Levels of Privacy for eHealth Systems in the Cloud Era

Enforcing in code privacy laws, internal company rules and principles like Privacy by Design is recognized as a challenge for the IT industry. In this paper we analyze the steps required and propose a guide towards this major goal. Our proposal is to emphasize the need to overcome the limits of service orchestration and create strong privacy and security enabling architectures based on two main ideas. The first idea is to use a semantic firewall that is capable to check privacy properties for the communication between applications and cloud and between cloud\u27s sub-systems. The second idea is to improve current SOA architectures with architectures based on executable choreographies that can be formally verified. In this paper we identify three types of executable choreographies. New types of abstraction which machines can verify and humans can trust are enabled by executable choreographies that act like truly verifiable environments for cloud applications

Mechatronics & the cloud

Conventionally, the engineering design process has assumed that the design team is able to exercise control over all elements of the design, either directly or indirectly in the case of sub-systems through their specifications. The introduction of Cyber-Physical Systems (CPS) and the Internet of Things (IoT) means that a design team’s ability to have control over all elements of a system is no longer the case, particularly as the actual system configuration may well be being dynamically reconfigured in real-time according to user (and vendor) context and need. Additionally, the integration of the Internet of Things with elements of Big Data means that information becomes a commodity to be autonomously traded by and between systems, again according to context and need, all of which has implications for the privacy of system users. The paper therefore considers the relationship between mechatronics and cloud-basedtechnologies in relation to issues such as the distribution of functionality and user privacy

Proposal for an eHealth Based Ecosystem Serving National Healthcare

The European Union (EU)'s keen concern about citizens' health and well-being advancement has been expressed at all levels. It has been understood that at present, these can only be achieved through coordinated actions at the individual member states' level based on EU directives, as well as through promoting and funding R&D and expanding the use of eHealth technologies. Despite the diversities and particularities among member states, common values such as universal access to good quality healthcare, equity, and solidarity have been widely accepted across EU. That demanded the adoption of policies and follow directives, which streamlined actions to bridge healthcare gaps, and facilitate cross-border healthcare. This paper articulates a framework for deriving a national healthcare system, based on interoperable Electronic Health Record (EHR) with safeguarding healthcare quality, enabling quadruple helix (Public, Academia, Industry, NGOs) driven R&D and guided by a patient-centered approach. A methodology to develop an integrated EHR at National level is proposed as a prerequisite for eHealth and put into perspective. Recommendations are given for the steps needed, from the managerial, legal, technical, and financial concerns in developing an open access, patient-centered national healthcare system based on the context and constraints of a country. The example of a small country to apply the proposed methodology is demonstrated. Stakeholders, including citizens, healthcare professionals, academia, and the industry are mobilized, enabled, and incentivized for implementing the methodology. Experiences are aspired to be offered as lessons learned for other countries to adapt on their environment

Blockchain leveraged decentralized IoT eHealth framework

Blockchain technologies recently emerging for eHealth, can facilitate a secure, decentral- ized and patient-driven, record management system. However, Blockchain technologies cannot accommodate the storage of data generated from IoT devices in remote patient management (RPM) settings as this application requires a fast consensus mechanism, care- ful management of keys and enhanced protocols for privacy. In this paper, we propose a Blockchain leveraged decentralized eHealth architecture which comprises three layers: (1) The Sensing layer –Body Area Sensor Networks include medical sensors typically on or in a patient body transmitting data to a smartphone. (2) The NEAR processing layer –Edge Networks consist of devices at one hop from data sensing IoT devices. (3) The FAR pro- cessing layer –Core Networks comprise Cloud or other high computing servers). A Patient Agent (PA) software replicated on the three layers processes medical data to ensure reli- able, secure and private communication. The PA executes a lightweight Blockchain consen- sus mechanism and utilizes a Blockchain leveraged task-offloading algorithm to ensure pa- tient’s privacy while outsourcing tasks. Performance analysis of the decentralized eHealth architecture has been conducted to demonstrate the feasibility of the system in the pro- cessing and storage of RPM data

Privacy and data protection in eHealth in Africa - an assessment of the regulatory frameworks that govern privacy and data protection in the effective implementation of electronic health care in Africa: is there a need for reform and greater regional collaboration in regulatory policymaking?

This thesis examines and evaluates the legal protection of privacy and personal data in South Africa and across Africa in the electronic health care industry, that is, where medical services are provided to individuals by way of networked technological platforms including mobile telephones. This thesis presents a critical understanding of, and pragmatic solution to, the questions that lie at the intersection of the following: an individual's right to privacy and data protection, cultural disparities when defining privacy, the emergence of electronic health care, the sensitivity of health related data, the need for health care in areas, where lack of resources and lack of accessibility are often commonplace, and the introduction of networked technologies within the health care system as a solution. Firstly, eHealth services and applications are described. Secondly, notions of privacy and data protection are considered. Thirdly, the prevailing legal determinants that form the basis of African and South African data protection regulatory measures are ascertained. Fourthly, selected illustrations are presented of the practical implementation of eHealth services and certain recent influencers within the digital environment, which may inform the future eHealth privacy regulatory framework. Finally, criticisms of the Malabo Convention are presented and recommendations advanced. As there is limited guidance with regard to policymaking decisions concerning privacy and data protection in the implementation of eHealth in developing countries, possibilities for reform are suggested. These will allow a more careful balance between, on the one hand, the normative commitment to providing accessible health care using electronic means and, on the other, the rights to privacy and data protection of the user, which require safeguarding within an African context. In proposing a solution, it is argued that adequate privacy regulation of electronic health must (1) be sensitive to societal and cultural differences in what is considered private, (2) be responsive to rapid technological transformation in healthcare industries, and (3) build user confidence in data protection in this context, to enable nascent electronic health initiatives to reach their potential in Africa. It is proposed that the adoption of an accepted social imperative protected by a powerful triumvirate of ethical constraints, effective legal provisions and regulations, and operational necessities, is possible. Greater regulatory collaboration across the continent is called for based on harmonised domestic and international laws, national policies, and industry codes of conduct that are sensitive to local conditions and challenges

Success factors affecting the healthcare professionals to utilize cloud computing services

Integrating the new technologies to improve the healthcare services can be seen as one of the research trends nowadays, as earlier studies have recommended the potential of emerging technologies in enhancing healthcare service practices by means of providing more opportunities to carry out activities essential for prevention, diagnosis, monitoring, and treatment of the disease. Involving the cloud computing services in healthcare domain can offer a way for handling and maintaining health data by making use of software applications hosted on the Internet. To ensure successful cloud computing utilization, a pre-examination on the context of usage should be applied in order to collect the real needs to guarantee getting all the possible benefits of this technology. In Iraq, the health records of public hospitals consist of various types of data which continue to increase in velocity, volume, and variety progressively. This has led to several major issues to the health sectors from two perspectives, data complexity and low IT integrity. For that reason, managing and maintaining all these health data are essential to healthcare organizations. In this paper, we collected the success factors that may influence the healthcare professionals to utilize cloud computing services for the health sector in Iraq. This is done by conducting an interview with 30 physicians and technicians from four hospitals in Iraq, then a literature survey was carried out to verify that all the gathered factors are within the circumstance of healthcare. It has been found that eight factors may affect the perspective of healthcare professionals to utilize cloud computing services. Finally, a conceptual model was developed based on the findings

Towards a European Health Research and Innovation Cloud (HRIC)

The European Union (EU) initiative on the Digital Transformation of Health and Care (Digicare) aims to provide the conditions necessary for building a secure, flexible, and decentralized digital health infrastructure. Creating a European Health Research and Innovation Cloud (HRIC) within this environment should enable data sharing and analysis for health research across the EU, in compliance with data protection legislation while preserving the full trust of the participants. Such a HRIC should learn from and build on existing data infrastructures, integrate best practices, and focus on the concrete needs of the community in terms of technologies, governance, management, regulation, and ethics requirements. Here, we describe the vision and expected benefits of digital data sharing in health research activities and present a roadmap that fosters the opportunities while answering the challenges of implementing a HRIC. For this, we put forward five specific recommendations and action points to ensure that a European HRIC: i) is built on established standards and guidelines, providing cloud technologies through an open and decentralized infrastructure; ii) is developed and certified to the highest standards of interoperability and data security that can be trusted by all stakeholders; iii) is supported by a robust ethical and legal framework that is compliant with the EU General Data Protection Regulation (GDPR); iv) establishes a proper environment for the training of new generations of data and medical scientists; and v) stimulates research and innovation in transnational collaborations through public and private initiatives and partnerships funded by the EU through Horizon 2020 and Horizon Europe