Document Type : Original Article(s)
Authors
1 Department of Epidemiology and Biostatistics, School of Public Health, Tehran University of Medical Sciences, Tehran, Iran
2 Department of Mathematics and Statistics, University of Calgary, Calgary, Alberta, Canada
Abstract
Background: The shift from traditional office visits to internet-based care has accelerated during the COVID-19 pandemic, increasing reliance on telemedicine platforms. This growth has led to more health-related electronic data and heightened risks of unauthorized access, making it essential to prioritize information confidentiality issues. This study aims to reveal the disclosure of confidential information on a Persian televisit website.
Methods: In this observational case study, we gathered public health-related electronic data from a Persian televisit website in 2022. SAS software was used to harvest messy data about patients and doctors and create a structured dataset. Meanwhile, Microsoft Excel and RStudio software programs were used for data visualization. A hashing algorithm was applied to encode personal information, preventing the identification of individuals.
Results: Our study showed how public web data about 263 patients and 194 doctors, harvested from the target website, can be used to reveal patients’ private information. Using such data, we explored the patient-doctor interaction patterns. With access to the patients’ identifiable information, we recognized the identity of the clients who received internet-based care services and their possible diseases.
Conclusion: This analysis revealed that exposure of patients’ confidential information could compromise their identities and underlying medical conditions. This highlights the need for a national framework to ensure the security of health-related electronic data. Health authorities should enforce comprehensive laws, while the owners of televisit websites should implement privacy by design principles into the development of such platforms to prevent the disclosure of sensitive information.
Highlights
Mohammad Haddad Soleymani (Google Scholar)
Keywords
- Mohammadi M, Larijani B, Emami Razavi SH, Fotouhi A, Ghaderi A, Madani SJ, et al. Do patients know that physicians should be confidential? study on patients’ awareness of privacy and confidentiality. J Med Ethics Hist Med. 2018;11:1. PubMed PMID: 30258551; PubMed Central PMCID: PMCPMC6150920.
- Basil NN, Ambe S, Ekhator C, Fonkem E. Health Records Database and Inherent Security Concerns: A Review of the Literature. Cureus. 2022;14:e30168. doi: 10.7759/cureus.30168. PubMed PMID: 36397924; PubMed Central PMCID: PMCPMC9647912.
- Eslami Jahromi M, Ayatollahi H. Utilization of telehealth to manage the Covid-19 pandemic in low- and middle-income countries: a scoping review. J Am Med Inform Assoc. 2023;30:738-51. doi: 10.1093/jamia/ocac250. PubMed PMID: 36565464; PubMed Central PMCID: PMCPMC10018263.
- Chishtie J, Sapiro N, Wiebe N, Rabatach L, Lorenzetti D, Leung AA, et al. Use of Epic Electronic Health Record System for Health Care Research: Scoping Review. J Med Internet Res. 2023;25:e51003. doi: 10.2196/51003. PubMed PMID: 38100185; PubMed Central PMCID: PMCPMC10757236.
- Mobasher M, Samzadeh Kermani H, Eslami Shahrbabaki M, Sarafinejad A. Study of Patients’ Privacy during the COVID-19 Pandemic in Iranian Health Care Settings. Iran J Med Sci. 2024;49:580-9. doi: 10.30476/ijms.2023.97795.3070. PubMed PMID: 39371378; PubMed Central PMCID: PMCPMC11452588.
- Noroozi M, Zahedi L, Bathaei FS, Salari P. Challenges of Confidentiality in Clinical Settings: Compilation of an Ethical Guideline. Iran J Public Health. 2018;47:875-83. PubMed PMID: 30087874; PubMed Central PMCID: PMCPMC6077627.
- Ayatollahi H, Mirani N, Haghani H. Electronic health records: what are the most important barriers? Perspect Health Inf Manag. 2014;11:1c. PubMed PMID: 25593569; PubMed Central PMCID: PMCPMC4272437.
- Langarizadeh M, Moghbeli F, Aliabadi A. Application of Ethics for Providing Telemedicine Services and Information Technology. Med Arch. 2017;71:351-5. doi: 10.5455/medarh.2017.71.351-355. PubMed PMID: 29284905; PubMed Central PMCID: PMCPMC5723167.
- Ammenwerth E, Duftschmid G, Al-Hamdan Z, Bawadi H, Cheung NT, Cho KH, et al. International Comparison of Six Basic eHealth Indicators Across 14 Countries: An eHealth Benchmarking Study. Methods Inf Med. 2020;59:e46-e63. doi: 10.1055/s-0040-1715796. PubMed PMID: 33207386; PubMed Central PMCID: PMCPMC7728164.
- Theodos K, Sittig S. Health Information Privacy Laws in the Digital Age: HIPAA Doesn’t Apply. Perspect Health Inf Manag. 2021;18:1l. PubMed PMID: 33633522; PubMed Central PMCID: PMCPMC7883355.
- Tavakoli N, Isfahani SS, Piri Z, Amini A. Patient access to electronic health record: a comparative study on laws, policies and procedures in selected countries. Med Arch. 2013;67:63-7. doi: 10.5455/medarh.2013.67.63-67. PubMed PMID: 23678844.
- Langarizadeh M, Orooji A, Sheikhtaheri A. Effectiveness of Anonymization Methods in Preserving Patients’ Privacy: A Systematic Literature Review. Stud Health Technol Inform. 2018;248:80-7. PubMed PMID: 29726422.
- Carlson JL, Goldstein R. Using the Electronic Health Record to Conduct Adolescent Telehealth Visits in the Time of COVID-19. J Adolesc Health. 2020;67:157-8. doi: 10.1016/j.jadohealth.2020.05.022. PubMed PMID: 32517972; PubMed Central PMCID: PMCPMC7275171.
- Jalali MS, Landman A, Gordon WJ. Telemedicine, privacy, and information security in the age of COVID-19. J Am Med Inform Assoc. 2021;28:671-2. doi: 10.1093/jamia/ocaa310. PubMed PMID: 33325533; PubMed Central PMCID: PMCPMC7798938.
- Abedian S, Riazi H. E-Health: Security, Privacy, and Ethics Requirements from a National Perspective in I. R. Iran. Stud Health Technol Inform. 2024;314:147-8. doi: 10.3233/SHTI240079. PubMed PMID: 38785021.
)