On May 28th, the Global Digital Health Network convened virtually for the Network’s monthly webinar, hosted by ICF. The discussion was focused on Tools for Assessing and Maintaining Electronic Health Record (EHR) Security.

The United States Agency for International Development (USAID), the United States President’s Emergency Plan for AIDS Relief (PEPFAR), and the United States Centers for Disease Control and Prevention (CDC) have all contributed significant funding to the development and implementation of electronic medical records (EMRs) to support the capture of patient medical data. The increased demand for patient-level data needed to achieve epidemic control of HIV and for other health monitoring has caused a shift from using EMR software for retrospective data entry to real-time point-of-care systems.

As these systems move from a single computer to interconnected computers at multiple sites, the need for improved security has become more critical. PEPFAR asked the USAID funded MEASURE Evaluation project to develop an assessment tool to address this issue. They took high- and moderate-impact priority controls from NIST 800, ISO 2700, and the Health Insurance Portability and Accountability Act and adjusted them to be practical in a low-resource setting. During the webinar MEASURE Evaluation:

• Presented an overview of the security assessment tool,
• Presented guidance on security planning, and
• Shared feedback received about the assessment tool and how it can be used in low-resource settings.

Speakers (all of MEASURE Evaluation-ICF) included:

Olivia Velez, PhD MS MPH RN
Christina Villella, MPH TOGAF
Sam Wambugu, MPH PMP
Annah Ngaruro, CISSP PMP

Meeting Recording: