The Security and Privacy of Electronic Health Records in Healthcare Systems: A Systematic Review

Electronic Health Records (EHRs) is used to increase the interoperability between healthcare organizations and patient health information while preserving privacy and confidentiality of patient information. EHR is structured information that may include text, image(s) or both of them; its aims to have the features of decentralization, security, openness, and traceability. This systematic review aims to examine and identify the forms of implemented electronic health records with the available protection and privacy techniques. A number of keywords have been used to scan four reliable databases, which are: PubMed, IEEE, Web of Science, and Science Direct. Where 126 studies have been obtained, based on the phases of filtering and scanning that implemented related to the criteria of inclusion/exclusion processes. This review presented a taxonomy where the concluded 126 studies were classified based on two categories, first includes the applied process of (authentication, authorization and access control), and second includes the applied process of privacy and security in (information, image, and both information with image) of EHR. Then, in this research, a deep review were conducted to highlight the challenges, issues, and critical gaps that outlined in the academic literature of this research subject. The obtained results showed no relevant study that examine and discuss the two aforementioned categories. This concluded that EHR could be enhanced by applying the processes of authentication, authorization, and access control in security, in addition to applying privacy for both information and image included in EHR.