Evaluation framework for automatic privacy auditing tools for hospital data breach detections: A case study

Yesmin, Tahera; Carter, Michael

doi:10.1016/j.ijmedinf.2020.104123

Cited by 7 publications

(4 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Yesmin et al [16] deal with the privacy of patients' data in terms of the interoperability of systems and the employees' access to information. Also, they tell us that there is no framework for evaluating privacy audit tools in hospitals yet.…”

Section: Related Workmentioning

confidence: 99%

“…Thus, the authors exposed user data principles as: sensitivity, privacy and protection, breaches precaution, ethics. The study of Yesmin and Carter [16] was concerned about the patient data through authorized and unauthorized access. The authors developed a framework that audits this access, although the study was limited as real patient information could not validate the tool.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Case Study on the Development of a Data Privacy Management Solution Based on Patient Information

Lucca

Silva

Luchtenberg

et al. 2020

Sensors

View full text Add to dashboard Cite

Data on diagnosis of infection in the general population are strategic for different applications in the public and private spheres. Among them, the data related to symptoms and people displacement stand out, mainly considering highly contagious diseases. This data is sensitive and requires data privacy initiatives to enable its large-scale use. The search for population-monitoring strategies aims at social tracking, supporting the surveillance of contagions to respond to the confrontation with COVID-19. There are several data privacy issues in environments where IoT devices are used for monitoring hospital processes. In this research, we compare works related to the subject of privacy in the health area. To this end, this research proposes a taxonomy to support the requirements necessary to control patient data privacy in a hospital environment. According to the tests and comparisons made between the variables compared, the application obtained results that contribute to the scenarios applied. In this sense, we modeled and implemented an application. By the end, a mobile application was developed to analyze the privacy and security constraints with COVID-19.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

A Case Study on the Development of a Data Privacy Management Solution Based on Patient Information

Lucca

Silva

Luchtenberg

et al. 2020

Sensors

View full text Add to dashboard Cite

show abstract

“…It also states that data sensitivity classification is contextual; data protection and privacy are important and must be maintained even in times of crisis; information leaks are inevitable, so organizations should always protect themselves; ethics in data manipulation is mandatory for more efficient analysis. The work of [13] deals with the privacy of patients' data in terms of the interoperability of systems and the employees' access to information. In addition, it tells us that there is no framework for evaluating privacy audit tools in hospitals yet.…”

Section: Related Workmentioning

confidence: 99%

“…The encryption application meant to protect the data was found in the works of [14], [15] and [13]. The related works did not contain any direct mention of it; instead, it was briefly cited in [13]. The privacy application in the user profile is cited by all related works.…”

Section: Related Workmentioning

confidence: 99%

System for Control and Management of Data Privacy of Patients with COVID-19

Lucca¹,

Luchtenberg²,

Conceicao³

et al. 2020

Preprint

View full text Add to dashboard Cite

The COVID-19 pandemic plagues the whole world, bringing numerous challenges which need to be addressed. One of them is the privacy of patient data. There are several problems related to data privacy in IoT environments, the use of applications, devices, and functionalities in hospital processes. Therefore, we have compared works from the literature and developed a taxonomy consisting of the requirements necessary to control patient privacy data in a hospital setting in the current pandemic. Based on the studies, an application was modeled and implemented. According to the tests and comparisons drawn between the variables, the application yielded satisfactory results.

show abstract

A risk‐based methodology for privacy requirements elicitation and control selection

Manna

Sengupta

Mazumdar

2021

Security and Privacy

View full text Add to dashboard Cite

The purpose of the paper is to provide a comprehensive privacy model for identifying the privacy risks of an enterprise based on its privacy requirements. A risk-based methodology for automated privacy control selection against identified privacy requirements is also proposed. The privacy model has been designed using first order logic and it is semi-formal in nature. Privacy risks are defined using the proposed formalism in terms of privacy properties. Algorithm for assessing privacy risk considering the actual information infrastructure of the enterprise is proposed. Based on the risk assessment, appropriate privacy controls should be selected from a control database. An algorithm for the same is also proposed. This methodology is easy to implement and can be used by any mid or large-scale enterprise for privacy control implementation. The effectiveness of our proposed approach is shown using a case study. From the literature review, it has emerged that there is a dearth of comprehensive privacy models that can identify the privacy requirements emanating from different sources and can eventually help the enterprise to implement privacy controls as per privacy requirements. The proposed model attempts to address this research gap by helping an enterprise to identify the specific privacy requirements and automatically select privacy controls from an appropriate knowledge base. Privacy requirements can be customized as per the needs of the enterprise.

show abstract

Evaluation framework for automatic privacy auditing tools for hospital data breach detections: A case study

Cited by 7 publications

References 24 publications

A Case Study on the Development of a Data Privacy Management Solution Based on Patient Information

A Case Study on the Development of a Data Privacy Management Solution Based on Patient Information

System for Control and Management of Data Privacy of Patients with COVID-19

A risk‐based methodology for privacy requirements elicitation and control selection

Contact Info

Product

Resources

About