Intelligent XML Tag Classification Techniques for XML Encryption Improvement

Flexibility, friendliness, and adaptability have been key components to use XML to exchange information across different networks providing the needed common syntax for various messaging systems. However excess usage of XML as a communication medium shed the light on security standards used to protect exchanged messages achieving data confidentiality and privacy. This research presents a novel approach to secure XML messages being used in various systems with efficiency providing high security measures and high performance. system model is based on two major modules, the first to classify XML messages and define which parts of the messages to be secured assigning an importance level for each tag presented in XML message and then using XML encryption standard proposed earlier by W3C [3] to perform a partial encryption on selected parts defined in classification stage. As a result, study aims to improve both the performance of XML encryption process and bulk message handling to achieve data cleansing efficiently

William H. Sorrell, Attorney General of Vermont, et al. v. IMS Health Inc., et al. - Amicus Brief in Support of Petitioners

On April 26, 2011, the US Supreme Court will hear oral arguments in the Vermont data mining case, Sorrell v. IMS Health Inc. Respondents claim this is the most important commercial speech case in a decade. Petitioner (the State of Vermont) argues this is the most important medical privacy case since Whalen v. Roe. The is an amicus brief supporting Vermont, written by law professors and submitted on behalf of the New England Journal of Medicin

Security and confidentiality approach for the Clinical E-Science Framework (CLEF)

Objectives: CLEF is an MRC sponsored project in the E-Science programme that aims to establish methodologies and a technical infrastructure for the next generation of integrated clinical and bioscience research. Methods: The heart of the CLEF approach to this challenge is to design and develop a pseudonymised repository of histories of cancer patients that can be accessed by researchers. Robust mechanisms and policies have been developed to ensure that patient privacy and confidentiality are preserved while delivering a repository of such medically rich information for the purposes of scientific research. Results: This paper summarises the overall approach adopted by CLEF to meet data protection requirements, including the data flows, pseudonymisation measures and additional monitoring policies that are currently being developed. Conclusion: Once evaluated, it is hoped that the CLEF approach can serve as a model for other distributed electronic health record repositories to be accessed for research

Security and confidentiality approach for the Clinical E-Science Framework (CLEF)

CLEF is an MRC sponsored project in the E-Science programme that aims to establish policies and infrastructure for the next generation of integrated clinical and bioscience research. One of the major goals of the project is to provide a pseudonymised repository of histories of cancer patients that can be accessed by researchers. Robust mechanisms and policies are needed to ensure that patient privacy and confidentiality are preserved while delivering a repository of such medically rich information for the purposes of scientific research. This paper summarises the overall approach adopted by CLEF to meet data protection requirements, including the data flows and pseudonymisation mechanisms that are currently being developed. Intended constraints and monitoring policies that will apply to research interrogation of the repository are also outlined. Once evaluated, it is hoped that the CLEF approach can serve as a model for other distributed electronic health record repositories to be accessed for research

Protecting Patient Privacy: Strategies for Regulating Electronic Health Records Exchange

The report offers policymakers 10 recommendations to protect patient privacy as New York state develops a centralized system for sharing electronic medical records. Those recommendations include:Require that the electronic systems employed by HIEs have the capability to sort and segregate medical information in order to comply with guaranteed privacy protections of New York and federal law. Presently, they do not.Offer patients the right to opt-out of the system altogether. Currently, people's records can be uploaded to the system without their consent.Require that patient consent forms offer clear information-sharing options. The forms should give patients three options: to opt-in and allow providers access to their electronic medical records, to opt-out except in the event of a medical emergency, or to opt-out altogether.Prohibit and sanction the misuse of medical information. New York must protect patients from potential bad actors--that small minority of providers who may abuse information out of fear, prejudice or malice.Prohibit the health information-sharing networks from selling data. The State Legislature should pass legislation prohibiting the networks from selling patients' private health information

Towards the Integration of Value and Coordination Models - Position Paper -

Cross-organizational collaborations have a high complexity.\ud Modelling these collaborations can be done from di®erent perspectives.\ud For example, the value perspective represents expected value exchanges\ud in a collaboration while the coordination perspective represents the order\ud in which these exchanges occur. How to maintain consistency between\ud di®erent models during design time as well as runtime constitutes a chal-\ud lenging topic. De¯ning criteria and de¯nitions re°ecting the relation be-\ud tween these models during the entire life cycle is not straightforward.\ud Di®erent criteria are used for di®erent models since each model captures\ud a speci¯c aspect of the collaboration. In this paper we investigate the\ud challenges arising when addressing the problem of maintaining adequate\ud and consistent models of a collaboration during the entire life cycle of\ud a collaboration. We propose a framework in which we connect business\ud layer, process layer and implementation layer, presenting the direction\ud for solving this multifaceted problem. We will describe several challenges\ud we anticipate to encounter while implementing our framework