Advertisement

Gap Analysis for Information Security in Interoperable Solutions at a Systemic Level: The KONFIDO Approach

  • J. RasmussenEmail author
  • P. Natsiavas
  • K. Votis
  • K. Moschou
  • P. Campegiani
  • L. Coppolino
  • I. Cano
  • D. Marí
  • G. Faiella
  • O. Stan
  • O. Abdelrahman
  • M. Nalin
  • I. Baroni
  • M. Voss-Knude
  • V. A. Vella
  • E. Grivas
  • C. Mesaritakis
  • J. Dumortier
  • J. Petersen
  • D. Tzovaras
  • L. Romano
  • I. Komnios
  • V. Koutkias
Conference paper
Part of the IFMBE Proceedings book series (IFMBE, volume 66)

Abstract

In this paper, we present a gap analysis study focusing on interoperability of eHealth systems and services coupled with cybersecurity aspects. The study has been conducted in the scope of the KONFIDO EU-funded project, which leverages existing security tools and procedures as well as novel approaches and cutting-edge technology, such as homomorphic encryption and blockchains, in order to create a scalable and holistic paradigm for secure inner and cross-border exchange, storage and overall handling of healthcare data in compliance with legal and ethical norms. The gap analysis relied on desk research, expert opinions and interviews across four thematic areas, namely, eHealth interoperability frameworks, eHealth security software frameworks, end-user perspectives across diverse settings in KONFIDO pilot countries, as well as national cybersecurity strategies and reference reports. A standards-based template has been created as a baseline through which the analysis subjects have been analyzed. The gap analysis identified barriers and constraints as well as open issues and challenges for information security in interoperable solutions at a systemic level. Recommendations derived from the gap analysis will be brought into the forthcoming phases of KONFIDO to shape its technical solutions accordingly.

Keywords

Gap analysis eHealth Interoperability Cross-border health data exchange Cybersecurity 

Notes

Acknowledgements

The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 727528 (KONFIDO—Secure and Trusted Paradigm for Interoperable eHealth Services). This paper reflects only the authors’ views and the Commission is not liable for any use that may be made of the information contained therein.

Conflict of Interest

The authors declare that they have no conflict of interest.

References

  1. 1.
    The Antilope project: https://www.antilope-project.eu/. Accessed 6 Oct 2017
  2. 2.
    The epSOS project: http://www.epsos.eu/. Accessed 6 Oct 2017
  3. 3.
    The JASeHN project: http://jasehn.eu/. Accessed 6 Oct 2017
  4. 4.
    The SemanticHealthNet project: http://www.semantichealthnet.eu/. Accessed 6 Oct 2017
  5. 5.
    The DECIPHER project: http://www.decipherpcp.eu/. Accessed 6 Oct 2017
  6. 6.
    The OpenNCP project: https://openncp.atlassian.net/wiki/. Accessed 6 Oct 2017
  7. 7.
    The STORK 2.0 project: https://www.eid-stork2.eu/. Accessed 6 Oct 2017
  8. 8.
    European union agency for network and information security, security and resilience in eHealth: security challenges and risks, 18 Dec 2015Google Scholar
  9. 9.
    European union agency for network and information security, cyber security and resilience for smart hospitals, 24 Nov 2016Google Scholar
  10. 10.
    The ISO 27 k family of standards: http://www.iso27001security.com/. Accessed 6 Oct 2017

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  • J. Rasmussen
    • 1
    Email author
  • P. Natsiavas
    • 2
  • K. Votis
    • 3
  • K. Moschou
    • 3
  • P. Campegiani
    • 4
  • L. Coppolino
    • 5
  • I. Cano
    • 6
  • D. Marí
    • 7
  • G. Faiella
    • 8
  • O. Stan
    • 9
  • O. Abdelrahman
    • 10
  • M. Nalin
    • 11
  • I. Baroni
    • 11
  • M. Voss-Knude
    • 12
  • V. A. Vella
    • 13
  • E. Grivas
    • 14
  • C. Mesaritakis
    • 14
  • J. Dumortier
    • 15
  • J. Petersen
    • 1
  • D. Tzovaras
    • 3
  • L. Romano
    • 5
  • I. Komnios
    • 16
  • V. Koutkias
    • 2
  1. 1.MedComOdenseDenmark
  2. 2.Centre for Research & Technology HellasInstitute of Applied BiosciencesThermiGreece
  3. 3.Centre for Research & Technology HellasInformation Technologies InstituteThermiGreece
  4. 4.Bit4id s.r.lNaplesItaly
  5. 5.Department of EngineeringUniversity of Naples “Parthenope”NaplesItaly
  6. 6.IDIBAPS, Hospital Clinic de BarcelonaUniversitat de BarcelonaBarcelonaSpain
  7. 7.eHealth R & D Unit, EURECATBarcelonaSpain
  8. 8.Fondazione Santobono PausiliponNaplesItaly
  9. 9.CEA, LISTGif-sur-Yvette CedexFrance
  10. 10.Depertment of Electrical and Electronic EngineeringImperial College of Science Technology and MedicineLondonUK
  11. 11.Telbios s.r.lMilanItaly
  12. 12.Sundhed.dkCopenhagenDenmark
  13. 13.Agency for Health Quality and Assessment of CataloniaBarcelonaSpain
  14. 14.Eulambia Advanced Technologies LtdAthensGreece
  15. 15.Time.lexBrusselsBelgium
  16. 16.Exus Software LtdLondonUK

Personalised recommendations