Vanderbilt Plays Key Role in Health Privacy

The U.S. health-care community is steadily moving into the digital age, shifting medical records from paper to electronic information systems. This movement raises serious concerns about security and privacy of patients’ medical information. In an attempt to put these concerns to rest, the U.S. Department of Health and Human Services has awarded $15 million to create a new center for health information and privacy.

The center, which will be headquartered at the University of Illinois, will include researchers from Vanderbilt; University of California, Berkeley; Carnegie Mellon University; Dartmouth College; Harvard University Medical School; Johns Hopkins University; Northwestern University Memorial Hospital; Stanford University; University of Massachusetts, Amherst; and the University of Washington. It is one of four health-care research centers funded for four years with American Recovery and Reinvestment Act of 2009 funds as part of the $60 million Strategic Healthcare Information Technology Advanced Research Projects on Security (SHARPS) program.

“Our participation in the new SHARPS center reflects the fact that Vanderbilt has become highly visible in the field of health-care security and privacy,” says Janos Sztipanovits, the E. Bronson Ingram Professor of Engineering and director of the Institute for Software Integrated Systems (ISIS) at Vanderbilt School of Engineering. Sztipanovits—along with Mark Frisse, Accenture Professor of Biomedical Informatics at Vanderbilt University Medical Center, and Edward Schulz, director of information technology integration at VUMC—head up the joint Vanderbilt team. William Stead, the Medical Center’s chief strategy and information officer, will serve as one of the center’s two chief scientists.

One of Vanderbilt’s contributions is the close partnership it has established between its engineers and clinical researchers. The Medical Center has a 15-year track record in the development of electronic health-care records, and ISIS contributes a structured approach to data security and extensive software tools that it has developed to protect sensitive data for the U.S. Department of Defense.

The SHARPS center will focus on three specific subjects: electronic health records, health information exchanges and telemedicine. Most U.S. hospitals have digitized their health records despite the fact that they are subject to new kinds of risks, such as the ease with which a thief could carry away thousands of patient records on a USB thumb drive or the possibility that records can be hacked when they are put online to increase accessibility.