Abstract
Australian My Health Record (MyHR) system must enable efficient availability of meaningful, accurate, complete and up-to-date health data. However, the major challenge must be to ensure the security of the clinical information of the MyHR. The foremost question that remains unanswered is βare current information security settings adequate to protect MyHR?β. To build an adequate security setup and increase the uptake of the MyHR system, it is imperative to show the MyHR is safe to use. In addressing this issue and implementing the adoption of the initiative, we determine and systematically analyse the existing threats to the system. We assess strengths of various solutions against possible threats and discuss the development and implementation process of the proposed model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bosch, M. et al.: Review article: effectiveness of patient care teams and the role of clinical expertise and coordination: a literature review. Med. Care Res. Rev. (2009)
Kannampallil, T.G., et al.: Considering complexity in healthcare systems. J. Biomed. Inf. 44, 943β947 (2011)
Wang, H., Sun, L., Bertino, E.: Building access control policy model for privacy preserving and testing policy conflicting problems. J. Comput. Syst. Sci. 80(8), 1493β1503 (2014)
Zhang, Y., et al.: On secure wireless communications for IoT under eavesdropper collusion. IEEE Trans. Autom. Sci. Eng. 13(3), 1281β1293 (2016)
Zhang, J., et al.: On efficient and robust anonymization for privacy protection on massive streaming categorical information. IEEE Trans. Dependable Secure Comput. 14(5), 507β520 (2017)
Chin, T.: Security breach: hacker gets medical records. Am. Med. News 44, 18β19 (2001)
Sun, X., et al.: Publishing anonymous survey rating data. Data Min. Knowl. Disc. 23(3), 379β406 (2011)
Kabir, M.E., Wang H.: Conditional purpose based access control model for privacy protection. In: Proceedings of the Twentieth Australasian Conference on Australasian Database, vol. 92, pp. 135β142 (2009)
Wang, H., Sun L.: Trust-involved access control in collaborative open social networks. In: The 4thInternational Conference on Network and System Security, pp. 239β246 (2010)
Zhang, J., Tao, X., Wang, H.: Outlier detection from large distributed databases. World Wide Web. 17(4), 539β568 (2014)
Carter, M.: Integrated electronic health records and patient privacy: possible benefits but real dangers. Med. J. Aust. 172, 28β30 (2000)
Sittig, D.F., Singh, H.: Defining health information technology-related errors: new developments since to err is human. Arch. Intern Med. 171, 1281β1284 (2011)
Wang, H., Zhang, Z., Taleb, T.: Special issue on security and privacy of IoT. World Wide Web 21(1), 1β6 (2018)
Weir, C.R., et al.: Direct text entry in electronic progress notes. An evaluation of input errors. Methods Inf. Med. 42, 61β67 (2003)
Wang, H., Cao, J., Zhang, Y.: Ticket-based service access scheme for mobile users. Aust. Comput. Sci. Commun. 24(1), 285β292 (2002)
Australian Government: The eHealth consultation (2013). http://www.health.gov.au/internet/main/publishing.nsf/Content/pacd-ehealth-consultation-faqs. Accessed 15 Mar 2015
Shu, J., et al.: Privacy-preserving task recommendation services for crowd sourcing. IEEE Trans. Serv. Comput. (2018). https://doi.org/10.1109/TSC.2018.2791601
American Health Information Management Association: AHIMA Data Quality Management Model (2012)
Kabir, M.E., Wang, H., Bertino, E.: A role-involved purpose-based access control model. Inf. Syst. Front. 14(3), 809β822 (2012)
Wang, H., Jiang, X., Kambourakis, G.: Special issue on security, privacy and trust in network-based big data. Inf. Sci. 318(C), 48β50 (2015)
Wang, H., Cao, J., Zhang, Y.: Ubiquitous computing environments and its usage access control. In: Proceedings of the 1st International Conference on Scalable Information Systems, Hong Kong, p. 6 (2006)
Vimalachandran, P., Wang, H., Zhang, Y., Zhuo, G., Kuang, H.: Cryptographic access control in electronic health record systems: a security implication. In: Bouguettaya, A., et al. (eds.) WISE 2017. LNCS, vol. 10570, pp. 540β549. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68786-5_43
Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Commun. Mag. 32, 40β48 (1994)
Wang, H., Cao, J., Zhang, Y.: A flexible payment scheme and its role-based access control. TKDE 17(3), 425β436 (2005)
Li, H., et al.: Multi-window based ensemble learning for classification of imbalanced streaming data. World Wide Web 20(6), 1507β1525 (2017)
Sun, X., Wang, H., Li, J., Truta, T.M.: Enhanced p-sensitive k-anonymity models for privacy preserving data publishing. Trans. Data Priv. 1(2), 53β66 (2008)
Sun, L., et al.: Semantic access control for cloud computing based on e-Healthcare. In: IEEE 16th International Conference on Computer Supported Cooperative Work in Design, pp. 512β518 (2012)
Li, M., et al.: Privacy-aware access control with trust management in web service. World Wide Web 14(4), 407β430 (2011)
Sun, X., et al,: An efficient hash-based algorithm for minimal k-anonymity. In: Proceedings of the thirty-first Australasian Conference on Computer Science, vol. 74, pp. 101β107 (2008)
Sun, X., et al.: Injecting purpose and trust into data anonymization. Comput. Secur. 30(5), 332β345 (2011)
Sun, X., et al.: Satisfying privacy requirements before data anonymization. Comput. J. 55(4), 422β437 (2012)
Mark, E., Serge, B.: A case study in access control requirements for a health information system. In: Proceedings of the Second Workshop on Australasian Information Security, Data Mining and Web Intelligence, and Software Internationalisation, vol. 32, pp. 53β61 (2004)
Motta, G., Furuie, S.: A contextual role-based access control authorization model for electronic patient records. IEEE Trans. Inf Technol. Biomed. 7(3), 202β207 (2003)
Vimalachandran, P., et al.: The Australian PCEHR system: ensuring privacy and security through an improved access control mechanism. EAI Endorsed Trans. Scalable Inf. Syst. 3(8), e4 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Β© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Vimalachandran, P., Zhang, Y., Cao, J., Sun, L., Yong, J. (2018). Preserving Data Privacy and Security in Australian My Health Record System: A Quality Health Care Implication. In: Hacid, H., Cellary, W., Wang, H., Paik, HY., Zhou, R. (eds) Web Information Systems Engineering β WISE 2018. WISE 2018. Lecture Notes in Computer Science(), vol 11234. Springer, Cham. https://doi.org/10.1007/978-3-030-02925-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-02925-8_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02924-1
Online ISBN: 978-3-030-02925-8
eBook Packages: Computer ScienceComputer Science (R0)