Health network surveillance

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Health network surveillance is a practice of health information management involving a combination of security, privacy and regulatory compliance with patient health information (PHI). Health network surveillance addresses the rapidly increasing trend of electronic health records (EHR) and its incompatibility with information security practices that ‘lock down’ access through methods such as: modern firewalls, intrusion detection and prevention devices, and anti-virus and end-point protections.[1]

In contrast to restrictive security measures, health network surveillance runs in the background of networks through a combination of hardware and software devices that allow for real time monitoring that do not impede the day-to-day health care operations that make up healthcare systems and deliver essential services to patients and clients. Surveillance, in this context, means tracking the connections that are made between computers. These connections can be between computers within a health network or from a computer outside the health network. Effectively, this approach has the capacity to provide additional assurance that standard protective devices and approaches are working.

Governments at all levels have increased legislation and regulation of the ways health information should be handled, for both public and private health organizations in many countries. Major regulatory bodies and legislation in Canada and the United States include but are not limited to: the Health Insurance Portability and Accountability Act (HIPAA), the Personal Information and Electronic Documents Act (PIPEDA), the Personal Health Information Protection Act (PHIPA), International Organization for Standardization (ISO), PCI Security Standards Council, and Canada Health Infoway.[2] Health network surveillance is able to address the increasingly complex legislation, regulations and policies imposed on health organizations in a way that restrictive security measures can only reduce the service levels of these organizations.

Health network surveillance also has a proactive impact by providing business intelligence and network monitoring that can improve a health organization’s efficiency and effectiveness through real time information that can support decision making about network architecture, business processes and resource allocation. Two approaches enable the development of health network surveillance tools. Commonly used flow measures based on a number of flow protocols available on the market use the capacity of routers and switches to provide data regarding the functioning of networks.[3] The use of connection tracking works to record every connection between devices in a monitored network. There may be advantages in connection tracking techniques as they avoid sampling, produce more data in real time and put less load on the functioning of networks.


  1. ^ For a discussion of these issues see G. Griener at the University of Alberta Law School. From a physician’s perspective see Eli Finkelstein, MD and PhD, Electronic Health Records: The Threat to Privacy, For Us Docs.
  2. ^ As one exhaustive sample among many, see Canada Health Infoway, “Electronic Health Record (EHR) Privacy and Security Requirements”, The provisions in all of the extent regulations track closely the security provisions of ISO 27000.
  3. ^ IP Flow Information Export An alternative to the use of flow protocols is connection tracking. Netfilter Connection Tracking