A Comprehensive Review of the State-of-the-Art on Security and Privacy Issues in Healthcare

Martínez, Antonio López; Pérez, Manuel Gil; Ruiz‐Martínez, Antonio

doi:10.1145/3571156

Cited by 29 publications

(26 citation statements)

References 113 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Security and privacy-aware SRA for EHR should encapsulate design principles and security and privacy guidelines, including explicit guidelines described in [39]. These principles will govern the overall approach to system security, incorporating concepts such as defense-in-depth, least privilege, and secure by default.…”

Section: Review Of Conceptsmentioning

confidence: 99%

Design a Software Reference Architecture to Enhance Privacy and Security in Electronic Health Records

Tertulino,

Ivaki,

Morais

2024

Preprint

View full text Add to dashboard Cite

Healthcare services and organizations rely on Electronic Health Records (EHRs) to manage, store, and transmit patient data records. Consequently, EHRs play a crucial role in providing high-quality services and maintaining the privacy and security of patients' sensitive data. However, designing such complex systems with security and privacy concerns is anything but simple. This study aims to propose a software reference architecture (SRA) tailored for Electronic Health Records (EHRs) with security and privacy considerations, intending to enhance the development of these systems. To achieve this goal, we analyze the classification of reference architectures (RAs), taking into account the primary security and privacy requirements of EHRs along with well-established architectural design methods. We propose a layered architecture for SRA with privacy and security considerations. Subsequently, we derive the following five architecture views for SRA: the feature diagram, the context diagram, the decomposition view, the layered view, and the deployment view. Each view showcases the SRA software architecture from a different perspective.Moreover, we conducted an evaluation of the proposed SRA through its application in a case study. Specifically, we applied the proposed SRA and derived the application architecture from a study focused on Brazilian EHRs. Our analysis highlights the potential issues arising from the absence of an SRA tailored for EHRs, particularly regarding privacy and security concerns surrounding patient data. Through this case study, we demonstrate the practical applicability of our proposed SRA in enhancing EHR systems.

show abstract

Section: Review Of Conceptsmentioning

confidence: 99%

Design a Software Reference Architecture to Enhance Privacy and Security in Electronic Health Records

Tertulino,

Ivaki,

Morais

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…We aggregate the results of the security threats to IoTHDs [123][124][125][126] following the STRIDE method [24,96] in Table 2.…”

Section: Iothd Security Threatsmentioning

confidence: 99%

IoT Health Devices: Exploring Security Risks in the Connected Landscape

Affia

Finch

Jung

et al. 2023

IoT

View full text Add to dashboard Cite

The concept of the Internet of Things (IoT) spans decades, and the same can be said for its inclusion in healthcare. The IoT is an attractive target in medicine; it offers considerable potential in expanding care. However, the application of the IoT in healthcare is fraught with an array of challenges, and also, through it, numerous vulnerabilities that translate to wider attack surfaces and deeper degrees of damage possible to both consumers and their confidence within health systems, as a result of patient-specific data being available to access. Further, when IoT health devices (IoTHDs) are developed, a diverse range of attacks are possible. To understand the risks in this new landscape, it is important to understand the architecture of IoTHDs, operations, and the social dynamics that may govern their interactions. This paper aims to document and create a map regarding IoTHDs, lay the groundwork for better understanding security risks in emerging IoTHD modalities through a multi-layer approach, and suggest means for improved governance and interaction. We also discuss technological innovations expected to set the stage for novel exploits leading into the middle and latter parts of the 21st century.

show abstract

“…In addition, users of WBANs should be educated about the importance of security practices and potential risks. This includes promoting strong password management, recognizing phishing attempts, and providing guidelines on secure usage and handling of WBAN devices [149]- [153].…”

Section: Figure 4 Wban Security Mechanismsmentioning

confidence: 99%

Current security and privacy posture in wireless body area networks

Auko¹

2023

World J. Adv. Res. Rev.

View full text Add to dashboard Cite

Wireless Body Area Networks (WBANs) have emerged as a promising technology for remote health monitoring and healthcare applications. However, ensuring the security and privacy of sensitive health data in WBANs is crucial to foster user trust and prevent unauthorized access or data breaches. This paper provides an overview of the key challenges, techniques, and research gaps in WBAN security and privacy. The findings indicate that the challenges in WBAN security and privacy include resource constraints, compatibility issues, privacy concerns, dynamic network environments, security and usability trade-offs, emerging threat landscape, and user awareness and education. To address these challenges, various security techniques have been developed, such as authentication and authorization mechanisms, encryption, access control, secure communication protocols, intrusion detection systems, and privacy-preserving data handling techniques. Despite the progress made, there are research gaps that require further investigation. These research gaps include the development of secure and lightweight authentication mechanisms, privacy-preserving data analysis techniques, trust and security management frameworks, resilience to insider threats, security of data aggregation and fusion, user-centric security designs, and addressing legal and ethical considerations. Addressing these research gaps and challenges requires collaboration between researchers, device manufacturers, policymakers, and end-users. Ongoing research and innovation are necessary to develop robust security techniques, privacy-enhancing technologies, and user-friendly solutions tailored for WBANs. Additionally, compliance with privacy regulations, user education, and awareness are critical for responsible and ethical use of WBANs.

show abstract

A Comprehensive Review of the State-of-the-Art on Security and Privacy Issues in Healthcare

Cited by 29 publications

References 113 publications

Design a Software Reference Architecture to Enhance Privacy and Security in Electronic Health Records

Design a Software Reference Architecture to Enhance Privacy and Security in Electronic Health Records

IoT Health Devices: Exploring Security Risks in the Connected Landscape

Current security and privacy posture in wireless body area networks

Contact Info

Product

Resources

About