Security issues for data sharing and service interoperability in eHealth systems: The Nu.Sa. test bed (original) (raw)
Related papers
A Security based Framework for Interoperability of Healthcare Systems
International Journal of Applied Information Systems, 2013
The healthcare domain requires the seamless, secured and meaningful exchange of health related information for effective and efficient patient care. These information are highly sensitive and they are meant to be highly confidential. However, health related information are usually distributed across several heterogeneous and autonomous healthcare systems which makes the interoperability process prone to abuse, medical fraud, inappropriate disclosure of patients' information for secondary purposes by unauthorized persons and misuse. The effects of inadequate security and privacy in healthcare include monetary penalties, loss of revenue, damage to the healthcare system reputation, risk of receiving less information for optimum care, decreased quality of patients' care as well as threat to patients' lives. Consequently, effective information protection within the healthcare domain is highly significant. Hence, this paper examines the security and privacy policies that safeguard sensitive and confidential information in healthcare systems during the exchange and use of vital health information. The paper also proposes a security based framework that seeks to mitigate security risks in healthcare, and thus protect the integrity, confidentiality, and access to health related information.
Secure Sharing of Electronic Health Records in Clouds
Proceedings of the 8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, 2012
In modern healthcare environments, healthcare providers are more willing to shift their electronic medical record systems to clouds. Instead of building and maintaining dedicated data centers, this paradigm enables to achieve lower operational cost and better interoperability with other healthcare providers. However, the adoption of cloud computing in healthcare systems may also raise many security challenges associated with authentication, identity management, access control, trust management, and so on. In this paper, we focus on access control issues in electronic medical record systems in clouds. We propose a systematic access control mechanism to support selective sharing of composite electronic health records (EHRs) aggregated from various healthcare providers in clouds. Our approach ensures that privacy concerns are accommodated for processing access requests to patients' healthcare information. We also demonstrate the feasibility and efficiency of our approach by implementing a proof-of-concept prototype along with evaluation results.
Security and Privacy Issues in Ehealthcare Systems: Towards Trusted Services
International Journal of Advanced Computer Science and Applications, 2016
Recent years have witnessed a widespread availability of electronic healthcare data record (EHR) systems. Vast amounts of health data were generated in the process of treatment in medical centers such hospitals, clinics, or other institutions. To improve the quality of healthcare service, EHRs could be potentially shared by a variety of users. This results in significant privacy issues that should be addressed to make the use of EHR practical. In fact, despite the recent research in designing standards and regulations directives concerning security and privacy in EHR systems, it is still, however, not completely settled out the privacy challenges. In this paper, a systematic literature review was conducted concerning the privacy issues in electronic healthcare systems. More than 50 original articles were selected to study the existing security approaches and figure out the used security models. Also, a novel Context-aware Access Control Security Model (CARE) is proposed to capture the scenario of data interoperability and support the security fundamentals of healthcare systems along with the capability of providing fine-grained access control.
Electronic Health records (EHRs) are clearly in the future of medication. It benefits to all parties providing accurate and well timed health record information. It is essential and dependent upon the certificate of the organization and the certificate of associated complected organizations. The current methodology of wide regulative steering and letting industry do its best has neglected in the fiscal sphere where identity theft has become a substantial crime. Allowing the same consequence to occur in EHRs will both restrain the efficiency, strength and interoperability of organizations. The solution is to contain certificate from the earth up in a style similar to national security systems. To do so across the myriad of historians in health care will ask regulating. This paper searches the foundation for expert solutions and suggests security mechanisms to protect EHRs.
Secure Cloud-based Medical Data Exchange
For decades now, IT technology has been used in the field of medicine and healthcare. Developments in medicine led to a plethora of new diagnostic and imaging possibilities and a flood of corresponding patient data. Nowadays, healthcare is more of an inter-institutional joint effort than it ever was. In IT, the possibilies to process, store and share data have seen a revolution. Both sciences try to keep up with each other, but especially the in the days of ubiquitous networking, ensuring patient data confidentiality has remained a challenge. With cloud computing, a new concept comes along that could fundamentally change the way data is shared and exchanged in healthcare: Low total cost of ownership, excellent scalability and data access without borders of institutions or geographical limitations could provide great benefits. However, the question how to ensure data privacy in such a scenario becomes even more complex. This paper proposes an architecture for a distributed data store based on public cloud storage infrastructures, protected by rights management techniques. The approach is evaluated by showing how it could be applied to the data exchange for the newborn hearing screening programme in Berlin-Brandenburg.
A Secure Protocol for Managing and Sharing Personal Healthcare Data
Studies in Health Technology and Informatics, 2020
Current technologies provide the ability to healthcare practitioners and citizens, to share and analyse healthcare information, thus improving the patient care quality. Nevertheless, European Union (EU) citizens have very limited control over their own health data, despite that several countries are using national or regional Electronic Health Records (EHRs) for realizing virtual or centralized national repositories of citizens’ health records. Health Information Exchange (HIE) can greatly improve the completeness of patients’ records. However, most of the current researches deal with exchanging health information among healthcare organizations, without giving the ability to the citizens on accessing, managing or exchanging healthcare data with healthcare organizations and thus being able to handle their own data, mainly due to lack of standardization and security protocols. Towards this challenge, in this paper a secure Device-to-Device (D2D) protocol is specified that can be used ...
Secure exchange of information in electronic health records
2010
Information technology is expected to become an essential tool in providing reliable information for supporting the delivery of health care services. Nevertheless, incorporating such technologies to support the provision of healthcare raises concerns over the protection of patient"s information. The technological, social and legal implications regarding the access and release of medical data have to be considered carefully during the implementation of interconnected health information systems. Secure and effective data exchange along with the protection of patient"s confidentiality are two issues that electronic health records need to address to make them reliable and secure in a shared care environment. In this thesis, the author explores these issues by analysing several topics regarding electronic health records, communication, exchange of information and security. The result of this analysis provides an understanding of the framework required to support the exchange of EHRs in a shared care environment. The core of this contribution consists in the description of an approach which uses attribute-based encryption to protect the confidentiality of vi patients" information during the exchange of electronic health records among healthcare providers. Attribute-based encryption allows the reinforcing of access policies and reduces the risk of unauthorized access to sensitive information. A prototype version of a communication interface based on the proposed solution has been implemented and tested to evaluate its viability. The prototype has shown that attribute-based encryption provides an answer to restrictions presented by traditional approaches and facilitate the reinforcing of existing security policies over the transmitted data. vii
A Secure Model for Medical Data Sharing
sersc.org
Abstract. Hospitals within a Telemedicine system would like to share their private local database with other hospitals. However, they do not agree to keep a copy of their database into a central server. The central repository (data warehouse) model is not secure ...
Health Information System Security Privacy in View of Interoperability
Journal of Pharmaceutical Care & Health Systems, 2021
Health records involve unique data which are highly subjected to privacy right security checks and its disclosure may lead to violation of this right and therefore cannot be implemented without additional consideration. The health care community has long recognized the potential for health information technology systems in its management, thus improving clinical and health care while reducing costs and this has synergized the access to health care services and information. The mobility in health care provision demands the need for sharing of patient data and this require interoperable health information Technology infrastructure, privacy and security of the resource and this will enhance stakeholders trust and promotes health information interoperability diffusion. It has been noted that the major challenge in the integration of Health Information Record Management system is interoperability and practitioners in a private practice may have difficulty obtaining complete information about a patient who is currently being hospitalized. The study established that interoperability and privacy issues still stands out as the major hindrance to sharing of health care records. There is a need for closer collaboration and trust between the major stakeholders in the industry focusing on their inclusivity in working toward the achievement of interoperability and privacy concerns. Keywords: Health information system; Interoperability; Privacy rights; Information technology
Secure and Privacy-Based Data Sharing Approaches in Cloud Computing for Healthcare Applications
Mediterranean Journal of Basic and Applied Sciences (MJBAS), 2020
The cloud framework is extensively employed in the medical industry for a broad range of applications including medical information storage, distribution, as well as administration. Given the advantages of cloud computing, several medical companies are exploring implementing such techniques to address various difficulties inside the medical sector. It evolved into an essential component of healthcare delivery. It may help medical companies concentrate on their activities, and medical assistance, including clinical management. This provides a safer approach for sharing confidential material with hospitals as well as third-party studies and medical institutes. Nevertheless, because the structure of cloud technology emerges as well as develops fast, especially theoretical and practical implications, significant legal/contractual, economical, customer satisfaction, connectivity, cybersecurity, and confidentiality problems remain in the research phase. In this article, we explain several cloud-based computing services, as well as implementation strategies, also highlight important problems. This study also focuses on safe and secure information exchange options within cloud technology for medical domains.