Abstract
Australian My Health Record (MyHR) system must enable efficient availability of meaningful, accurate, complete and up-to-date health data. However, the major challenge must be to ensure the security of the clinical information of the MyHR. The foremost question that remains unanswered is ‘are current information security settings adequate to protect MyHR?’. To build an adequate security setup and increase the uptake of the MyHR system, it is imperative to show the MyHR is safe to use. In addressing this issue and implementing the adoption of the initiative, we determine and systematically analyse the existing threats to the system. We assess strengths of various solutions against possible threats and discuss the development and implementation process of the proposed model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bosch, M. et al.: Review article: effectiveness of patient care teams and the role of clinical expertise and coordination: a literature review. Med. Care Res. Rev. (2009)
Kannampallil, T.G., et al.: Considering complexity in healthcare systems. J. Biomed. Inf. 44, 943–947 (2011)
Wang, H., Sun, L., Bertino, E.: Building access control policy model for privacy preserving and testing policy conflicting problems. J. Comput. Syst. Sci. 80(8), 1493–1503 (2014)
Zhang, Y., et al.: On secure wireless communications for IoT under eavesdropper collusion. IEEE Trans. Autom. Sci. Eng. 13(3), 1281–1293 (2016)
Zhang, J., et al.: On efficient and robust anonymization for privacy protection on massive streaming categorical information. IEEE Trans. Dependable Secure Comput. 14(5), 507–520 (2017)
Chin, T.: Security breach: hacker gets medical records. Am. Med. News 44, 18–19 (2001)
Sun, X., et al.: Publishing anonymous survey rating data. Data Min. Knowl. Disc. 23(3), 379–406 (2011)
Kabir, M.E., Wang H.: Conditional purpose based access control model for privacy protection. In: Proceedings of the Twentieth Australasian Conference on Australasian Database, vol. 92, pp. 135–142 (2009)
Wang, H., Sun L.: Trust-involved access control in collaborative open social networks. In: The 4thInternational Conference on Network and System Security, pp. 239–246 (2010)
Zhang, J., Tao, X., Wang, H.: Outlier detection from large distributed databases. World Wide Web. 17(4), 539–568 (2014)
Carter, M.: Integrated electronic health records and patient privacy: possible benefits but real dangers. Med. J. Aust. 172, 28–30 (2000)
Sittig, D.F., Singh, H.: Defining health information technology-related errors: new developments since to err is human. Arch. Intern Med. 171, 1281–1284 (2011)
Wang, H., Zhang, Z., Taleb, T.: Special issue on security and privacy of IoT. World Wide Web 21(1), 1–6 (2018)
Weir, C.R., et al.: Direct text entry in electronic progress notes. An evaluation of input errors. Methods Inf. Med. 42, 61–67 (2003)
Wang, H., Cao, J., Zhang, Y.: Ticket-based service access scheme for mobile users. Aust. Comput. Sci. Commun. 24(1), 285–292 (2002)
Australian Government: The eHealth consultation (2013). http://www.health.gov.au/internet/main/publishing.nsf/Content/pacd-ehealth-consultation-faqs. Accessed 15 Mar 2015
Shu, J., et al.: Privacy-preserving task recommendation services for crowd sourcing. IEEE Trans. Serv. Comput. (2018). https://doi.org/10.1109/TSC.2018.2791601
American Health Information Management Association: AHIMA Data Quality Management Model (2012)
Kabir, M.E., Wang, H., Bertino, E.: A role-involved purpose-based access control model. Inf. Syst. Front. 14(3), 809–822 (2012)
Wang, H., Jiang, X., Kambourakis, G.: Special issue on security, privacy and trust in network-based big data. Inf. Sci. 318(C), 48–50 (2015)
Wang, H., Cao, J., Zhang, Y.: Ubiquitous computing environments and its usage access control. In: Proceedings of the 1st International Conference on Scalable Information Systems, Hong Kong, p. 6 (2006)
Vimalachandran, P., Wang, H., Zhang, Y., Zhuo, G., Kuang, H.: Cryptographic access control in electronic health record systems: a security implication. In: Bouguettaya, A., et al. (eds.) WISE 2017. LNCS, vol. 10570, pp. 540–549. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68786-5_43
Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Commun. Mag. 32, 40–48 (1994)
Wang, H., Cao, J., Zhang, Y.: A flexible payment scheme and its role-based access control. TKDE 17(3), 425–436 (2005)
Li, H., et al.: Multi-window based ensemble learning for classification of imbalanced streaming data. World Wide Web 20(6), 1507–1525 (2017)
Sun, X., Wang, H., Li, J., Truta, T.M.: Enhanced p-sensitive k-anonymity models for privacy preserving data publishing. Trans. Data Priv. 1(2), 53–66 (2008)
Sun, L., et al.: Semantic access control for cloud computing based on e-Healthcare. In: IEEE 16th International Conference on Computer Supported Cooperative Work in Design, pp. 512–518 (2012)
Li, M., et al.: Privacy-aware access control with trust management in web service. World Wide Web 14(4), 407–430 (2011)
Sun, X., et al,: An efficient hash-based algorithm for minimal k-anonymity. In: Proceedings of the thirty-first Australasian Conference on Computer Science, vol. 74, pp. 101–107 (2008)
Sun, X., et al.: Injecting purpose and trust into data anonymization. Comput. Secur. 30(5), 332–345 (2011)
Sun, X., et al.: Satisfying privacy requirements before data anonymization. Comput. J. 55(4), 422–437 (2012)
Mark, E., Serge, B.: A case study in access control requirements for a health information system. In: Proceedings of the Second Workshop on Australasian Information Security, Data Mining and Web Intelligence, and Software Internationalisation, vol. 32, pp. 53–61 (2004)
Motta, G., Furuie, S.: A contextual role-based access control authorization model for electronic patient records. IEEE Trans. Inf Technol. Biomed. 7(3), 202–207 (2003)
Vimalachandran, P., et al.: The Australian PCEHR system: ensuring privacy and security through an improved access control mechanism. EAI Endorsed Trans. Scalable Inf. Syst. 3(8), e4 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Vimalachandran, P., Zhang, Y., Cao, J., Sun, L., Yong, J. (2018). Preserving Data Privacy and Security in Australian My Health Record System: A Quality Health Care Implication. In: Hacid, H., Cellary, W., Wang, H., Paik, HY., Zhou, R. (eds) Web Information Systems Engineering – WISE 2018. WISE 2018. Lecture Notes in Computer Science(), vol 11234. Springer, Cham. https://doi.org/10.1007/978-3-030-02925-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-02925-8_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02924-1
Online ISBN: 978-3-030-02925-8
eBook Packages: Computer ScienceComputer Science (R0)