Abstract
Privacy is one of the fundamental issues in health care today. Although, it is a fundamental right of every individual to demand privacy and a variety of laws were enacted that demand the protection of patients’ privacy, approaches for protecting privacy often do not comply with legal requirements or basic security requirements. This paper highlights research directions currently pursued for privacy protection in e-health and evaluates common pseudonymization approaches against legal and technical criteria. Thereby, it supports decision makers in deciding on privacy systems and researchers in identifying the gaps of current approaches for privacy protection as a basis for further research.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Barrows, R.C., Clayton, P.D.: Privacy, confidentiality, and electronic medical records. Journal of the American Medical Informatics Association 13, 139–148 (1996)
Caumanns, J.: Der Patient bleibt Herr seiner Daten. Informatik-Spektrum, pp. 321–331 (2006)
Council of Europe: European Convention on Human Rights. Martinus Nijhoff Publishers (1987)
Ernst, F.R., Grizzle, A.J.: Drug-related morbidity and mortality: Updating the cost-of-illness model. Tech. rep., University of Arizona (2001)
European Union: Directive 95/46/EC of the European Parliament and of the council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities L 281, 31–50 (1995)
European Union, Article 29 Working Party: Working document on the processing of personal data relating to health in electronic health records (EHR) (February 2007)
Fischer-Hübner, S.: IT-Security and Privacy: Design and Use of Privacy-Enhancing Security. Springer, Heidelberg (2001)
Fraunhofer Institut: Spezifikation der Lösungsarchitektur zur Umsetzung der Anwendungen der elektronischen Gesundheitskarte (2005)
Hinde, S.: Privacy legislation: A comparison of the US and european approaches. Computers and Security 22(5), 378–387 (2003)
Hornung, G., Götz, C.F.J., Goldschmidt, A.J.W.: Die küenftige Telematik-Rahmenarchitektur im Gesundheitswesen. Wirtschaftsinformatik 47, 171–179 (2005)
House, E.R.: Assumptions underlying evaluation models. Educational Researcher 7(3), 4–12 (1978)
Neubauer, T., Riedl, B.: Improving patients privacy with pseudonymization. In: Proceedings of the International Congress of the European Federation for Medical Informatics (2008)
Peterson, R.L.: Encryption system for allowing immediate universal access to medical records while maintaining complete patient control over privacy. US Patent Application Publication, No.: US 2003/0074564 A1 (2003)
Pommerening, K., Reng, M.: Secondary use of the Electronic Health Record via pseudonymisation. In: Medical And Care Compunetics 1, pp. 441–446. IOS Press, Amsterdam (2004)
Riedl, B., Neubauer, T., Boehm, O.: Patent: Datenverarbeitungssystem zur Verarbeitung von Objektdaten. Austrian-Patent, No. A 503 291 B1, 2007 (2006)
Riedl, B., Neubauer, T., Goluch, G., Boehm, O., Reinauer, G., Krumboeck, A.: A secure architecture for the pseudonymization of medical data. In: Proceedings of the Second International Conference on Availability, Reliability and Security, pp. 318–324 (2007)
Rindfleisch, T.C.: Privacy, information technology, and health care. Commun. ACM 40(8), 92–100 (1997)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Slamanig, D., Stingl, C.: Privacy aspects of e-health. In: Proceedings of the Third International Conference on Availability, Reliability and Security, pp. 1226–1233 (2008)
Stingl, C., Slamanig, D.: Berechtigungskonzept für ein e-health-portal. In: Schreier, G., Hayn, D., Ammenwerth, E. (eds.) eHealth 2007 - Medical Informatics meets eHealth, vol. 227, pp. 135–140. Österreichische Computer Gesellschaft (2007)
Thielscher, C., Gottfried, M., Umbreit, S., Boegner, F., Haack, J., Schroeders, N.: Patent: Data processing system for patient data. Int. Patent, WO 03/034294 A2 (2005)
United States Department of Health & Human Service: HIPAA administrative simplification: Enforcement; final rule. Federal Register / Rules and Regulations 71(32) (2006)
U.S. Congress: Health Insurance Portability and Accountability Act of 1996. In: 104th Congress (1996)
U.S. Department of Health & Human Services Office for Civil Rights: Summary of the HIPAA Privacy Rule (2003)
Weiss, C.H.: Evaluation: Methods for studying programs and policies, 2nd edn. Prentice-Hall, Englewood Cliffs (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Neubauer, T., Kolb, M. (2009). An Evaluation of Technologies for the Pseudonymization of Medical Data. In: Lee, R., Hu, G., Miao, H. (eds) Computer and Information Science 2009. Studies in Computational Intelligence, vol 208. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01209-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-01209-9_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01208-2
Online ISBN: 978-3-642-01209-9
eBook Packages: EngineeringEngineering (R0)