Electronic health record information systems contain sensitive and highly useful patient information and as search they should be highly secured. The HIPAA/HITECH federal mandates provide measures for securing the information systems, the mandates require immediate reporting of the discovery of information breaches in these systems, the IS experts of the systems should update periodically the security measures of the systems, the mandate advocate for specific procedures in the breach of the information systems and the training of all the users of the system on the security measures of the IS.
The mandates have an overall improvement of the Electronic Health Records. They minimize the chances of occurrence in frauds in the systems by calling for effective security management of the information system to keep them safe, for example from hackers. Safety of the IS will ensure better healthcare because relevant and sufficient information will be available for healthcare providers to derive judgments from, Czar and Hebda (2009).
I believe the best strategy for securing the health information in the HER systems is by introducing sophisticated information security measures, for example the use of biometrics to limit and authorize access to the systems and the use of firewalls to block malignant codes which may tamper with the data in the systems. Security can also be enhanced by creating accountability to all the health experts who access the systems.
The systems should be preferably in the real time mode whereby data entry is first verified before being accepted. Accountability can be enhanced through system timing; access to the system should be timed. Individuals accessing the system at a particular time should be made accountable for frauds and errors occurring in the system at that particular time, Brown (2010)
Czar, P. & Hebda T. (2009). Handbook of informatics for nurses and health care professionals, 4th edition. Upper Saddle River, NJ: Pearson Prentice Hall
Brown, B. (2010). Protecting confidentiality of medical records in an interconnected environment. Journal of heath care compliance, 12(6): pp 35