As we move toward the creation of a networked health information environment, the potential of privacy intrusions increases, with potentially devastating impact on quality and access to healthcare. This paper describes the risks we face and proposes a framework to minimize those risks. In particular, it proposes nine principles to protect privacy in an information age.In presenting these principles, we begin from the premise that privacy protections should not be included in health information technology (health IT) systems as an afterthought, but as a core design-or architectural-foundation. Hence the principles we present are described as "architectural principles": while ensuring that the tremendous potential benefits of technology are realized, they put privacy at the very heart of health IT.
展开▼