Abstract
It may be argued that medical information systems are subject to the same type of threats and compromises that plague general information systems, and that it does not require special attention from a research viewpoint. The firsthand experience of experts in information security and assurance who studied or worked with health applications has been of a different sort: While general principles of security still apply in the medical information field, a number of unique characteristics of the health care business environment suggest a more tailored approach. In this paper we describe some recent results of an on-going research on medical information privacy carried out at the Johns Hopkins University under the support of the National Science Foundation (NSF).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
S. D. Warren and L. D. Brandeis. The right to privacy. Harvard Law Rev. 4, pages 193–220, 1890.
A. F. Westin. Privacy and Freedom. Atheneum, New York, 1967.
D. F. Linowes and R. C. Spencer. How employers handle employees’ personal information. http://www.kentlaw.edu/ilw/erepj/v1n1/lino-main.htm, 1997.
S. Lehrman. Keeping your genes private. GeneLetter.
N. Keene, W. Hobbie, and K. Ruccione. Childhood cancer survivors. http://www.patientcenters.com/survivors/news/jobs.html, OncoNurse.com.
C. Jabs. The myth of privacy: Technology is putting your medical history on public view-and you in jeopardy. FamilyPC, 2001.
R. J. Anderson. A security policy model for clinical information systems. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, 1996.
D. Clark and D. Wilson A comparison of commercial and military security practices. In Proceedings of the IEEE Symposium in Security and Privacy, IEEE Press, 1987.
T. Albert. Doctors ask AMA to assure some privacy for their prescription pads. http://www.ama-assn.org/sci-pubs/amnews/pick_00/prl11225.htm, American Medical News. 2000.
Ohio State Board of Pharmacy. Confidentiality of patient records. http://www.state.oh.us/pharmacy/rules/4729-05-29.html. 1999.
T. Albert. Records privacy extended to pharmacies. http://www.ama-assn.org/sci-pubs/amnews/pick_01/prsb0402.htm, American Medical News. 2001.
WebMD Health. My Health Record, http://my.webmd.com/my_health_record.
Office for Civil Rights. Standards for privacy of individually identifiable health information. http://www.hhs.gov/ocr/hipaa/finalmaster.html. 2001.
D. Chaum and E. van Heyst. Group signatures. In Advances in Cryptology-EUROCRYPT’91, vol. 547 of LNCS, pp. 257–265, Springer-Verlag, 1991.
D. Chaum, Security Without Identification: Transactions Systems to Make Big Brother Obsolete, CACM Vol. 28, No. 10, October 1985.
D. Chaum and J. Evertse. A secure and privacy-protecting protocol for transmitting personal information between organizations. In Advances in Cryptology-CRYPTO’86, pp. 118–167. Springer-Verlag, 1986.
I. Damgåard. Payment systems and credential mechanisms with provable security against abuse by individuals. In Advances in Cryptology-CRYPTO’88, pp. 328–335, Springer-Verlag, 1988.
L. Chen. Access with pseudonyms. In Cryptography: Policy and Algorithms, pp. 232–243. Springer-Verlag, 1995.
A. Lysyanskaya, R. Rivest, A. Sahai, and S. Wolf. Pseudonym Systems. In Selected Areas in Cryptography. Springer-Verlag 1999.
Jan Camenisch and Anna Lysyanskaya. Efficient Non-transferable Anonymous Multi-show Credential System with Optional Anonymity Revocation. In Eurocrypt’ 01. Springer Verlag, 2001.
G. Ateniese, M. Joye, J. Camenisch, and G. Tsudik. A Practical and Provably Secure Coalition-resistant Group Signature Scheme. In In Advances in Cryptology-CRYPTO 2000. Volume 1880 of LNCS, pages 255–270, Springer Verlag, August 2000.
G. Ateniese and B. de Medeiros. Anonymous E-Prescription. In ACM Workshop on Privacy in the Electronic Society (WPES’ 02),Washington D.C., USA, November 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ateniese, G., Curtmola, R., de Medeiros, B., Davis, D. (2003). Medical Information Privacy Assurance: Cryptographic and System Aspects. In: Cimato, S., Persiano, G., Galdi, C. (eds) Security in Communication Networks. SCN 2002. Lecture Notes in Computer Science, vol 2576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36413-7_15
Download citation
DOI: https://doi.org/10.1007/3-540-36413-7_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00420-2
Online ISBN: 978-3-540-36413-9
eBook Packages: Springer Book Archive