Assessing HIPAA compliance of open source electronic health record applications

Authors

Hossain Shahriar, Kennesaw State University
Hisham M. Haddad, Kennesaw State University
Maryam Farhadi, Kennesaw State University

Department

Information Technology

Document Type

Article

Publication Date

4-1-2021

Abstract

Electronic health record (EHR) applications are digital versions of paper-based patient health information. EHR applications are increasingly being adopted in many countries. They have resulted in improved quality in healthcare, convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process. The goal of this paper is to identify HIPAA technical requirements, evaluate two open source EHR applications (OpenEMR and OpenClinic) for security vulnerabilities using two open-source scanner tools (RIPS and PHP VulnHunter), and map the identified vulnerabilities to HIPAA technical requirements.

Journal Title

International Journal of Information Security and Privacy

Journal ISSN

19301650

Volume

15

Issue

2

First Page

181

Last Page

195

Digital Object Identifier (DOI)

10.4018/IJISP.2021040109