Addendum to Informatics for Health 2017: Advancing both science and practice

This article presents presentation and poster abstracts that were mistakenly omitted from the original publication

How to break access control in a controlled manner

The Electronic Medical Record (EMR) integrates heterogeneous information within a Healthcare Institution stressing the need for security and access control. The Biostatistics and Medical Informatics Department from Porto Faculty of Medicine has recently implemented a Virtual EMR (VEMR) in order to integrate patient information and clinical reports within a university hospital. With more than 500 medical doctors using the system on a daily basis, an access control policy and model were implemented. However, the healthcare environment has unanticipated situations (i.e. emergency situations) where access to information is essential. Most traditional policies do not allow for overriding. A policy that allows for Break-The-Glass (BTG) was implemented in order to override access control whilst providing for non-repudiation mechanisms for its usage. The policy was easily integrated within the model confirming its modularity and the fact that user intervention in defining security procedures is crucial to its successful implementation and use

Alcuni abstract di articoli che trattano argomenti relativi all'eHealth

Non utile per esam

Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography

Several recent works have proposed and implemented cryptography as a means to preserve privacy and security of patients health data. Nevertheless, the weakest point of electronic health record (EHR) systems that relied on these cryptographic schemes is key management. Thus, this paper presents the development of privacy and security system for cryptography-based-EHR by taking advantage of the uniqueness of fingerprint and iris characteristic features to secure cryptographic keys in a bio-cryptography framework. The results of the system evaluation showed significant improvements in terms of time efficiency of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood of imposters gaining successful access to the keys protecting patients protected health information. This result also justifies the feasibility of implementing fuzzy key binding scheme in real applications, especially fuzzy vault which demonstrated a better performance during key reconstruction

Visions and Challenges in Managing and Preserving Data to Measure Quality of Life

Health-related data analysis plays an important role in self-knowledge, disease prevention, diagnosis, and quality of life assessment. With the advent of data-driven solutions, a myriad of apps and Internet of Things (IoT) devices (wearables, home-medical sensors, etc) facilitates data collection and provide cloud storage with a central administration. More recently, blockchain and other distributed ledgers became available as alternative storage options based on decentralised organisation systems. We bring attention to the human data bleeding problem and argue that neither centralised nor decentralised system organisations are a magic bullet for data-driven innovation if individual, community and societal values are ignored. The motivation for this position paper is to elaborate on strategies to protect privacy as well as to encourage data sharing and support open data without requiring a complex access protocol for researchers. Our main contribution is to outline the design of a self-regulated Open Health Archive (OHA) system with focus on quality of life (QoL) data.Comment: DSS 2018: Data-Driven Self-Regulating System