TOWARD MULTI-SERVICE ELECTRONIC MEDICAL RECORDS STRUCTURE

Conference paper
First Online:

Abstract

EMR, or Electronic Medical Records, considered as the modern way of managing patients’ records. Providing electronic medical health records can improve the quality of service, increase the level of health care provided, save manpower, and resources. Due to the accelerated development in health care, and the adaption of computer and network technology, concerns like information misuse, privacy violation, and identity theft are evolving rapidly. However, depending on traditional access control, encryption, and physical security, each as independent solution, may not be sufficient in an environment where attacks from inside and outside can occur equally likely.

Keywords

Electronic Medical Record Cipher Block Identity Theft Integrity Check Clinical Document Architecture 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in to check access.

References

  1. 1.
    DE-ID DATA CORP, “http://www.de-idata.com/” March 2010.
  2. 2.
    O. Ajayi, R. O. Sinnott, and A. Stell, “Dynamic trust negotiation for flexible e-health collaborations,” in Mardi Gras Conference, (Baton Rouge, Louisiana, USA), p. 8, 2008.Google Scholar
  3. 3.
    A. Berler, S. Spyrou, E. Monochristou, Y. A. Tolias, G. Konnis, N. Magglaveras, and D. Koutsouris, “Risk assessment in integrated regional healthcare networks,” in Interoperability & Security in Medical Information Systems (F. Makedon and J. Ford, eds.), vol. 2, The Electronic Journal for E-Commerce Tools & Applications (eJETA), eJETA.org, May 2007.Google Scholar
  4. 4.
    E. Bertino, P. A. Bonatti, and E. Ferrari, “Trbac: A temporal rolebased access control model,” ACM Trans. Inf. Syst. Secur., vol. 4, no. 3, pp. 191–233, 2001.CrossRefGoogle Scholar
  5. 5.
    R. Bhatti, K. Moidu, and A. Ghafoor, “Policy-based security management for federated healthcare databases (or rhios),” in HIKM, (Sheraton Crystal City Hotel, Arlington, VA), pp. 41–48, International Workshop on Health Information and Knowledge Management (HIKM 2006), November 2006.Google Scholar
  6. 6.
    Capgemini, “http://www.capgemini.com/,” March 2010.
  7. 7.
    M. A. C. Dekker, J. Crampton, and S. Etalle, “Rbac administration in distributed systems,” in SACMAT, pp. 93–102, 2008.Google Scholar
  8. 8.
    DoD, “Trusted computer system evaluation criteria,” DECEMBER 1985.Google Scholar
  9. 9.
    K. E. Emam, “Heuristics for de-identifying health data,” IEEE Security & Privacy, vol. 6, no. 4, pp. 58–61, 2008.MathSciNetCrossRefGoogle Scholar
  10. 10.
    K. E. Emam and F. Kamal, “Protecting privacy using k-anonymity,” Journal of the American Medical Informatics Association, vol. 15, pp. 627–637, August 2008.CrossRefGoogle Scholar
  11. 11.
    E. B. Fernandez and T. Sorgente, “An analysis of modeling flaws in hl7 and jahis,” in SAC, pp. 216–223, 2005.Google Scholar
  12. 12.
    D. F. Ferraiolo and D. R. Kuhn, “Role-based access controls,” in 15th National Computer Security Conference, (National Institute of Standards and Technology, Technology Administration, U.S. Department of Commerce, Gaithersburg, d. 20899 USA), pp. 554 – 563, 1992. 3Google Scholar
  13. 13.
    D. F. Ferraiolo, D. R. Kuhn, and R. Chandramouli, Role-based access control. Computer Security Series, Artech House, 2003.Google Scholar
  14. 14.
    HHS, “US department of health &human services http://aspe.hhs.gov/admnsimp/.” Web site, March 2010.
  15. 15.
    Junzhe and A. C.Weaver, “A dynamic, context-aware security infrastructure for distributed healthcare applications,” in Pervasive Security, Privacy and Trust (PSPT 2004), (University of Virginia, Charlottesville, VA 22904), 2004.Google Scholar
  16. 16.
    J. W. Lebak, J. Yao, and S. Warren, “Hl7-compliant healthcare information system for home monitoring,” in Proceedings of the 26th Annual International Conference of the IEEE EMBS, (Department of Electrical & Computer Engineering, Kansas State University, Manhattan, KS, USA), 2006.Google Scholar
  17. 17.
    Microsoft, “Connected health framework architecture and design blueprint,” March 2009.Google Scholar
  18. 18.
    J. PATRICK R GALLAGHER, “Computer security subsystem interpretation of the trusted computer system evaluation criteria,”September 1988.Google Scholar
  19. 19.
    L. Reed-Fourquet, J. T. Lynch, M. K. Martin, M. Cascio, W.-Y. Leung, and P. P. Ruenhorst, “Managing information privacy & security in healthcare the chime-trust healthcare public key infrastructure and trusted third party services: A case-study,” case study, Healthcare Information and Management Systems Society (HIMSS), Jan 2007. CHIME Inc., Wallingford Connecticut.Google Scholar
  20. 20.
    B. Smith and W. Ceusters, “Hl7 rim: An incoherent standard,” in Studies in Health Technology and Informatics, vol. 124, (University of Buffalo, NY. USA), p. 133138, 2006.Google Scholar
  21. 21.
    A. Stell, R. Sinnott, and O. Ajayi, “Secure, reliable and dynamic access to distributed clinical data,” in Proceedings of the LSGRID2006: Yokohama, (University of Glasgow, National e-Science Centre, Glasgow, G12 8QQ, UK), 2006.Google Scholar
  22. 22.
    C. Stingl and D. Slamanig, “Privacy-enhancing methods for ehealth applications: how to prevent statistical analyses and attacks.” IJBIDM, vol. 3, no. 3, pp. 236–254, 2008.CrossRefGoogle Scholar
  23. 23.
    L. Sweeney, “k-anonymity: A model for protecting privacy,” International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol. 10, pp. 557–570, may 2002.MathSciNetMATHCrossRefGoogle Scholar
  24. 24.
    K. T. Win, H. Phung, L. Young, M. Tran, C. Alcock, and K. Hillman, “Electronic health record system risk assessment: a case study from the minet,” Health Information Management, vol. 32, pp. 43–48, 2004.Google Scholar
  25. 25.
    Z.Wu and A. C.Weaver, “Dynamic trust establishment with privacy protection for web services,” in ICWS, pp. 811–812, 2005.Google Scholar
  26. 26.
    Y. Yang, R. H. Deng, and F. Bao, “Fortifying password authentication in integrated healthcare delivery systems,” in ASIACCS, pp. 255–265, 2006.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  1. 1.DallasUSA

Personalised recommendations