A Survey on Security and Privacy of Healthcare Data

Asija, Ruchika; Nallusamy, Rajarathnam

doi:10.5176/2251-3833_ghc14.29

Cited by 4 publications

(3 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, to provide good service it is wise to secure the data and transfer it accurately through a fully trusted medium within a certain time to the owner of those data [18]. The actual challenges, in this case, are to manage the security of the location where the data is stored as well as securing the network through which the huge amount of data transmits from source to destination [14]. Many aspects that are to be taken into account for ehealth security can be, authentication i.e.…”

Section: E-health System Security Requirementsmentioning

confidence: 99%

“…It should be taken into consideration that the e-health should be scalable, flexible to any changes and should have a user-friendly interface [18]. The other important feature that could be added is availability of the system whenever and wherever it is needed to process and regulate the patient's data, reliability of the system to avoid any errors while providing services to its users and interoperability where the system should operate according to some standard communication protocols when communicating between different service providers [14].…”

Section: E-health System Security Requirementsmentioning

confidence: 99%

See 1 more Smart Citation

A Survey on Secure Cloud-Based E-Health Systems

Yadav¹,

Behera²

2020

EAI Endorsed Transactions on Pervasive Health and Technology

View full text Add to dashboard Cite

INTRODUCTION: The e-health (electronic health) system is one of many cloud services which uses computer or electronic systems and cloud technology as its main source of operations for storing and sharing patient's medical data between healthcare service providers and patients. The health data records are kept in a semi-trusted third-party supplier (i.e., cloud). Therefore, its security has become the main concern as the data should not be accessible to unauthorized person. OBJECTIVES: To provide a brief knowledge on the security aspects of cloud-based e-health systems for further improvement in the field of e-health system security. METHODS: This paper presents a literature survey on secure cloud-based e-health systems including ninety-four research papers related to secure cloud-based e-health systems collected from different sources till 2019. RESULTS: The security mechanisms used to secure cloud-based e-health systems are divided into three categories (i.e., crypto, non-crypto, and biometric-based). Also some health related security laws, security mechanisms, advantages and limitations of security mechanisms for all categories are presented. CONCLUSION: This paper will be helpful to do further researches in the research area of e-health system as it consists of the analysis of security mechanisms, security laws, advantages and limitations of the security mechanisms.

show abstract

Section: E-health System Security Requirementsmentioning

confidence: 99%

Section: E-health System Security Requirementsmentioning

confidence: 99%

A Survey on Secure Cloud-Based E-Health Systems

Yadav¹,

Behera²

2020

EAI Endorsed Transactions on Pervasive Health and Technology

View full text Add to dashboard Cite

show abstract

“…Failure to comply with personal data protection legislation, healthcare facilities may face civil and legal penalties [14]. In the long run, such non-compliance may cause some harm to the employees or patients [34].…”

Section: Introductionmentioning

confidence: 99%

Health information systems security: Risks, prospects and frameworks

Odiango¹,

Abeka²,

Liyala³

2022

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

Information is the most precious asset of any organization and assessing risk to information is a core mandate of any institutional management to ensure availability of effective controls to protect information assets. The increasing digitization of health information and the ever-changing cyber security threat environment, has led to some public health data breaches and as information security become increasingly important to the continued success for businesses, majority of organizations are searching for an appropriate security framework. Security risk assessment framework enables identification of threats and vulnerabilities. Although numerous frameworks available in the market, selection of the right framework to meet the organization’s need is a challenge due to lack of prescriptiveness, standard, inconsistencies, complexity, compliance, cost, and certifications. To address the gap, this study assessed the security of health information system and privacy risks in addition to existing frameworks and developed an enhanced framework. The study adopted a descriptive cross – sectional design and was conducted in Siaya County, in Kenya. A questionnaire was used to collect data which was analyzed and presented inform of tables, and charts. The results indicated that confidentiality of information is good (use of identifiers and passwords at 96.8% approval rate), availability of physical controls to protect authorized access at 95.2%, availability of policies stating staff responsible for protection of information confidentiality at 91.9%, availability of written policy on patient confidentiality and privacy at 74.2% and use of access privileges at 68.8%. The findings on integrity of information was poor with availability of systems to review data accuracy having 71.9% approval rate, frequency of data review at 81.2%, availability of written description of information security manager’s responsibility at 39.5%, monitoring of electronic systems to detect potential breaches at 40%, creation of audit logs to track system transactions at 54% and frequency of reviewing audit logs at 51.5%. The findings on availability of information was good (availability of inventory of computers at 69.9%), regular updates of inventory at 61.3%, updates of patient data on laptops and desktops at 68.2%, sharing of data confidentiality and security policy at 36%, and regular backups of audited logs at 51% approval rates. Regarding the assessment of existing security frameworks, it was noted that HIPAA has the following shortcomings: lacks complete valid risk analysis, not certifiable, security rule is safeguarding electronic protected health information only, the security does not regulate emails and does not require encryption, and commitment on security is verbal. On the other hand, ISO/IEC 27001 is expensive, requires specific IT budget, special expertise, and more time to apply in public hospitals. Finally, NIPP framework is expensive, and uses consequence’s assessment which is outside the scope of this study.

show abstract

Cloud E-health Systems: A Survay on Security Challenges and Solutions

Kamoona

Altamimi

2018

2018 8th International Conference on Computer Science and Information Technology (CSIT)

View full text Add to dashboard Cite

A Survey on Security and Privacy of Healthcare Data

Cited by 4 publications

References 20 publications

A Survey on Secure Cloud-Based E-Health Systems

A Survey on Secure Cloud-Based E-Health Systems

Health information systems security: Risks, prospects and frameworks

Cloud E-health Systems: A Survay on Security Challenges and Solutions

Contact Info

Product

Resources

About