Proposal for a Security Management in Cloud Computing for Health Care

Haufe, Knut; Dzombeta, Srdan; Brandis, Knud

doi:10.1155/2014/146970

Cited by 20 publications

(10 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, experience in computer use contributed to the differences in the two concerns [ 1 , 8 , 9 ], and computer self-efficacy has been proven to be a strong predictor of the attitude toward information technology (IT) acceptance in hospitals [ 10 ]. Based on existing literature [ 11 ], the enforcement of security and privacy is a fundamental step in the development of EPRs because security and privacy are the major concerns of users. Concerns among users might still persist even though encryption and authorization have been adopted in EPRs.…”

Section: Introductionmentioning

confidence: 99%

Attitudes toward inter-hospital electronic patient record exchange: discrepancies among physicians, medical record staff, and patients

Wang

Chen

et al. 2015

BMC Health Serv Res

View full text Add to dashboard Cite

BackgroundIn this era of ubiquitous information, patient record exchange among hospitals still has technological and individual barriers including resistance to information sharing. Most research on user attitudes has been limited to one type of user or aspect. Because few analyses of attitudes toward electronic patient records (EPRs) have been conducted, understanding the attitudes among different users in multiple aspects is crucial to user acceptance. This proof-of-concept study investigated the attitudes of users toward the inter-hospital EPR exchange system implemented nationwide and focused on discrepant behavioral intentions among three user groups.MethodsThe system was designed by combining a Health Level 7-based protocol, object-relational mapping, and other medical informatics techniques to ensure interoperability in realizing patient-centered practices. After implementation, three user-specific questionnaires for physicians, medical record staff, and patients were administered, with a 70 % response rate. The instrument showed favorable convergent construct validity and internal consistency reliability. Two dependent variables were applied: the attitudes toward privacy and support. Independent variables comprised personal characteristics, work characteristics, human aspects, and technology aspects. Major statistical methods included exploratory factor analysis and general linear model.ResultsThe results from 379 respondents indicated that the patients highly agreed with privacy protection by their consent and support for EPRs, whereas the physicians remained conservative toward both. Medical record staff was ranked in the middle among the three groups. The three user groups demonstrated discrepant intentions toward privacy protection and support. Experience of computer use, level of concerns, usefulness of functions, and specifically, reason to use electronic medical records and number of outpatient visits were significantly associated with the perceptions. Overall, four categories of independent variables were associated with the mean difference in the perceptions.ConclusionsDiscrepant attitudes toward privacy and support among the three user groups are identified. Patients may require further education and communication regarding the system. Culturally fit e-Consent should be incorporated into the system to fully utilize the computing power of the Internet when also considering workload. The concern for misuse of EPRs might lead to low support among physicians. Highly readable EPR documents and managerial incentives for information exchange may improve system use.

show abstract

Section: Introductionmentioning

confidence: 99%

Attitudes toward inter-hospital electronic patient record exchange: discrepancies among physicians, medical record staff, and patients

Wang

Chen

et al. 2015

BMC Health Serv Res

View full text Add to dashboard Cite

show abstract

“…rapid elasticity, followed by broad network access, resource pooling, on-demand self-service and measured service at least. But only eight publications directly cite NIST’s definition [ 4 , 5 , 18 , 23 , 24 , 40 , 52 , 55 , 63 , 67 , 75 , 81 , 83 , 85 , 100 ]. Thus, in most of the articles presenting cloud applications, details about the real deployment and service models remain unclear.…”

Section: Resultsmentioning

confidence: 99%

“…Using audit trails might be a possibility to better control the use of a cloud system or facilitating data recovery [ 26 ]. This is why it is important to select only partners for outsourcing and cloud computing which can prove their security measures [ 56 , 89 , 100 ] and make handling of data completely transparent for the data owners [ 56 ]. Additionally, service-level agreements should be established between the customer organization and the cloud provider concerning data encryption and safety policies [ 23 , 100 ].…”

Section: Resultsmentioning

confidence: 99%

“…This is why it is important to select only partners for outsourcing and cloud computing which can prove their security measures [ 56 , 89 , 100 ] and make handling of data completely transparent for the data owners [ 56 ]. Additionally, service-level agreements should be established between the customer organization and the cloud provider concerning data encryption and safety policies [ 23 , 100 ]. On the other hand clouds can even be utilized to store data using resource intensive security algorithms as kind of “Security-as-a-Service” [ 77 ].…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

A scoping review of cloud computing in healthcare

Griebel

Prokosch

Köpcke

et al. 2015

BMC Med Inform Decis Mak

191

View full text Add to dashboard Cite

BackgroundCloud computing is a recent and fast growing area of development in healthcare. Ubiquitous, on-demand access to virtually endless resources in combination with a pay-per-use model allow for new ways of developing, delivering and using services. Cloud computing is often used in an “OMICS-context”, e.g. for computing in genomics, proteomics and molecular medicine, while other field of application still seem to be underrepresented. Thus, the objective of this scoping review was to identify the current state and hot topics in research on cloud computing in healthcare beyond this traditional domain.MethodsMEDLINE was searched in July 2013 and in December 2014 for publications containing the terms “cloud computing” and “cloud-based”. Each journal and conference article was categorized and summarized independently by two researchers who consolidated their findings.Results102 publications have been analyzed and 6 main topics have been found: telemedicine/teleconsultation, medical imaging, public health and patient self-management, hospital management and information systems, therapy, and secondary use of data. Commonly used features are broad network access for sharing and accessing data and rapid elasticity to dynamically adapt to computing demands. Eight articles favor the pay-for-use characteristics of cloud-based services avoiding upfront investments. Nevertheless, while 22 articles present very general potentials of cloud computing in the medical domain and 66 articles describe conceptual or prototypic projects, only 14 articles report from successful implementations. Further, in many articles cloud computing is seen as an analogy to internet-/web-based data sharing and the characteristics of the particular cloud computing approach are unfortunately not really illustrated.ConclusionsEven though cloud computing in healthcare is of growing interest only few successful implementations yet exist and many papers just use the term “cloud” synonymously for “using virtual machines” or “web-based” with no described benefit of the cloud paradigm. The biggest threat to the adoption in the healthcare domain is caused by involving external cloud partners: many issues of data safety and security are still to be solved. Until then, cloud computing is favored more for singular, individual features such as elasticity, pay-per-use and broad network access, rather than as cloud paradigm on its own.Electronic supplementary materialThe online version of this article (doi:10.1186/s12911-015-0145-7) contains supplementary material, which is available to authorized users.

show abstract

“…minimal level of cybersecurity, but there are deficiencies in the standard and identifies the important aspects of cybersecurity that could be improved[73] 3.2 to exploit of cybersecurity vulnerabilities can affect fielded medical devices today. Indeed, unmitigated cybersecurity vulnerabilities have already led to medical devices being infected and disabled by malware[74] framework that includes the most important security processes regarding cloud computing in the health care sector[77] 3.2 to suggest that cyber threats are increasing and that much of the U.S. healthcare system is ill-equipped to deal with them[33] 1.2to discuss the actions taken by standards bodies, such as the Association for the Advancement of Medical Instrumentation, to improve medical device cybersecurity…”

mentioning

confidence: 99%

Cyber Risk in Health Facilities: A Systematic Literature Review

et al. 2020

View full text Add to dashboard Cite

The current world challenges include issues such as infectious disease pandemics, environmental health risks, food safety, and crime prevention. Through this article, a special emphasis is given to one of the main challenges in the healthcare sector during the COVID-19 pandemic, the cyber risk. Since the beginning of the Covid-19 pandemic, the World Health Organization has detected a dramatic increase in the number of cyber-attacks. For instance, in Italy the COVID-19 emergency has heavily affected cybersecurity; from January to April 2020, the total of attacks, accidents, and violations of privacy to the detriment of companies and individuals has doubled. Using a systematic and rigorous approach, this paper aims to analyze the literature on the cyber risk in the healthcare sector to understand the real knowledge on this topic. The findings highlight the poor attention of the scientific community on this topic, except in the United States. The literature lacks research contributions to support cyber risk management in subject areas such as Business, Management and Accounting; Social Science; and Mathematics. This research outlines the need to empirically investigate the cyber risk, giving a practical solution to health facilities.

show abstract

Proposal for a Security Management in Cloud Computing for Health Care

Cited by 20 publications

References 23 publications

Attitudes toward inter-hospital electronic patient record exchange: discrepancies among physicians, medical record staff, and patients

Attitudes toward inter-hospital electronic patient record exchange: discrepancies among physicians, medical record staff, and patients

A scoping review of cloud computing in healthcare

Cyber Risk in Health Facilities: A Systematic Literature Review

Contact Info

Product

Resources

About