- <h3>
- <span lang=EN-NZ><font color="#000000">Discussion</font></span></h3>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">Security
- of HIS is a complex concept and an area of concern to the consumer, the
- health care providers / companies and the New Zealand Government.</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">The security
- components of the NZ HIS are </span><span
- style='mso-ansi-language:EN-US'>disjointed,
- most parts are available but I have been unable to find evidence that these
- components have been combined in a minimum- security standard. This would
- ensure some consistency in HIS security throughout the NZ Health Industry.
- Currently the NZHIS security consists of:</font><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l11 level1 lfo19;tab-stops:list 36.0pt">
- <span
- style='mso-ansi-language:EN-US'><font color="#000000">Health
- Information Privacy act 1994, in particular rule 5-9. Endorsable by the
- New Zealand Privacy and Health and Disability Commissioner</font><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l11 level1 lfo19;tab-stops:list 36.0pt">
- <span
- style='mso-ansi-language:EN-US'><font color="#000000">NZ Health
- Intranet Security Standards</font><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l11 level1 lfo19;tab-stops:list 36.0pt">
- <span
- style='mso-ansi-language:EN-US'><font color="#000000">HL7 Standards</font><o:p></o:p></span></li>
-
- <li class="MsoNormal" style="mso-list:l11 level1 lfo19;tab-stops:list 36.0pt">
- <span
- style='mso-ansi-language:EN-US'><font color="#000000">Individual
- Health providers HIS Security policies and procedures</font><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoHeader" style="tab-stops:36.0pt"><span style='mso-ansi-language:
- EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span style='mso-ansi-language:EN-US'><font color="#000000">NZHIS
- Security standards have incorporated both the British and the American
- standards.</font><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span style='mso-ansi-language:EN-US'><font color="#000000">The
- residential care industry is no exception in the apparent lack of minimum-security
- standards for HIS.</font><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000"><i>“Fundamental
- to any attempt to secure an information system is that the users are aware
- of and follow appropriate routines and procedures. It will remain beyond
- the realms of practical reality to develop preventive strategies that make
- it impossible for user to breach security, and it is the authorised users
- of the system who are generally the weakest link in the security system”</span><span lang=EN-NZ></i>[<span
- style='color:#FF6600'>21</span>]
- Some <i>“clinical users consider computerisation offers significant advantages
- in terms of security and confidentiality. Provided security systems are
- activated and used properly, computerised notes are more secure than paper
- notes; likewise e-mail is more secure than for example hard copy facsimiles.
- Most practices were careful about this issue, but in others the attitude
- to security was more ‘loose’, with clerical staff not only accessing the
- notes, but being responsible for writing the patient summaries”</i>[<span style='color:#FF6600'>22</span>].</font></span></div>
-
- <div class="MsoNormal"><span lang=EN-NZ><font color="#000000">It is surprising
- to find that minimum-security requirements have not been established in
- New Zealand and available security standards are open to interpretation
- of its users. This potentially creates concerns for the security of the
- entire New Zealand HIS. <i>“A health-data technical security policy should
- be adopted by each Health Care Establishment site”</i>[<span style='color:red'>23</span>]</font></span></div>
-
- <div class="MsoNormal"><span style='mso-ansi-language:EN-US'><font color="#000000">Most
- literature refers to generalized security principles that users should
- adhere to, but minimum-security standards either national or international
- are not available. </font><o:p></o:p></span></div>
-
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">For best practice
- purposes Standards New Zealand has released the security management standard
- AS/NZS ISO/ICE 17799:2001 Information Technology – Code of practice for
- information security management, there is no evidence that this document
- has been adopted and implemented by the New Zealand Health service. </font></span><span style='mso-ansi-language:EN-US'><o:p></o:p></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000"><i>“The bad
- news is that even basic security measures are new to the health care industry,
- generally considered to be 10 to 15 years behind other industries with
- regard to security”</span><span
- lang=EN-NZ></i>[<span style='color:#FF6600'>24</span>].</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">Minimum-security
- requirements establish an important basis for consistency in developing
- health companies HIS security policies and procedures. There are still
- grave concerns. The NZ West Coast District Health Board identified in their
- Board report in September 2001 that in the area of E-security there was
- “<i>Lack of policy/standards, no official policy, however good attention
- to security within Information group compensates to a large degree”</i>.
- [<span style='color:red'>25</span>]</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">Continuation
- of inconsistency in security policies and procedures jeopardises the quality
- of patient care, and increases risk of litigation for health professionals
- and organizations. The minimum-security requirements in the NZ residential
- care industry are severely compromised and the risk of security breaches
- and data loss is high.</font></span>
-
- <p class="MsoNormal"><span style='mso-ansi-language:EN-US'><font color="#000000">The
- outcome of the HIS security survey </span><span lang=EN-NZ>concludes
- that minimum-security requirements in this residential care organization
- are severely compromised and the risk of security breaches and data loss
- is high. This potentially threatens the HIS and the safety of the residents.
- The degree of risk encountered by the health company is high, this does
- not reflect in risk for the NZ Health Intranet because the Residential
- Care Provider is not connected.</font></span>
-
- <p class="MsoNormal"><span lang=EN-NZ><font color="#000000">The sample
- size if large enough to conclude that this is a fair representation of
- the entire industry. We need to take in account that the sample originates
- from one company only and is not cross-sectional for the residential care
- industry. This has the potential to create bias due to the culture of the
- organization surveyed.</font></span>
- <br><span lang=EN-NZ style='font-size:13.0pt;font-family:Arial;mso-fareast-font-family:
- "Times New Roman";mso-ansi-language:EN-NZ;mso-fareast-language:EN-US;
- mso-bidi-language:AR-SA'>
- <br></span>
- <h3>
- <a NAME="_References"></a><span lang=EN-NZ><font color="#000000">Acknowledgements</font></span></h3>
-
- <h3>
- <span lang=EN-NZ style='font-size:12.0pt;font-family:"Times New Roman";
- font-weight:normal'><font color="#000000">The
- authors would like to acknowledge the support and encouragement from the
- Otago University Post-Graduate Diploma in Health Informatics tutors. The
- support, co-operation and time dedicated by the General manager Elderly
- Care and staff of the Residential Care Provider that was surveyed. There
- was no funding sourced for this article.</font><o:p></o:p></span></h3>
-
- <h3>
- <span lang=EN-NZ style='font-size:12.0pt;font-family:"Times New Roman";
- font-weight:normal'><![if !supportEmptyParas]><font color="#000000"> </font><![endif]><o:p></o:p></span></h3>
-
- <h3>
- <font color="#000000">Conflict of Interest</font></h3>
-
- <div class="MsoNormal"><font color="#000000">Possible conflict of interest
- is that one author is the Manager, Reevedon Elderly Care Complex.</font></div>
-
- <div class="MsoNormal"><b><font color="#000000"><font size=+1></font></font></b>
- <br><b><font color="#000000"><font size=+1>Appendix 1</font></font></b></div>
- <font color="#000000">Health Information Systems Security Survey 2002 (Appendix1.htm)</font>
- <br>
-
- <p class="MsoNormal"><b><font color="#000000"><font size=+1>References</font></font></b>
-
- <p class="MsoHeader" style="tab-stops:36.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span>
-
- <p class="MsoNormal" style="margin-left:18.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span>
- <ol style='margin-top:0cm' start=1 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Gostin LO, Turek-Brezina J,
- Powers M. Privacy and Security of Personal Information in a New Health
- Care System. JAMA 1993 Nov; 270(20):2487-93 [<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=8192748&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoNormal" style="margin-left:18.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=2 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Gostin LO, Turek-Brezina J,
- Powers M. Privacy and Security of Personal Information in a New Health
- Care System. JAMA 1993 Nov; 270(20):2487-93 [<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=8192748&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoHeader" style="tab-stops:36.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=3 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Danda M. Protect Yourself
- On Line. Washington: Microsoft Press; 2001. p. xvii</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=4 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Szekely D, Milam S, Khademi
- J. (1996). Legal Issues of the Electronic Dental Record: Security and Confidentiality.
- J Dent Educ, 1996 Jan: 60(1):19-23.[<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=8594098&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=5 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. (1995, 02-07-97).
- Information Systems Security and Data Protection. URL: <!--[if gte vml 1]><v:shape id="_x0000_i1027"
- type="#_x0000_t75" alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1027" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.nzhis.govt.nz/publications/Security.html">http://www.nzhis.govt.nz/publications/Security.html</a></u>
- [accessed 2002 Mar 27]</font></span><span style='font-family:Arial;mso-ansi-language:
- EN-US'><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoNormal"><span style='font-family:Arial;mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=6 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Rodsjo S. Hack Attack. Healthc
- Inform [Serial online] 2001 Jan [cited 2002 Mar 27];18(1):37-40, 42, 44
- URL: <!--[if gte vml 1]><v:shape
- id="_x0000_i1028" type="#_x0000_t75" alt="Linkout" style='width:13.5pt;
- height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1028" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><span class=MsoHyperlink><u><a href="http://www.healthcare-information.com/issues/2001/01_01/rodsjo.htm">http://www.healthcare-information.com/issues/2001/01_01/rodsjo.htm</span></a></u>
- [<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=11211424&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoNormal" style="margin-left:18.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=7 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Tabar P. A Security Strategy:
- possibly the biggest task on the healthcare's to-do list. Healthc Inform.
- [Serial online]<span
- style="mso-spacerun: yes"> </span>2001
- [cited 2002 Mar 27]; Feb;18(2):46, 48. URL: <!--[if gte vml 1]><v:shape id="_x0000_i1029" type="#_x0000_t75"
- alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1029" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.healthcare-information.com/issues/2001/02_01/cover.htm#security">http://www.healthcare-information.com/issues/2001/02_01/cover.htm#security</a></u>
- [<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=11225064&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoNormal" style="margin-left:18.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=8 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Anderson RJ. Security in Clinical
- Information Systems. Cambridge: University of Cambridge: 1996</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=9 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Hodge J, Jr, Gostin LO, Jacobson
- PD. Legal issues Concerning Electronic Health Information. JAMA, 1999 Oct
- 20; 282(15):1466-71.[<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=10535438&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=10 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. Information
- Systems Security and Data Protection. URL: <!--[if gte vml 1]><v:shape id="_x0000_i1030" type="#_x0000_t75"
- alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1030" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.nzhis.govt.nz/publications/Security.html">http://www.nzhis.govt.nz/publications/Security.html</a></u>[accessed
- 2002 Mar 27]</font></span><span style='font-family:Arial;
- mso-ansi-language:EN-US'><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoNormal"><span style='font-family:Arial;mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=11 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. Standards (Health
- Intranet) URL: <!--[if gte vml 1]><v:shape
- id="_x0000_i1031" type="#_x0000_t75" alt="Linkout" style='width:13.5pt;
- height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1031" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.nzhis.govt.nz/intranet/standards.html">http://www.nzhis.govt.nz/intranet/standards.html</a></u>
- [accessed 2002 Mar 27]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=12 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. Health Information
- Privacy code 1994. Office of the NZ Privacy Commissioner. URL: <!--[if gte vml 1]><v:shape id="_x0000_i1032"
- type="#_x0000_t75" alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1032" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.privacy.org.nz/comply/HIPCWWW.pdf">http://www.privacy.org.nz/comply/HIPCWWW.pdf</a></u>
- [accessed 2002 Mar 27]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=13 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. Minimum Standards
- for Internet Security in the New Zealand Government URL: <!--[if gte vml 1]><v:shape id="_x0000_i1033"
- type="#_x0000_t75" alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1033" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.e-government.govt.nz/docs/iss-draft/iss-draft.pdf">http://www.e-government.govt.nz/docs/iss-draft/iss-draft.pdf</a></u>[accessed
- 21-6, 2002]</font></span></li>
- </ol>
-
- <div class="MsoNormal" style="margin-left:18.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=14 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Rodsjo S. Hack Attack. Healthc
- Inform [Serial online] 2001 Jan [cited 2002 Mar 27];18(1):37-40, 42, 44
- URL: <!--[if gte vml 1]><v:shape
- id="_x0000_i1034" type="#_x0000_t75" alt="Linkout" style='width:13.5pt;
- height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1034" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><span class=MsoHyperlink><u><a href="http://www.healthcare-information.com/issues/2001/01_01/rodsjo.htm">http://www.healthcare-information.com/issues/2001/01_01/rodsjo.htm</span></a></u>
- [<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=11211424&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoNormal" style="margin-left:18.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal"><span style='font-family:Arial;mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=15 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. Information
- Systems Security and Data Protection URL: <!--[if gte vml 1]><v:shape id="_x0000_i1035" type="#_x0000_t75"
- alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1035" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.nzhis.govt.nz/publications/Security.html">http://www.nzhis.govt.nz/publications/Security.html</a></u>
- [accessed 2002 Mar 27]</font></span><span style='font-family:Arial;mso-ansi-language:
- EN-US'><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoHeader" style="tab-stops:36.0pt"><span style='font-family:Arial;
- mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=16 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Unknown. Health Level Seven
- Southern Africa. URL: <!--[if gte vml 1]><v:shape
- id="_x0000_i1036" type="#_x0000_t75" alt="Linkout" style='width:13.5pt;
- height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1036" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.hl7.org.za/HealthLevelSevenGuide1.htm">http://www.hl7.org.za/HealthLevelSevenGuide1.htm</a></u>
- [accessed 2002 Apr 16]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=17 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Danda M. Protect Yourself
- On Line. Washington: Microsoft Press; 2001. p 8</font></span><span style='font-family:Arial;mso-ansi-language:EN-US'><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=18 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Danda M. Protect Yourself
- On Line. Washington: Microsoft Press; 2001</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=19 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. Information
- Systems Security and Data Protection. URL: <!--[if gte vml 1]><v:shape id="_x0000_i1037" type="#_x0000_t75"
- alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1037" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.nzhis.govt.nz/publications/Security.html">http://www.nzhis.govt.nz/publications/Security.html</a></u>
- [accessed 2002 Mar 27]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=20 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Infopoll.com, Infopoll Designer
- Version 7.URL: <!--[if gte vml 1]><v:shape
- id="_x0000_i1038" type="#_x0000_t75" alt="Linkout" style='width:13.5pt;
- height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1038" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://infopoll.com/">http://infopoll.com/download/</a></u>
- [accessed 2002 Mar 30]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=21 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.Government. Information
- Systems Security and Data Protection. URL: <!--[if gte vml 1]><v:shape id="_x0000_i1039" type="#_x0000_t75"
- alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1039" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.nzhis.govt.nz/publications/Security.html">http://www.nzhis.govt.nz/publications/Security.html</a></u>
- [accessed 2002 Mar 27]</font></span><span style='font-family:Arial;mso-ansi-language:
- EN-US'><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoNormal"><span style='font-family:Arial;mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=22 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Nielson A. C. Attitudes towards
- information technology in Australian General Practice. URL: <!--[if gte vml 1]><v:shape id="_x0000_i1040"
- type="#_x0000_t75" alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1040" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.health.gov.au/pubs/gpit/gpit2.pdf">http://www.health.gov.au/pubs/gpit/gpit2.pdf</a></u>
- [accessed 2002 Apr 26]</font></span><span style='font-family:Arial;mso-ansi-language:
- EN-US'><o:p></o:p></span></li>
- </ol>
-
- <div class="MsoNormal"><span style='font-family:Arial;mso-ansi-language:EN-US'><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=23 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Ilioudis C, Pangalos G.<span style="mso-spacerun: yes"> </span>A
- framework for an Institutional High Level Security Policy for the Processing
- of Medical Data and their Transmission Through the Internet. J Med Internet
- Res.[serial online] 2001 Apr-Jun [cited 2002 June 21]; 3(2):E14.URL: <!--[if gte vml 1]><v:shape id="_x0000_i1041" type="#_x0000_t75"
- alt="Linkout" style='width:13.5pt;height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1041" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><u><a href="http://www.jmir.org/2001/2/e14/">http://www.jmir.org/2001/2/e14/</a></u>
- [<a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=11720956&dopt=Abstract">Medline</a>]</font></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=24 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">Kibbe DC. A problem-Orientated
- Approach to the HIPAA Security Standards. Fam Prac Manag, [serial online]
- 2001 July/August [cited 2002 Mar 27]; 8(7):37-43 [22 screens] URL: <span class=MsoHyperlink><!--[if gte vml 1]><v:shape
- id="_x0000_i1042" type="#_x0000_t75" alt="Linkout" style='width:13.5pt;
- height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1042" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"><u> </span><a href="http://aafp.org/fpm/20010700/37apro.html">http://aafp.org/fpm/20010700/37apro.html<span
- style="mso-spacerun: yes"></a> </span><a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=11477951&dopt=Abstract">[Medline]</a> </u></font></span></span></li>
- </ol>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <ol style='margin-top:0cm' start=25 type=1>
- <li class="MsoNormal" style="mso-list:l25 level1 lfo29;tab-stops:list 36.0pt">
- <span
- lang=EN-NZ><font color="#000000">NZ.West.Coast.DHB. Board Report
- 28 Sept. 2001 URL: <!--[if gte vml 1]><v:shape
- id="_x0000_i1043" type="#_x0000_t75" alt="Linkout" style='width:13.5pt;
- height:11.25pt'>
- <v:imagedata src="./HIS%20Security%20Article_files/image002.gif" o:href="http://www.jmir.org/images/linkout.gif"/>
- </v:shape><![endif]--><![if !vml]><img SRC="image002.gif" ALT="Linkout" BORDER=0 v:shapes="_x0000_i1043" height=15 width=18><![endif]><span
- style="mso-spacerun: yes"> </span><span class=MsoHyperlink><u><a href="http://www.westcoastdhb.org.nz/board/Papers/SeptHACPapers.pdf">www.westcoastdhb.org.nz/board/Papers/SeptHACPapers.pdf</a></u> </span>[accessed
- 2002 June 21]</font></span></li>
- </ol>
-
- <div class="MsoNormal" style="margin-left:18.0pt"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <br>
- <h3>
- <span lang=EN-NZ><font color="#000000">Abbreviations</font></span></h3>
-
- <div class="MsoNormal"><span lang=EN-NZ><![if !supportEmptyParas]><![endif]><o:p></o:p></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">BMA<span
- style='mso-tab-count:1'></span>British
- Medical Association</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">EDI<span
- style='mso-tab-count:1'></span>Electronic
- Data Interchange</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">HEIN<span
- style='mso-tab-count:1'></span>Health
- Informatics</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">HHS<span
- style='mso-tab-count:1'></span>Health
- and Human Sciences</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">HIPAA<span
- style='mso-tab-count:1'></span>Health
- Insurance Portability Act</font></span></div>
-
- <div class="MsoHeader" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">HIS<span
- style='mso-tab-count:1'></span>Health
- Information System</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">HL7<span
- style='mso-tab-count:1'></span>Health
- Level 7</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">IT<span
- style='mso-tab-count:1'></span>Information
- Technology</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">NZ<span
- style='mso-tab-count:1'></span>New
- Zealand</font></span></div>
-
- <div class="MsoNormal" style="tab-stops:112.5pt"><span lang=EN-NZ><font color="#000000">RN<span
- style='mso-tab-count:1'></span>Registered
- Nurse</font></span></div>
- </div>
-
- </body>
- </html>