使用電子病歷保障病人隱私之探討—以中山醫學大學附設醫院病歷電子化為例

10.30007/JICTA.201201.0008

曾志仁；邱政元；蔡亭儀；梁竣傑；許瑋庭

電子病歷 ； 病人隱私 ； Electronic Medical Record (EMR) ； Patient Privacy

電腦稽核

25期（2012 / 01 / 01）

112 - 119

繁體中文

隨著科技的進步，病歷也從傳統的紙本病歷漸漸發展成電子病歷。電子化病歷的發展可以解決傳統紙本病歷的缺失，例如：佔地空間不足、資料傳送費時、長期保存不易、無法多人同時使用等諸多缺失，同時也促進了醫療院所的作業效率、提升醫療品質。但電子病歷也有許多問題需要克服，如病歷遭受竄改、駭客入侵竊取資料、病患隱私安全等問題，本文探討如何使用電子病歷來保障病人的隱私。雖然近年來政府制定與修訂了許多電子病歷相關的法規，但是法令無法鉅細靡遺地規範到作業層面，因此，值此全國各醫療院所進行病歷電子化之際，實有必要探討實務的應用層面，討論如何去管控電子病歷作業，以保護病患隱私。本文以中山醫學大學附設醫院為例闡述如何管控電子病歷系統以保障病患隱私。

It's the technological era now; and it's the timing for the traditional paper medical record to be changed into electronic version in Taiwan. Electronic medical record (EMR) has eliminated many paper medical record's drawbacks; such as occupying too much room, taking time to deliver around, hard to preserve for a long time, and hard to share by different professionals at the same time. EMR also offers opportunity for health care providers to improve their operation and elevate health service quality. Although EMR sounds so perfect, there are still many problems need to be solved, e.g. arbitrary re-writing, possible invading by hackers, and how to protect patient privacy. This article discusses how to apply EMR to protect patient privacy. For implementing EMR, many regulations have already enacted to protect patient from possible invasion. However, regulations cannot provide guidelines to health care providers of how to apply EMR. Hence, a genuine example of implementing EMR is needed. In this article, examples from Chung Shan Medical University Hospital demonstrate how to control and monitor an EMR system to protect patient privacy.