Risk-Aware Information Disclosure

Armando, Alessandro; Bezzi, Michele; Metoui, Nadia; Sabetta, Antonino

doi:10.1007/978-3-319-17016-9_17

Cited by 12 publications

(7 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Risk reduction in access control models are obligations that are usually required to be performed in order to lower the potential impact of a risky access request (Irwin et al, 2006;Pontual et al, 2011). Risk can be reduced by several means such as utilizing anonymization techniques (Armando et al, 2015;Taneja et al, 2015;Shaden et al, 2017) for protection against potential vulnerabilities, increasing security measures of the system by increasing the length of encryption keys or imposing a set of rules and required actions. Such obligations, of which all are supervised by the system, need to be satisfied by the user before or after access is granted (Díaz-López et al, 2016).…”

Section: Risk Reduction Techniquesmentioning

confidence: 99%

Risk Reduction Privacy Preserving Approach for Accessing Electronic Health Records

Saxena

Pushkar

2021

International Journal of Healthcare Information Systems and Informatics

View full text Add to dashboard Cite

In the healthcare field, preserving privacy of the patient's electronic health records has been an elementary issue. Numerous techniques have been emerged to maintain privacy of the susceptible information. Acting as a first line of defence against illegal access, traditional access control schemes fall short of defending against misbehaviour of the already genuine and authoritative users: a risk that can harbour overwhelming consequences upon probable data release or leak. This paper introduces a novel risk reduction strategy for the healthcare domain so that the risk related with an access request is evaluated against the privacy preferences of the patient who is undergoing for the medical procedure. The proposed strategy decides the set of data objects that can be safely uncovered to the healthcare service provider such that unreasonably repeated tests and measures can be avoided and the privacy preferences of the patient are preserved.

show abstract

Section: Risk Reduction Techniquesmentioning

confidence: 99%

Risk Reduction Privacy Preserving Approach for Accessing Electronic Health Records

Saxena

Pushkar

2021

International Journal of Healthcare Information Systems and Informatics

View full text Add to dashboard Cite

show abstract

“…They then try to impose mitigation measures to counter the posed risk. As such, the systems evaluate the risk posed by a data access request, and provide it with appropriate protection measures [ 67 , 102 , 103 ]. In essence, more mitigation measures would be imposed on requests of higher sensitivity (requests for data with higher potential for injury or from requester that are not highly trusted).…”

Section: Current Practicementioning

confidence: 99%

Informed Consent in Biomedical Research

Dankar

Gergely

Dankar³

2019

Computational and Structural Biotechnology Journal

View full text Add to dashboard Cite

Informed consent is the result of tumultuous events in both the clinical and research arenas over the last 100 years. Throughout this time, the notion of informed consent has shifted tremendously, both due to advances in medicine, as well as the type of data being gathered. As such, informed consent has misaligned with the goals of medical research. It is becoming more and more vital to address this chasm, and begin building new frameworks to link this disconnect. Thus, we address three goals in this paper. First, we discuss the history of informed consent and unify the varying definitions of the term. Second, we evaluate the current research on the topic, classify them into themes, and attend to the problems therein. Lastly, we employ these themes of informed consent research mentioned previously to provide guidance and insight for future research in the arena.

show abstract

“…In [25], anonymization using k-anonymity measure is used to mitigate the risk associated with data disclosure. In their model, the access control is enhanced with risk assessment such that the risk that can be incurred from querying a dataset is calculated and, then, lowered via returning anonymized data; which ultimately protects privacy.…”

Section: S S Alaqeeli Et Almentioning

confidence: 99%

“…In the former, risk assessment investigated the ways to assess the riskiness of an access request before granting access to the resources [17]- [21]; namely, quantifying the risk. In the latter, efforts focused on approaches and strategies that bring down the risk that has already been assessed [23] [24] [25].…”

Section: Introductionmentioning

confidence: 99%

Privacy Preserving Risk Mitigation Approach for Healthcare Domain

Aqeeli¹,

Al-Rodhaan²,

Tian³

et al. 2018

ETSN

View full text Add to dashboard Cite

In the healthcare domain, protecting the electronic health record (EHR) is crucial for preserving the privacy of the patient. To help protect the sensitive data, access control mechanisms can be utilized to restrict access to only legitimate users. However, an issue arises when the authorized users abuse their access privileges and violate privacy preferences of the patients. While traditional access control schemes fall short of defending against the misbehavior of authorized users, risk-aware access control models can provide adaptable access to the system resources based on assessing the risk of an access request. When an access request is deemed risky, but within acceptable thresholds, risk mitigation strategies can be exploited to minimize the risk calculated. This paper proposes a risk-aware, privacy-preserving risk mitigation approach that can be utilized in the healthcare domain. The risk mitigation approach controls the patient's medical data that can be exposed to healthcare professionals, according to their trust level as well as the risk incurred of such data exposure, by developing a novel Risk Measure formula. The developed Risk Measure is proven to manage the risk effectively. Furthermore, Risk Mitigation Data Disclosure algorithms, RIMIDI 0 and RIMIDI 1 , which utilize the developed risk measures, are proposed. Experimental results show the feasibility and effectiveness of the proposed method in preserving the privacy preferences of the patient. Since the proposed approach exposes the patient's data that are relevant to the undergoing medical procedure while preserving the privacy preferences, positive outcomes can be realized, which will ultimately bring forth quality healthcare services.

show abstract

Risk-Aware Information Disclosure

Cited by 12 publications

References 13 publications

Risk Reduction Privacy Preserving Approach for Accessing Electronic Health Records

Risk Reduction Privacy Preserving Approach for Accessing Electronic Health Records

Informed Consent in Biomedical Research

Privacy Preserving Risk Mitigation Approach for Healthcare Domain

Contact Info

Product

Resources

About