Abstract
E-health effectively uses information and communications technology to support health-related services for its users.
This is a preview of subscription content, log in via an institution.
References
Gunter, T. D., & Terry, N. P. (2005). The emergence of national electronic health record architectures in the united states and australia: Models, costs, and questions. Journal of Medical Internet Research, 7, 1.
Kaelber, D. C., Jha, A. K., Johnston, D., Middleton, B., & Bates, D. W. (2008). A research agenda for personal health records (phrs). JAMIA, 15(6), 729–736.
Liu, L. S., Shih, P. C., & Hayes, G. R. (2011). Barriers to the adoption and use of personal health record systems. In Proceedings of the 2011 iConference, iConference ’11 (pp. 363–370), New York, NY, USA, 2011. ACM.
Tang, P. C., & Lansky, D. (2005). The missing link: Bridging the patient?provider health information gap. Health Aff (Millwood), 24(5), 1290–1295.
Health, G. Retrieved from http://www.healthvault.com/personal/index.html.
Health Vault, M. Retrieved from http://www.google.com/intl/en-US/health/about/index.html.
Tang, P. C., Ash, J. S., Bates, D. W., Overhage, J. M., & Sands, D. Z. (2006). Personal health records: Definitions, benefits, and strategies for overcoming barriers to adoption. JAMIA, 13(2), 121–126.
Lindenthal, J. J., & Thomas, C. S. (1982). Psychiatrists, the public, and confidentiality. The Journal of Nervous and Mental Disease, 170(6), 319–23.
Li, M., Yu, S., Lou, W., & Ren, K. (2010). Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In SecureComm (pp. 89–106).
Kumar, N., Mathuria, A., & Das, M. L. (2015). Achieving forward secrecy and unlinkability in cloud-based personal health record system. In 2015 IEEE TrustCom/BigDataSE/ISPA, Helsinki, Finland, 20–22 Aug. 2015 (Vol. 1, pp. 1249–1254).
Haas, S., Wohlgemuth, S., Echizen, I., Sonehara, N., & Müller, G. (2011). Aspects of privacy for electronic health records. International Journal of Medical Informatics, 80(2), e26–e31.
Pfitzmann, A., & Hansen, M. (2010). A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. Retrieved Aug. 2010 from http://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.34.pdf. v0.34.
Safran, C., Bloomrosen, M., Hammond, W. E., Labkoff, S. E., Markel-Fox, S., Tang, P. C., et al. (2007). White paper: Toward a national framework for the secondary use of health data: An american medical informatics association white paper. JAMIA, 14(1), 1–9.
Break-glass—An approach to granting access to healthcare systems. Joint security and privacy committee nema/cocir/jira, international medical informatics. Retrieved from http://www.nema.org/prod/med/security/upload/break-glass_-_emergency_access_to_healthcare_systems.pdf.
Mashima, D., & Ahamad, M. (2012). Enabling robust information accountability in e-healthcare systems. In 3rd USENIX Workshop on Health Security and Privacy, HealthSec’12, Bellevue, WA, USA, 6–7 Aug 2012.
Foundation, M. Connecting for health. The personal health working group final report.
Law, U. P. (1996). Health insurance portability and accountability act of 1996. In 104th Congress (pp. 104–191).
Szolovits, P., Doyle, J., Long, W. J., Kohane, I., & Pauker, S. G. (1994). Guardian angel: Patient-centered health information systems, Technical report, Cambridge, MA, USA.
Mandl, K. D., Simons, W. W., Crawford, W. C. R., & Abbett, J. M. (2007). Indivo: a personally controlled health record for health information exchange and communication. BMC Medical Informatics and Decision Making, 7, 25.
Chen, Y.-Y., Lu, J.-C., & ke Jan, J. (2012). A secure EHR system based on hybrid clouds. Journal of Medical Systems 36(5), 3375–3384.
Hu, J., Chen, H.-H., & Hou, T.-W. (2010). A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations. Computer Standards and Interfaces, 32(5–6), 274–280.
Huang, H.-F., & Liu, K.-C. (2011). Efficient key management for preserving HIPAA regulations. Journal of Systems and Software, 84(1), 113–119.
Lee, W.-B., & Lee, C.-D. (2008). A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Transactions on Information Technology in Biomedicine, 12(1), 34–41.
Lee, W.-B., Lee, C.-D., & Ho, K. I.-J. (2014). A HIPAA-compliant key management scheme with revocation of authorization. Computer Methods and Programs in Biomedicine, 113(3), 809–814.
Yu, W. D., & Chekhanovskiy, M. A. (2007). An electronic health record content protection system using smartcard and PMR. In e-Health Networking: Application and Services (pp. 11–18).
Odelu, V., Das, A. K., & Goswami, A. (2013). An effective and secure key-management scheme for hierarchical access control in e-medicine system. Journal of Medical Systems, 37, 2.
Keoh, S. L., Asim, M., Kumar, S. S., & Lenoir, P. (2011). Secure spontaneous emergency access to personal health record. In 3rd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use.
Narayan, S., Gagné, M., & Safavi-Naini, R. (2010). Privacy preserving EHR system using attribute-based infrastructure. In CCSW (pp. 47–52).
Benaloh, J., Chase, M., Horvitz, E., & Lauter, K. (2009). Patient controlled encryption: Ensuring privacy of electronic medical records. In CCSW (pp. 103–114).
Liu, C.-H., Chen, T.-S., Chen, T.-L., Chen, C.-S., Bau, J.-G., & Lin, T.-C. (2012). Secure dynamic access control scheme of PHR in cloud computing. Journal of Medical Systems 36(6), 4005–4020.
Thilakanathan, D., Chen, S., Nepal, S., Calvo, R., & Alem, L. (2014). A platform for secure monitoring and sharing of generic health data in the cloud. Future Generation Computer Systems, 35, 102–113.
Dekker, M. A. C., & Etalle, S. (2007). Audit-based access control for electronic health records. Electronic Notes in Theoretical Computer Science, 168, 221–236.
Beedham, H., & Wilson-Barnett, J. (1995). Hiv and aids care: Consumers’ views on needs and services. Journal of Advanced Nursing, 22(4), 677–86.
Ford, C. A., Millstein, S. G., Halpern-Felsher, B. L., & Irwin Jr, C. E. (1997). Influence of physician confidentiality assurances on adolescents’ willingness to disclose information and seek future health care. A randomized controlled trial. JAMA, 278(12), 1029–1034.
Rodriguez, M. A., Craig, A. M., Mooney, D. R., & Bauer, H. M. (1998). Patient attitudes about mandatory reporting of domestic violence. implications for health care professionals. Western Journal of Medicine, 169(6), 337–341.
Applebaum, P. S. (2002). Privacy in psychiatric treatment: Threats and response. American Journal of Psychiatry, 159.
Bass, A. (1995). Hmo puts confidential records on-line: Critics say computer file-keeping breaches privacy of mental health patients. Boston Globe.
Sweeney, L. (2002). k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(5), 557–570.
Machanavajjhala, A., Kifer, D., Gehrke, J., & Venkitasubramaniam, M. (2007). L-diversity: Privacy beyond k-anonymity. TKDD, 1, 1.
Li, N., Li, T., & Venkatasubramanian, S. (2007). t-closeness: Privacy beyond k-anonymity and l-diversity. In ICDE (pp. 106–115).
Heurix, J., Karlinger, M., Schrefl, M., & Neubauer, T. (2011). A hybrid approach integrating encryption and pseudonymization for protecting electronic health records. In Proceedings of the Eighth IASTED International Conference on Biomedical Engineering (2011).
Aamot, H., Kohl, C. D., Richter, D., & Knaup-Gregori, P. (2013). Pseudonymization of patient identifiers for translational research. BMC Medical Informatics and Decision Making, 13, 75.
Chaum, D. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), 84–88.
Blanchet, B. (2001). An, & efficient cryptographic protocol verifier based on prolog rules. In 14th IEEE Computer Security Foundations Workshop (CSFW-14) (pp. 82–96), 11–13 June 2001. Cape Breton, Nova Scotia, Canada.
Neubauer, T., & Heurix, J. (2011). A methodology for the pseudonymization of medical data. International Journal of Medical Informatics, 80(3), 190–204.
Meyer, F. D., Moor, G. D., & Fourquet, R. (2008). Privacy protection through pseudonymisation in eHealth. Studies in Health Technology and Informatics, 141, 111–118.
Pommerening, K. et al. (2006). Pseudonymization service and data custodians in medical research networks and biobanks. In GI Jahrestagung (1) (pp. 715–721).
Kim, E., Mayani, A., Modi, S., Kim, Y., & Soh, C. (2005). Evaluation of patient-centered electronic health record to overcome digital divide. In Annual International Conference of the IEEE Engineering in Medicine and Biology Society (Vol. 2), pp. 1091–1094.
Archer, N., Fevrier-Thomas, U., Lokker, C., McKibbon, K. A., & Straus, S. E. (2011). Personal health records: A scoping review. JAMIA, 18(4), 515–522.
Kim, E. H., Stolyar, A., Lober, W. B., Herbaugh, A. L., Shinstrom, S. E., Zierler, B. K., et al. (2009). Challenges to using an electronic personal health record by a low-income elderly population. JMIR, 11, 4.
Lober, W. B., Zierler, B., Herbaugh, A., Shinstrom, S. E., Stolyar, A., Kim, E. H., & Kim, Y. (2006). Barriers to the use of a personal health record by an elderly population. In AMIA Annual Symposium Proceedings/AMIA Symposium.
Yamin, C. K., Emani, S., Williams, D. H., Lipsitz, S. R., Karson, A. S., Wald, J. S., et al. (2011). The digital divide in adoption and use of a personal health record. Archives of Internal Medicine, 171(6), 568–574.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Kumar, N., Mathuria, A. (2017). Security and Privacy Issues in Outsourced Personal Health Record. In: Chaudhary, S., Somani, G., Buyya, R. (eds) Research Advances in Cloud Computing. Springer, Singapore. https://doi.org/10.1007/978-981-10-5026-8_17
Download citation
DOI: https://doi.org/10.1007/978-981-10-5026-8_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5025-1
Online ISBN: 978-981-10-5026-8
eBook Packages: Computer ScienceComputer Science (R0)