The study on confidentiality of electronic archive of medical records in khuzestan povince and providing national model

Document Type : Original Article



2 -

3 Health InformationTechnology, paramedicine, Ahvaz Jondishapoor university medical science, Ahvaz, Iran


The Study on Confidentiality of Electronic Archive of Medical Records in Khuzestan Province and Providing National Model

Background and Objective: In recent years, in order to solve problems related to the storage and retrieval of paper-based medical records, the hospitals of the country have been scanning them using imaging systems. technology development allows unauthorized access to data. Therefore, data protection laws are required to maintain the confidentiality of patient information. In the present study, we are to investigate the confidentiality of medical records in digitalizing hospitals in the city of Ahwaz and provide a model for maintaining and enhancing data confidentiality.
Methods: This is a descriptive cross-sectional study that investigates the confidentiality of medical records in selected hospitals of Ahwaz in 2019. The study population includes 11 selected hospitals. The required data were gathered through an researcher-made checklist completed in person (by observing) at Medical Record Department and Information Technology Units. These data were analyzed in Excel.
Findings: According to the study, despite various security criteria to protect the confidentiality of data, obtaining written letter of commitment for nondisclosure of the password and username had been ignored in all the centers under study except one.
Conclusion: Considering the sensitivity of health data, it is recommended that hospitals develop a written form as letter of commitment to improve confidentiality. They should require information technology and medical documents officials as well as all users to fill in the form before they can access any type of data.
Keywords: Confidentiality, Security, Privacy


1-Moghaddasi H, Sheikhtaheri A. Organizational chart of health information management department, presented a new pattern for hospital of Iran. Payesh. 2008;7(2):129-40.[In Persian].
2-Mashoufi M, Rostami K, Mardi A. Documentation of medical records by physicians in the hospitals under Ardabil University of Medical Sciences, 2001. Journal of Ardabil University of Medical Sciences. 2006;6(1):73-7.
3-Sadoughi F, Khoushkam M, Siavash B. A comparative investigation of the access levels and confidentiality of medical document in Iran and selected countries. Journal of Health administration. 2007;10(28):49-56.
4-Daniali A, Keshtkaran A. The management of medical records to the design. Shiraz University of Medical Sciences Publications. 2001.
5-Claerhout B, DeMoor G. Privacy protection for clinical and genomic data: The use of privacy-enhancing techniques in medicine. International Journal of Medical Informatics. 2005;74(2-4):257-65.
6-Sadoughi F, Ghazisaeid M, Meraji M, Kimiafar K, Ramazanghorbani N. Health information management technology. Tehran: jafari publish; 2011.
7-Hajavi A, Khoushgam M, Hatami M. A Comparative Study on regarding Rate of the Privacy Principles in legal Issues by WHO Manual at Teaching Hospitals of Iran, Tehran and Shahid Beheshti Medical Sciences Universities; 2007. 2008;11(33):7-16.
8-Kabirzadeh A, MohseniSaravi B, Asgari Z, BagherianFarahabadi E, BagherzadeLadari R. Rate of general health, job stress and factors in medical records workers. Health Information Management 2007;4(2):215-22.
9-Davari doulatabadi N, Shahi M, Tavasoli farahi M. Effects of environmental factors on medical files kept in the hospitals affiliated to Hormozgan university of medical sciences, 2004. Medical journals of Hormozgan University 2006;10(3):279-8.
10-Farzandipour M, Sadoughi F, Ahmadi M, Karimi I. Designing a Confidentiality Principles Model of Electronic Health Record for Iran; 2007. 2008.
11-Zarei J. Compare electronic medical record filing with traditional approach in hospitals in selected cities and submit appropriate framework: MSc Thesis], Isfahan University of Medical Sciences; 2010.
12-Pereira T, Santos H, editors. A conceptual model approach to manage and audit information systems security. Proceedings of the 9th European Conference on Information Warfare and Security; 2010.
13-Paterson M, Iacovino L. Health privacy: the draft Australian national health privacy code and the shared longitudinal electronic health record. Health Information Management 2004;33(1):5-11.
14-Jo H, Kim S, Won D. Advanced Information Security Management Evaluation System. KSII Transactions on Internet Information Systems. 2011;5(6):1192-213.
15-Cushman R, Froomkin AM, Cava A, Abril P, Goodman KW. Ethical, legal and social issues for personal health records and applications. 2010;43(5):S51-S5.
16-Barham C. Confidentiality and security of information. Anaesthesia Intensive Care Medicine. 2010;11(12):502-4.
17-Davis N, LaCour M. Introduction to health information technology: Saunders WB Co; 2001.
18-Farzandipour M, Ahmadi M, Sadoughi F, Karimi I. A comparative study on security requirements of electronic health records in the selected countries. Health Information Management. 2008;5(2):149.
19-Arab M, PourReza A, Eshraghian M, Khabiri R. A Survey on current status of patient information privacy in Tehran's hospital. Health Information Management. 2011;8(1):33-40.
20-Zahedifar R. An Investigation over the Observance of Patients' Rights in Medical Record Department in consumers' health information for research purposes,
consumers' health forum of Australi. 1998.
21-Callahan D. The new privacy officer's game plane. AHIMA.72(6):26-32.
22-SheikhAbumasoudi R, Amini N, Esmaeili N. Indicators of patient information confidentiality. Health Information Management. 2015;12(4):404.
23-Behnam S. A Comparative Study of Accessibility levels Confidentiality of Medical Records in Selected Countries Iran university of Medical Sciences2005.