Abstract
EMR, or Electronic Medical Records, considered as the modern way of managing patients’ records. Providing electronic medical health records can improve the quality of service, increase the level of health care provided, save manpower, and resources. Due to the accelerated development in health care, and the adaption of computer and network technology, concerns like information misuse, privacy violation, and identity theft are evolving rapidly. However, depending on traditional access control, encryption, and physical security, each as independent solution, may not be sufficient in an environment where attacks from inside and outside can occur equally likely.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
DE-ID DATA CORP, “http://www.de-idata.com/” March 2010.
O. Ajayi, R. O. Sinnott, and A. Stell, “Dynamic trust negotiation for flexible e-health collaborations,” in Mardi Gras Conference, (Baton Rouge, Louisiana, USA), p. 8, 2008.
A. Berler, S. Spyrou, E. Monochristou, Y. A. Tolias, G. Konnis, N. Magglaveras, and D. Koutsouris, “Risk assessment in integrated regional healthcare networks,” in Interoperability & Security in Medical Information Systems (F. Makedon and J. Ford, eds.), vol. 2, The Electronic Journal for E-Commerce Tools & Applications (eJETA), eJETA.org, May 2007.
E. Bertino, P. A. Bonatti, and E. Ferrari, “Trbac: A temporal rolebased access control model,” ACM Trans. Inf. Syst. Secur., vol. 4, no. 3, pp. 191–233, 2001.
R. Bhatti, K. Moidu, and A. Ghafoor, “Policy-based security management for federated healthcare databases (or rhios),” in HIKM, (Sheraton Crystal City Hotel, Arlington, VA), pp. 41–48, International Workshop on Health Information and Knowledge Management (HIKM 2006), November 2006.
Capgemini, “http://www.capgemini.com/,” March 2010.
M. A. C. Dekker, J. Crampton, and S. Etalle, “Rbac administration in distributed systems,” in SACMAT, pp. 93–102, 2008.
DoD, “Trusted computer system evaluation criteria,” DECEMBER 1985.
K. E. Emam, “Heuristics for de-identifying health data,” IEEE Security & Privacy, vol. 6, no. 4, pp. 58–61, 2008.
K. E. Emam and F. Kamal, “Protecting privacy using k-anonymity,” Journal of the American Medical Informatics Association, vol. 15, pp. 627–637, August 2008.
E. B. Fernandez and T. Sorgente, “An analysis of modeling flaws in hl7 and jahis,” in SAC, pp. 216–223, 2005.
D. F. Ferraiolo and D. R. Kuhn, “Role-based access controls,” in 15th National Computer Security Conference, (National Institute of Standards and Technology, Technology Administration, U.S. Department of Commerce, Gaithersburg, d. 20899 USA), pp. 554 – 563, 1992. 3
D. F. Ferraiolo, D. R. Kuhn, and R. Chandramouli, Role-based access control. Computer Security Series, Artech House, 2003.
HHS, “US department of health &human services http://aspe.hhs.gov/admnsimp/.” Web site, March 2010.
Junzhe and A. C.Weaver, “A dynamic, context-aware security infrastructure for distributed healthcare applications,” in Pervasive Security, Privacy and Trust (PSPT 2004), (University of Virginia, Charlottesville, VA 22904), 2004.
J. W. Lebak, J. Yao, and S. Warren, “Hl7-compliant healthcare information system for home monitoring,” in Proceedings of the 26th Annual International Conference of the IEEE EMBS, (Department of Electrical & Computer Engineering, Kansas State University, Manhattan, KS, USA), 2006.
Microsoft, “Connected health framework architecture and design blueprint,” March 2009.
J. PATRICK R GALLAGHER, “Computer security subsystem interpretation of the trusted computer system evaluation criteria,”September 1988.
L. Reed-Fourquet, J. T. Lynch, M. K. Martin, M. Cascio, W.-Y. Leung, and P. P. Ruenhorst, “Managing information privacy & security in healthcare the chime-trust healthcare public key infrastructure and trusted third party services: A case-study,” case study, Healthcare Information and Management Systems Society (HIMSS), Jan 2007. CHIME Inc., Wallingford Connecticut.
B. Smith and W. Ceusters, “Hl7 rim: An incoherent standard,” in Studies in Health Technology and Informatics, vol. 124, (University of Buffalo, NY. USA), p. 133138, 2006.
A. Stell, R. Sinnott, and O. Ajayi, “Secure, reliable and dynamic access to distributed clinical data,” in Proceedings of the LSGRID2006: Yokohama, (University of Glasgow, National e-Science Centre, Glasgow, G12 8QQ, UK), 2006.
C. Stingl and D. Slamanig, “Privacy-enhancing methods for ehealth applications: how to prevent statistical analyses and attacks.” IJBIDM, vol. 3, no. 3, pp. 236–254, 2008.
L. Sweeney, “k-anonymity: A model for protecting privacy,” International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol. 10, pp. 557–570, may 2002.
K. T. Win, H. Phung, L. Young, M. Tran, C. Alcock, and K. Hillman, “Electronic health record system risk assessment: a case study from the minet,” Health Information Management, vol. 32, pp. 43–48, 2004.
Z.Wu and A. C.Weaver, “Dynamic trust establishment with privacy protection for web services,” in ICWS, pp. 811–812, 2005.
Y. Yang, R. H. Deng, and F. Bao, “Fortifying password authentication in integrated healthcare delivery systems,” in ASIACCS, pp. 255–265, 2006.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this paper
Cite this paper
Alqudah, B.I., Nair, S. (2011). TOWARD MULTI-SERVICE ELECTRONIC MEDICAL RECORDS STRUCTURE. In: Suh, S., Gurupur, V., Tanik, M. (eds) Biomedical Engineering. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-0116-2_19
Download citation
DOI: https://doi.org/10.1007/978-1-4614-0116-2_19
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-0115-5
Online ISBN: 978-1-4614-0116-2
eBook Packages: Computer ScienceComputer Science (R0)