Circle of Health Based Access Control for Personal Health Information Systems

2018 ◽  
pp. 107-114
Author(s):  
Ryan Habibi ◽  
Jens Weber ◽  
Morgan Price
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Health Information ◽  
Health Information Systems ◽  
Personal Health Information ◽  
Personal Health ◽  
Personal Health Information Systems

A Survey of Security Standards Applicable to Health Information Systems

2013 ◽  
Vol 7 (4) ◽  
pp. 22-36 ◽  
Author(s):  
Francis Akowuah ◽  
Xiaohong Yuan ◽  
Jinsheng Xu ◽  
Hong Wang
Keyword(s):  
Information Systems ◽  
Health Information ◽  
Health Information Systems ◽  
Personal Health Information ◽  
Security And Privacy ◽  
Personal Health ◽  
Healthcare Organizations ◽  
Starting Point ◽  
Wide Range ◽  
Security Standards

The information maintained by Health Information Systems (HIS) is often faced with security threats from a wide range of sources. Some government's regulations require healthcare organizations and custodians of personal health information to take practical steps to address the security and privacy needs of personal health information. Standards help to ensure an adequate level of security is attained, resources are used efficiently and the best security practices are adopted. In this paper, the authors survey security standards applicable to healthcare industry including Control OBjective for Information and related Technology (COBIT), ISO/IEC 27002:2005, ISO/IEC 27001:2005, NIST Special Publication 800-53, ISO 27799:2008, HITRUST Common Security Framework (CSF), ISO 17090:2008, ISO/TS 25237:2008, etc. This survey informs the audience currently available standards that can guide the implementation of information security programs in healthcare organizations, and provides a starting point for IT management in healthcare organizations to select a standard suitable for their organizations.

scholarly journals Health Information Systems in the Digital Health Ecosystem—Problems and Solutions for Ethics, Trust and Privacy

2020 ◽  
Vol 17 (9) ◽  
pp. 3006
Author(s):  
Pekka Ruotsalainen ◽  
Bernd Blobel
Keyword(s):  
Information Systems ◽  
Intellectual Property ◽  
Health Information ◽  
Digital Health ◽  
Health Information Systems ◽  
Personal Health Information ◽  
Intellectual Property Right ◽  
Ethical Principles ◽  
Computational Trust ◽  
Trust Models

Digital health information systems (DHIS) are increasingly members of ecosystems, collecting, using and sharing a huge amount of personal health information (PHI), frequently without control and authorization through the data subject. From the data subject’s perspective, there is frequently no guarantee and therefore no trust that PHI is processed ethically in Digital Health Ecosystems. This results in new ethical, privacy and trust challenges to be solved. The authors’ objective is to find a combination of ethical principles, privacy and trust models, together enabling design, implementation of DHIS acting ethically, being trustworthy, and supporting the user’s privacy needs. Research published in journals, conference proceedings, and standards documents is analyzed from the viewpoint of ethics, privacy and trust. In that context, systems theory and systems engineering approaches together with heuristic analysis are deployed. The ethical model proposed is a combination of consequentialism, professional medical ethics and utilitarianism. Privacy enforcement can be facilitated by defining it as health information specific contextual intellectual property right, where a service user can express their own privacy needs using computer-understandable policies. Thereby, privacy as a dynamic, indeterminate concept, and computational trust, deploys linguistic values and fuzzy mathematics. The proposed solution, combining ethical principles, privacy as intellectual property and computational trust models, shows a new way to achieve ethically acceptable, trustworthy and privacy-enabling DHIS and Digital Health Ecosystems.

Privacy and Security: Are Your Health Information Systems up to Standard?

1996 ◽  
Vol 26 (4) ◽  
pp. 197-201 ◽  
Author(s):  
Tina Magennis ◽  
Jennifer Mitchell
Keyword(s):  
Health Care ◽  
Information Systems ◽  
Health Information ◽  
Health Information Systems ◽  
Health Data ◽  
Human Behaviour ◽  
Personal Health ◽  
Privacy And Security ◽  
Patient Health ◽  
Privacy And Confidentiality

As electronic patient health information systems become more fully developed and widespread, there are persistent concerns about the privacy and confidentiality of the personal health data being stored and disseminated. Standards Australia has released two Standards which provide useful guidelines for the organisational, technological and human behaviour solutions required to protect privacy and confidentiality in health care organisations. The major requirements of these Standards are outlined and the implications of the Standards for health information managers are discussed.

Sign in / Sign up

Export Citation Format

Share Document