Abstract

Electronic health records (EHRs) pose unique concerns for administrators and information technology professionals with regard to cybersecurity. Due to the sensitive nature and increasing value of personal health information, cyber risks and information protection should be a high priority. A literature review was conducted to identify potential threat categories and best practices in protecting EHR information. Potential threats were identified and categorized into five areas; physical, portable devices, insider use, technical, and administrative. Government policies have created administrative, physical, and technical safeguards to keep EHR information safe. Despite these efforts, EHRs are being targeted by cyber-criminals due to flaws in personal and organizational management of protected healthcare information. This paper aims to educate, inform, and advocate for the proper handling of EHRs to alleviate the burden caused by compromised electronic documents.