Security and Privacy in eHealth: Is it possible?

Sahama, Tony; Simpson, Leonie; Lane, Bill

doi:10.1109/healthcom.2013.6720676

Cited by 53 publications

(39 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Emerging e-health mechanism [1], which integrates advancing information technology, such as electronic health records and data outsourcing, is recognized as an enabling technique that provides diversified modern healthcare applications and services, e.g., disease prevention and epidemic situation analysis. For an example, Fig.…”

Section: Introductionmentioning

confidence: 99%

Efficient e-health data release with consistency guarantee under differential privacy

Lin

2015

2015 17th International Conference on E-Health Networking, Application &Amp; Services (HealthCom)

View full text Add to dashboard Cite

E-health data release, which answers the statistical queries of the Electronic Health Records (EHRs), has been widely adopted in modern health care services. However, since the EHRs contain sensitive information of the patients, the data release procedure may lead to the leakage of the privacy of patients if it is done without necessary protection measures in place. On addressing this, existing research literature introduces differential privacy to provide the necessary privacy guarantee. However, it is not suitable in sensitive e-health environments because it lacks the efficiency for data processing and updating. In this paper, we propose an efficient e-health data release scheme with consistency guarantee under differential privacy. Specifically, we improve the performance of the previous work by designing a new private partition algorithm of histogram and also proposing a heuristic hierarchical query method. We conduct real experiments and compare our scheme with the existing one to show that the proposal is more efficient in terms of data processing and updating. Moreover, we increase the accuracy of data release through consistency and give proof of privacy to show that the proposed algorithm is under -differential privacy.

show abstract

Section: Introductionmentioning

confidence: 99%

Efficient e-health data release with consistency guarantee under differential privacy

Lin

2015

2015 17th International Conference on E-Health Networking, Application &Amp; Services (HealthCom)

View full text Add to dashboard Cite

show abstract

“…Privacy is a critical but unfavourably defined concept, subjected to culturally dependent variables [1]. Privacy of an individual is breached when control over their personal information is lost to that individual [2].…”

Section: Introductionmentioning

confidence: 99%

Managing and sharing health data through Information Accountability protocols

Grunwell

Batista

Campos

et al. 2015

2015 17th International Conference on E-Health Networking, Application &Amp; Services (HealthCom)

Self Cite

View full text Add to dashboard Cite

Concerns over the security and privacy of patient information are one of the biggest hindrances to sharing health information and the wide adoption of eHealth systems. At present, there are competing requirements between healthcare consumers' (i.e. patients) requirements and healthcare professionals' (HCP) requirements. While consumers want control over their information, healthcare professionals want access to as much information as required in order to make wellinformed decisions and provide quality care. In order to balance these requirements, the use of an Information Accountability Framework devised for eHealth systems has been proposed. In this paper, we take a step closer to the adoption of the Information Accountability protocols and demonstrate their functionality through an implementation in FluxMED, a customisable EHR system.

show abstract

“…Digital security is generally understood as a 'weakest link' problem, so the system cannot be considered secure unless all aspects are dealt with adequately, and with regard to eHealth, many people consider this unlikely to be achieved, hence, the continuing concerns over information privacy [5]. On the other hand, others consider eHealth systems an opportunity to achieve better security and privacy protection than what is available in paper-based systems through additional security functionalities: user authentications and authorizations, the retention of back-up files, user defined storage and retrievals and accountability measures, monitoring and logging access to records, and establishing audit trails and other mechanisms to enable information accountability [5].…”

Section: Ehealth Environmentmentioning

confidence: 99%

“…On the other hand, others consider eHealth systems an opportunity to achieve better security and privacy protection than what is available in paper-based systems through additional security functionalities: user authentications and authorizations, the retention of back-up files, user defined storage and retrievals and accountability measures, monitoring and logging access to records, and establishing audit trails and other mechanisms to enable information accountability [5]. However, these require a more comprehensive approach than an attempt to add on technological security measures to an incompletely specified eHealth system.…”

Section: Ehealth Environmentmentioning

confidence: 99%

Design science research towards resilient cyber-physical eHealth systems

Rajamäki

Pirinen

2017

FinJeHeW

View full text Add to dashboard Cite

Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared -and with whom. From citizens' point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from "threat, crime, attack" to "trust" and "resilience". Creating confidence in safe digital future is truly needed in the integration of the digital and physical world's leading to a new digital revolution. The precondition for the exchange of information "trust" must be systematically built at every CPS' level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur.

show abstract

Security and Privacy in eHealth: Is it possible?

Cited by 53 publications

References 4 publications

Efficient e-health data release with consistency guarantee under differential privacy

Efficient e-health data release with consistency guarantee under differential privacy

Managing and sharing health data through Information Accountability protocols

Design science research towards resilient cyber-physical eHealth systems

Contact Info

Product

Resources

About