Electronic Health Records (EHR) are crucial for the success of digital healthcare, with a focus on putting consumers at the center of this transformation. However, the digitalization of healthcare records brings along security and privacy risks for personal data. The major concern is that different countries have varying standards for the security and privacy of medical data. This paper proposed a novel and comprehensive framework to standardize these rules globally, bringing them together on a common platform. To support this proposal, the study reviews existing literature to understand the research interest in this issue. It also examines six key laws and standards related to security and privacy, identifying twenty concepts. The proposed framework utilized K-means clustering to categorize these concepts and identify five key factors. Finally, an Ordinal Priority Approach is applied to determine the preferred implementation of these factors in the context of EHRs. The proposed study provides a descriptive then prescriptive framework for the implementation of privacy and security in the context of electronic health records. Therefore, the findings of the proposed framework are useful for professionals and policymakers in improving the security and privacy associated with EHRs.

翻译：电子健康记录（EHR）对于数字医疗的成功至关重要，其核心在于将消费者置于这一转型的中心。然而，医疗记录数字化也带来了个人数据的安全与隐私风险。主要问题在于，不同国家对医疗数据的安全与隐私保护存在不同的标准。本文提出了一种新颖且全面的框架，旨在全球范围内统一这些规则，并将其整合到一个共同的平台上。为支持这一提议，本研究回顾了现有文献，以了解该议题的研究关注度。同时，研究审查了六项与安全和隐私相关的关键法律与标准，识别出二十个核心概念。所提出的框架利用K-means聚类方法对这些概念进行分类，并识别出五个关键因素。最后，应用序数优先法来确定这些因素在电子健康记录背景下的优先实施顺序。本研究为电子健康记录背景下的隐私与安全实施，提供了一个先描述性后规范性的框架。因此，该框架的研究结果有助于专业人士和政策制定者改进与电子健康记录相关的安全与隐私保护。