Abstract
Medical database2) security aims, generally speaking, at
-
high availability, accuracy, integrity and consistency of stored data, as well as at
-
medical professional secrecy and confidentiality (oath of Hippokrates), and
-
privacy as the individuals constitutional right of ‘informational self-determination’ [Co74, Bvg83], in particular to determine and to effectively supervise the collection, maintenance, use, dissemination, and deletion of their data.
A first version of this paper was presented at EC.AIM Working Conference on Data Protection and Confidentiality in Health Informatics, Brussels, March 19–21, 1990.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Atkinson, M., Banciltion, F., DeWitt, D., Dittrich, K., Maier, D., Zdonik, S., The object-oriented database system manifesto, Proc. 1st Inf. Conf. on Deductive and Object-Oriented Databases, Kyoto, Japan, 1989.
Bakker, A.R., Practical Aspects of Data Protection in a Hospital Information System, in: Data Protection in Health Information Systems — Where do we stand ?, North-Holland, 1983, 169–180.
Bakker, A.R., Louwerse, C.P., Kouwenberg, J.M.L., Data Integrity in an Integrated Hospital Information System, Practical Experiences, MEDINFO-83, North-Holland, 959–962.
Beier, B., Datenschutz in dem medizinischen Informationssystem BAIK, Part 1: Datenschutz und Datensicherung, 1983, 245–250
Beier, B., Datenschutz in dem medizinischen Informationssystem BAIK, Part 2: Datenschutz und Datensicherung, 1984, 109–116.
Beier, B., Das medizinische Informationssystem BAIK im Spiegel des Datenschutzes, Proc. 29. Jahrestagung GMDS, Frankfurt, Medizinische Informatik und Statistik 58, Springer, 421–428.
Bell, D.E., LaPadula, L.J., Secure Computer Systems, Mitre Corporation, Bedford, 1974.
Biskup, J., Brüggemann, H.H., The Personal Model of Data — Towards a Privacy-Oriented Information System, Computers & Security, Vol.7 (1988), 575–597.
Biskup, J., Privacy Respecting Permissions and Rights, in [La 88], 173–185.
Biskup, J., Protection of privacy and confidentiality in medical information systems: problems and guidelines, in [LaSp90], to appear.
Biskup, J., A general framework for database security, draft paper, Hildesheim, 1990.
Brüggemann, H.H., Interaction of authorities and acquaintances in the DORIS privacy model of data, Proc. MFDBS 89, Lecture Notes in Computer Science 364, Springer, 1989, pp. 85 – 99.
Bundesverfassungsgericht, Urteil vom 15. Dezember zum Volkszählungsgesetz 1983 (in German), Bundesanzeiger 35, 241a (1983).
Chen, P.P.-S., The entity-relationship-model — towards a unified view of data, ACM Transactions on Database Systems 1 (1976), pp. 9–36.
Chaum, D.L., Untraceable electronic mail, return addresses and digital pseudonyms, Communications of the ACM 24 (1981), no. 2, 84 – 88.
Chaum, D.L., Security without identification: transaction systems to make big brother obsolete, Communications of the ACM 28 (1985), no. 10, 1030 – 1044.
Clark, D.D., Wilson, D.R., A comparison of commercial and military computer security policies, Proc. IEEE Symp. on Security and Privacy, 1987, Oakland, CA, 184–194.
Congress, 93rd — 2nd Session, Privacy Act of 1974, Public Law 93 – 579.
Dobson, J., Security and Databases: A Personal View, in [La 88], 11–21.
Department of Defense Computer Science Security Center, Trusted Computer Science Systems Evaluation Criteria, CSC-STD-011-83, Fort Meode, 1983.
Dobson, J. E., McDermid, J. A., Security Models and Enterprise Models in [La89], 1–39.
Eys, J. van, Confidentiality of medical records in pediatric cancer care, The American Journal of Pediatric Hematology/Oncology 6 (1984), no. 4, 415 – 423.
Fugini, M., Secure database development methodologies, in Landwehr, C.E. (ed.), Database Security: Status and Prospects, North-Holland, 1988; [La88], 103–129.
Giere, W., BAIK-Befunddokumentation und Arztbrief schreibung im Krankenhaus, Media, Taunusstein, 1986.
Glasgow, J., MacEwen, G., Panangoden, P., Security by permission in databases, in [La89], 197 – 205.
Griesser, G., Jardel, J.P., Kenny, D.J., Sauter, K., Data Protection in Health Information Systems — Where do we stand? Proc. IFIP — IMIA WG 4 Working Conf., Kiel, Sept. 1982, North-Holland, 1983.
Haigh, J.T., Modeling database security requirements, in [La 88], 45–56.
Haas, P., Möhr, J.R., Sawinski, R., Wiederspohn, J., Victor, N., EDV-Gesamtkonzept Universitätsklinikum Heidelberg, Proc. 31. Jahrestagung GMDS, 1986, Göttingen, Medizinische Informatik und Statistik 64, Springer, 265–268.
Hull, R., King, R., Semantic database modeling: survey, applications, and research issues, ACM Computing Surveys 19 (1987), pp. 201–260.
Landwehr, C.E. (ed.), Database Security: Status and Prospects, North-Holland, 1988.
Landwehr, C.E. (ed.), Database Security II: Status and Prospects, North-Holland, 1989.
Landwehr, C.E., Spooner, D. (eds.) Database Security III: Status and Prospects, North-Holland, 1990, to appear.
Lochovsky, F.H., Woo, C.C., Role-based security in data base management systems, in [La 88], 209–222.
Louwerse, C.P., Bakker, A.R., Kouwenberg, J.M.L., Data Protection in a Large Hospital Information System: A Case Study on Implemented Measures and Experiences, MEDINFO 86, North-Holland, 834–838.
Louwerse, C.P., Kouwenberg, J.M.L., Data Protection Aspects in an Integrated Hospital Information System, Computers & Security, Vol.3 (1984), 286–294.
Louwerse, C.P., Zanden, H.G.M. van der, Impact of a Hospital Information System on Hospital Organization, Medical Informatics Europe 1984, Lecture Notes in Medical Informatics 24, 693–698.
MacEwen, G.H., Effects of distributed system technology on database security, in [La 88], 253–261.
Marel, J. van der, Bakker, A.R., User Accessrights in an Integrated Hospital Information System, MEDINFO-83, North-Holland, 963–966
Möhr, J.R., Haas P., Sawinski, R., Wiedersphon, J., Victor, N., EDV-Gesamtkonzeption-Klinikum der Ruprecht-Karls-Universität Heidelberg, Universität Heidelberg, 1986.
Peckham, J., Maryanski, F., Semantic data models, ACM Computing Surveys 20 (1988), pp. 153–189.
Reichertz, P.L., Datenschutz- und Vertraulichkeitsprobleme medizinischer Daten für Krankenversorgung und Forschung, Münch. med. Wschr. 126 (1984) Nr. 8, Medizin Verlag, 1984.
Selmer, K.S., Legal and social aspects of medical informatics, Proc. Medical Informatics Europe 1988, Lecture Notes in Medical Informatics 35, 42–48.
Sheth, A.P., Heterogeneous distributed databases: issues in integration, Tutorial IEEE 5th Int. Conf. on Data Engineering, Los Angeles, Febr. 1989.
Sawinski, R., Haas, P., Interaktive Definition und Pflege von datenschutzorientierten Benutzerschnittstellen, Proc. 31. Jahrestagung GMDS, 1986, Göttingen, Medizinische Informatik undStatistik 64, Springer, 295–298.
Schneider, W., Impact of Distributed Health Databases on Usage Integrity, in: Data Protection in Health Information Systems — Where do we stand?, North-Holland 1983, 119–129.
Schneider, W., Strategies for Future Systems Architecture and Development: The federalistic approach, Proc. Medical Informatics Europe 1988, Lecture Notes in Medical Informatics 35, 42–48.
Stromberg, C.D., Access to hospital information: problems and strategies, Frontiers of Health Services Management 4 (1987), 3–33.
Ting, T.C., A user-role based data security approach, in [La 88], 187–208.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1990 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biskup, J. (1990). Medical Database Security. In: Reuter, A. (eds) GI — 20. Jahrestagung II. Informatik-Fachberichte, vol 258. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-76119-5_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-76119-5_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-53213-2
Online ISBN: 978-3-642-76119-5
eBook Packages: Springer Book Archive