Assessing HIPAA compliance of open source electronic health record applications
Electronic health record (EHR) applications are digital versions of paper-based patient health information. EHR applications are increasingly being adopted in many countries. They have resulted in improved quality in healthcare, convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process. The goal of this paper is to identify HIPAA technical requirements, evaluate two open source EHR applications (OpenEMR and OpenClinic) for security vulnerabilities using two open-source scanner tools (RIPS and PHP VulnHunter), and map the identified vulnerabilities to HIPAA technical requirements.
International Journal of Information Security and Privacy
Digital Object Identifier (DOI)