Skip to main content
SpringerLink
Log in

Transparent Medical Data Systems

  • Patient Facing Systems
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Transparency is described as the quality to be open about policies and practices. It is intended to inform end users of what happens to their data. It promotes good quality of service and is believed to sustain people’s demand for privacy. However, at least for medical data systems, a clear definition of the property is missing and there is no agreement on what requirements qualify it. We look into this problem. First we identify concepts that relate with transparency: openness, empowerment, auditability, availability, accountability, verifiability. We discuss them in Health Information Technology, so clarifying what transparency is. Then we elicit a list of requirements that indicate how transparency can be realised in modern medical data systems such as those managing electronic health records.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. AL Faresi, A., Wijesekera, D., Moidu, K.: A comprehensive privacy-aware authorization framework founded on HIPAA privacy rules. In: Proceedings of the 1st ACM International Health Informatics Symposium, pp. 637–646. ACM (2010)

  2. Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient controlled encryption: Ensuring privacy of electronic medical records. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, CCSW ’09, pp. 103–114. ACM (2009)

  3. Berthold, S., Fischer-Hübner, S., Martucci, L., Pulls, T.: Crime and punishment in the cloud - accountability, transparency, and privacy. In: Pre-Proceedings of International Workshop on Trustworthiness, Accountability and Forensics in the Cloud in conjunction with the 7th IFIP WG 11.11 International Conference on Trust Management (2013)

  4. Cappelli, C.: Uma abordagem para transparência em processos organizacionais utilizando aspectos. Ph.D. thesis, PUC-Rio (2009)

  5. Cruzes, D., and Jaatun, M.: D:b-2.4 requirements report deliverable (2014)

  6. EU: Proposal for a Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). http://ec.europa.eu/justice/data-protection/reform/index_en.htm (2012)

  7. Ferreira, A., and Lenzini, G.: Can transparency enhancing tools support patient’s accessing electronic health records?. In: Proceedings of the 3rd World Conference on Information Systems and Technologies (2015)

  8. Fischer-Hübner, S., Angulo, J., Pulls, T.: How can cloud users be supported in deciding on, tracking and controlling how their data are used?. In: Privacy and Identity Management for Emerging Services and Technologies, IFIP Advances in Information and Communication Technology, Vol. 421, pp. 77–92. Springer, Berlin Heidelberg (2014)

  9. Gajanayake, R., Iannella, R., Sahama, T., Sharing with care: an information accountability perspective. Intern. Comput. IEEE 15(4):31–38, 2011.

    Article  Google Scholar 

  10. Goodman, K. W., Berner, E. S., Dente, M. A., Kaplan, B., Koppel, R., Rucker, D., Sands, D. Z., Winkelstein, P., et al., Challenges in ethics, safety, best practices, and oversight regarding HIT vendors, their customers, and patients: a report of an AMIA special task force. J. Amer. Med. Inf. Assoc. 18(1):77–81 , 2011.

    Article  Google Scholar 

  11. Haas, S., Wohlgemuth, S., Echizen, I., Sonehara, N., Müller, G., Aspects of privacy for electronic health records. Int. J. Med. Inf. 80(2):e26–e31, 2011. Special Issue: Security in Health Information Systems.

    Article  Google Scholar 

  12. Hansen, M.: Marrying transparency tools with user-controlled identity management. In: The Future of Identity in the Information Society, Vol. 262, pp. 199–220. Springer, US (2008)

  13. Hedbom, H.: A survey on transparency tools for enhancing privacy. In: The Future of Identity in the Information Society, IFIP Advances in Information and Communication Technology, Vol. 298, pp. 67–82. Springer, Berlin Heidelberg (2009)

  14. Henke, N., Kelsey, T., Whately, H., Transparency — the most powerful driver of health care improvement? Health Int.,64–73, 2011.

  15. Hu, J., Chen, H., Hou, T., A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations. Comput. Standards Interf. 32:274–280, 2010.

    Article  Google Scholar 

  16. International Organization for Standardization: ISO 9241-11:1998 Ergonomic requirements for office work with visual display terminals (VDTs) (2000). Part 11: Guidance on usability

  17. Kim, K., McGraw, D., Mamo, L., Ohno-Machado, L., Development of a privacy and security policy framework for a multistate comparative effectiveness research network. Med. Care 51:S66–S72, 2013.

    Article  PubMed  Google Scholar 

  18. Kremer, S., Ryan, M., Smyth, B.: Computer Security – ESORICS 2010: 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, 2010. In: Proceedings, chap. Election Verifiability in Electronic Voting Protocols, pp. 389–404. Berlin Heidelberg , Berlin, Heidelberg (2010)

  19. Ku̇sters, R., Truderung, T., Vogt, A.: Accountability: definition and relationship to verifiability. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4-8, 2010, pp. 526–535. ACM (2010)

  20. van Lamsweerde, A., Requirements Engineering: From System Goals to UML Models to Software Specifications: Wiley, 2009.

  21. Leite, J. C. S.d.P., and Cappelli, C., Software transparency. Bus. Inf. Syst. Eng. 2:127–139, 2010.

    Article  Google Scholar 

  22. Liebovitz, D., Meaningful EHR attributes for an era of accountability, transparency, shared decision making, and value assessment. J. Legal Med. 34(1):43–53, 2013.

    Article  Google Scholar 

  23. Moe, N.: D:b-2.1 workshop 1 results (requirements) (2013)

  24. Office for Civil Right of the Department of Health and Human Services, USA: Privacy, Security, and Electronic Health Records (2015)

  25. Online Computer Library Center, Inc.: Dewey decimal classification. https://www.oclc.org/dewey/features/summaries.en.html. Last accessed in May 2016

  26. Open Source Initiative: The Open Source Definition. https://opensource.org/. Last accessed in May 2016

  27. Peters, M.: The idea of openness: Open education and education for openness. In: Peters, M., Besley, T., Gibbons, A., žarnić, B., Ghiraldelli, P. (Eds.) The Encyclopaedia of Educational Philosophy and Theory (2010)

  28. Press, O.U.: Oxford Dictionaries. http://www.oxforddictionaries.com/. Last accessed in May 2016

  29. Ray, P., and Wimalasiri, J.: The need for technical solutions for maintaining the privacy of EHR. In: Engineering in Medicine and Biology Society, 2006. EMBS’06. 28th Annual International Conference of the IEEE, pp. 4686–4689. IEEE (2006)

  30. Rostad, L.: An initial model and a discussion of access control in patient controlled health records. In: Proceedings of the 3rd International Conference on Availability, Reliability and Security, pp. 935–942 (2008)

  31. Ruotsalainen, P., Blobel, B., Nykänen, P., Seppälä, A., Sorvari, H.: Framework model and principles for trusted information sharing in pervasive health (2011)

  32. Señor, I., and Fernández-Alemán, J., Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inf. 46(3):541–562, 2013.

    Article  Google Scholar 

  33. Seneviratne, O., and Kagal, L.: Enabling privacy through transparency. In: Proceedings of the 12th Annual International Conference on Privacy, Security and Trust, pp. 121–128 (2014)

  34. Spagnuelo, D., Bartolini, C., Lenzini, G.: Metrics for Transparency. In: Proceedings of Data Privacy Management and Security Assurance: 11th International Workshop, DPM 2016 and 5th International Workshop, QASA 2016, pp. 3–18 (2016)

  35. Spagnuelo, D., and Lenzini, G.: Patient-centred transparency requirements for medical data sharing systems. In: New Advances in Information Systems and Technologies, pp. 1073–1083. Springer (2016)

  36. Tang, P. C., and Lansky, D., The missing link: bridging the patient–provider health information gap. Health Affairs 24(5):1290–1295, 2005.

    Article  PubMed  Google Scholar 

  37. Thorogood, A., and Zawati, M. H., International guidelines for privacy in genomic biobanking (or the unexpected virtue of pluralism). J. Law Med. Ethics 43(4):690–702, 2015.

    PubMed  Google Scholar 

  38. Turilli, M., and Floridi, L., The ethics of information transparency. Ethics Inf. Technol. 11(2):105–112, 2009.

    Article  Google Scholar 

Download references

Acknowledgments

Spagnuelo’s research is supported by FNR/AFR project 7842804 TYPAMED.

Author information

Authors and Affiliations

  1. Interdisciplinary Centre for Security, Reliability and Trust (SnT), University of Luxembourg, Luxembourg, Luxembourg

    Dayana Spagnuelo & Gabriele Lenzini

Authors
  1. Dayana Spagnuelo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gabriele Lenzini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dayana Spagnuelo.

Additional information

This article is part of the Topical Collection on Patient Facing Systems

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Spagnuelo, D., Lenzini, G. Transparent Medical Data Systems. J Med Syst 41, 8 (2017). https://doi.org/10.1007/s10916-016-0653-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-016-0653-8

Keywords

Search

Navigation