Researchers begin work on 'sophisticated' security for healthcare IT

By Bernie Monegain
10:09 AM

The Information Trust Institute (ITI) at the University of Illinois at Urbana-Champaign is poised to lead a multi-university consortium of researchers to create technology that will make electronic health record systems and health data exchange secure enough to gain the confidence of doctors and patients.

The project will be funded with the recently announced government award of $15 million through SHARP (Strategic Health IT Advanced Research Projects), a program administered by the Office of the National Coordinator for Health Information Technology.

The award is one of four the ONC announced on April 2

The research award will result in the creation of the Center for Health Information Privacy and Security within ITI, and will support research led by 20 senior researchers from:

  • University of Illinois,
  • University of California at Berkeley,
  • Carnegie Mellon University,
  • Dartmouth College,
  • Harvard Medical School,
  • Johns Hopkins University,
  • New York University,
  • Northwestern Memorial Hospital,
  • Stanford University,
  • University of Massachusetts Amherst, 
  • University of Washington,
  • Vanderbilt University.

The program's lead investigator, Professor Carl A. Gunter of the Department of Computer Science and ITI at Illinois, explained the program's motivation: "It is essential for patients and healthcare providers to have confidence in the information technologies on which modern healthcare is becoming increasingly reliant," he said. 

He said the program – called SHARPS for "Strategic Healthcare Information Technology Advanced Research Projects on Security" – would address a key range of security and privacy barriers that currently limit the free exchange of data that could improve the quality, convenience, and efficient delivery of care.

"To accomplish this," Gunter added, "SHARPS has assembled an elite multidisciplinary team of healthcare and cyber-security experts that is uniquely capable of carrying out an ambitious strategic program to bring security and privacy in health information technology to a new level of sophistication."

SHARPS will focus on three health information environments – electronic health records, health information exchange, and telemedicine – that are becoming increasingly popular in spite of security concerns with their use.
Electronic health records, although already prevalent in most U.S. hospitals, are subject to risks that paper records are not, such as the physical ease with which a thief can carry away thousands of patients' records on a USB stick in his pocket, Gunter said. Also, electronic records are vulnerable to Internet-based attacks if they are put online to increase accessibility.

John Halamka, MD, CIO at Harvard Medical School and Beth Israel Deaconess Medical Center, said the SHARPS project addresses critical problems, and it has the expertise to make valuable contributions.

"The advancement of security in healthcare information technology is an issue with far-reaching implications warranting immediate attention," he said. "We need interoperable healthcare to ensure the right care is given to the right patients at the right time, but always protecting privacy. SHARPS has gathered an exceptionally capable team of innovators to tackle this important objective."