Breach Risk Magnitude: A Quantitative Measure of Database Security.

A quantitative methodology is described that provides objective evaluation of the potential for health record system breaches. It assumes that breach risk increases with the number of potential records that could be exposed, while it decreases when more authentication steps are required for access. The breach risk magnitude (BRM) is the maximum value for any system user of the common logarithm of the number of accessible database records divided by the number of authentication steps needed to achieve such access.

A secure and efficiently searchable health information architecture.

Patient-centric repositories of health records are an important component of health information infrastructure. However, patient information in a single repository is potentially vulnerable to loss of the entire dataset from a single unauthorized intrusion. A new health record storage architecture, the personal grid, eliminates this risk by separately storing and encrypting each person's record.

A proposed national research and development agenda for population health informatics: summary recommendations from a national expert workshop.

Objective: The Johns Hopkins Center for Population Health IT hosted a 1-day symposium sponsored by the National Library of Medicine to help develop a national research and development (R&D) agenda for the emerging field of population health informatics (PopHI).

Material And Methods: The symposium provided a venue for national experts to brainstorm, identify, discuss, and prioritize the top challenges and opportunities in the PopHI field, as well as R&D areas to address these.

Results: This manuscript summarizes the findings of the PopHI symposium.

Consumer-mediated health information exchanges: the 2012 ACMI debate.

The American College of Medical Informatics (ACMI) sponsors periodic debates during the American Medical Informatics Fall Symposium to highlight important informatics issues of broad interest. In 2012, a panel debated the following topic: "Resolved: Health Information Exchange Organizations Should Shift Their Principal Focus to Consumer-Mediated Exchange in Order to Facilitate the Rapid Development of Effective, Scalable, and Sustainable Health Information Infrastructure." Those supporting the proposition emphasized the need for consumer-controlled community repositories of electronic health records (health record banks) to address privacy, stakeholder cooperation, scalability, and sustainability.

Where should electronic records for patients be stored?

Introduction: The importance of a nationwide health information infrastructure (NHII) is widely recognized. Patient data may be stored where it happens to be created (the distributed or institution-centric model) or in one place for a given patient (the centralized or patient-centric model). Minimal data is available regarding the performance implications of these alternative architectural choices.

A framework for systematic evaluation of health information infrastructure progress in communities.

It is widely agreed that major improvements in the safety, quality, and efficiency of health care in the US require a National Health Information Infrastructure. To accomplish this, efforts are now underway in many communities to build local or regional health information infrastructures (HIIs) that provide secure, ubiquitous access to complete health care information. To facilitate the assessment and monitoring of the progress of operational HIIs toward completion, we propose a framework of four key measures of requirements that must be ultimately be met: (1) completeness of information, (2) degree of usage, (3) types of usage, and (4) financial sustainability.

A consensus action agenda for achieving the national health information infrastructure.

Background: Improving the safety, quality, and efficiency of health care will require immediate and ubiquitous access to complete patient information and decision support provided through a National Health Information Infrastructure (NHII).

Methods: To help define the action steps needed to achieve an NHII, the U.S.

Disseminating public health practice guidelines in electronic medical record systems.

An evaluation of public health practice guidelines published by CDC was conducted to determine the feasibility of disseminating them through electronic medical record (EMR) systems. Of 1,069 guidelines evaluated, 360 contained at least one recommendation that could be presented as an alert or reminder to the clinician during the patient encounter. These guidelines were in the areas of: HIV (59), sexually transmitted diseases (8), health care associated infections (14), tuberculosis (TB) (25), immunizations/vaccine-preventable diseases (80), other infectious diseases (134), reproductive health diseases (8), cancers (9), diabetes (5), and other chronic diseases (18).

Emergency implementation of knowledge management system to support a bioterrorism response.

In a public health emergency, it becomes necessary for public health agencies to provide timely, accurate and useful information to the community. During the anthrax attacks, the Public Health Practice Program Office in the Centers for Disease Control and Prevention implemented a knowledge management (KM) system to respond to an increased number of inquiries from public health officials, first responders, and health care professionals as well as the general public. While it is possible to successfully implement a knowledge management system quickly in a crisis situation, additional challenges to sustainability may result from shortchanging the normal decision-making channels.