Towards A Well-Secured Electronic Health Record in the Health Cloud

The major concerns for most cloud implementers particularly in the health care industry have remained data security and privacy. A prominent and major threat that constitutes a hurdle for practitioners within the health industry from exploiting and benefiting from the gains of cloud computing is the fear of theft of patients health data in the cloud. Investigations and surveys have revealed that most practitioners in the health care industry are concerned about the risk of health data mix-up amongst the various cloud providers, hacking to comprise the cloud platform and theft of vital patients’ health data.An overview of the diverse issues relating to health data privacy and overall security in the cloud are presented in this technical report. Based on identifed secure access requirements, an encryption-based eHR security model for securing and enforcing authorised access to electronic health data (records), eHR is also presented. It highlights three core functionalities for managing issues relating to health data privacy and security of eHR in health care cloud

A systematic literature review of cloud computing in eHealth

Cloud computing in eHealth is an emerging area for only few years. There needs to identify the state of the art and pinpoint challenges and possible directions for researchers and applications developers. Based on this need, we have conducted a systematic review of cloud computing in eHealth. We searched ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as well as relevant open-access journals for relevant articles. A total of 237 studies were first searched, of which 44 papers met the Include Criteria. The studies identified three types of studied areas about cloud computing in eHealth, namely (1) cloud-based eHealth framework design (n=13); (2) applications of cloud computing (n=17); and (3) security or privacy control mechanisms of healthcare data in the cloud (n=14). Most of the studies in the review were about designs and concept-proof. Only very few studies have evaluated their research in the real world, which may indicate that the application of cloud computing in eHealth is still very immature. However, our presented review could pinpoint that a hybrid cloud platform with mixed access control and security protection mechanisms will be a main research area for developing citizen centred home-based healthcare applications

DATUM in Action

This collaborative research data management planning project (hereafter the RDMP project) sought to help a collaborative group of researchers working on an EU FP7 staff exchange project (hereafter the EU project) to define and implement good research data management practice by developing an appropriate DMP and supporting systems and evaluating their initial implementation. The aim was to "improve practice on the ground" through more effective and appropriate systems, tools/solutions and guidance in managing research data. The EU project (MATSIQEL - (Models for Ageing and Technological Solutions For Improving and Enhancing the Quality of Life), funded under the Marie Curie International Research Staff Exchange Scheme, is accumulating expertise for the mathematical and computer modelling of ageing processes with the aim of developing models which can be implemented in technological solutions (e.g. monitors, telecare, recreational games) for improving and enhancing quality of life.1 Marie Curie projects do not fund research per se, so the EU project has no resources to fund commercial tools for research data management. Lead by Professor Maia Angelova, School of Computing, Engineering and Information Sciences (SCEIS) at Northumbria University, it comprises six work packages involving researchers at Northumbria and in Australia, Bulgaria, Germany, Mexico and South Africa. The RDMP project focused on one of its work packages (WP4 Technological Solutions and Implementation) with some reference to another work package lead by the same person at Northumbria University (WP5 Quality of Life). The RDMP project‟s innovation was less about the choice of platform/system, as it began with existing standard office technology, and more about how this can be effectively deployed in a collaborative scenario to provide a fit-for-purpose solution with useful and usable support and guidance. It built on the success of the Datum for Health project by taking it a stage further, moving from a solely health discipline to an interdisciplinary context of health, social care and mathematical/computer modelling, and from a Postgraduate Research Student context to an academic researcher context, with potential to reach beyond the University boundaries. In addition, since the EU project is re-using data from elsewhere as well as creating its own data; a wide range of RDM issues were addressed. The RDMP project assessed the transferability of the DATUM materials and the tailored DATUM DMP

The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users

Handling confidentiality and privacy on cloud-based health information systems

Health-related data include not only the patient’s personal information, but also specific information about the patient health problems, supplementary diagnostic examination results, and much more. All this information is extremely sensitive and should only be accessed by the proper entities and actors, for special specific purposes. Described herein is an approach to address security and privacy of health-related data based on rights management technologies, with an architecture to minimize security risks and privacy conerns. This approach consists of the reutilisation of an open-source and open-specifications rights management system, and designing and adapting the necessary components to address the specific security and privacy requirements that must be faced when managing health and patient data.info:eu-repo/semantics/acceptedVersio