Secure spontaneous emergency access to personal health record

We propose a system which enables access to the user's Personal Health Record (PHR) in the event of emergency. The access typically occurs in an ad-hoc and spontaneous manner and the user is usually unconscious, hence rendering the unavailability of the user's password to access the PHR. The proposed system includes a smart card carried by the user at all time and it is personalized with a pseudo secret, an URL to the PHR Server, a secret key shared with the PHR Server and a number of redemption tokens generated using a hash chain. In each emergency session, a one-time use redemption token is issued by the smart card, allowing the emergency doctor to retrieve the user's PHR upon successful authentication of his credentials and validation of the redemption token. The server returns the PHR encrypted with a one-time session key which can only be decrypted by the emergency doctor. The devised interaction protocol to facilitate emergency access to the user's PHR is secure and efficient

Using Ubicomp systems for exchanging health information : considering trust and privacy issues

Ambient Intelligence (AmI) and ubiquitous computing allow us to consider a future where computation is embedded into our daily social lives. This vision raises its own important questions and augments the need to understand how people will trust such systems and at the same time achieve and maintain privacy. As a result, we have recently conducted a wide reaching study of people’s attitudes to potential AmI scenarios. This research project investigates the concepts of trust and privacy issues specifically related to the exchange of health, financial, shopping and e-voting information when using AmI system. The method used in the study and findings related to the health scenario will be discussed in this paper and discussed in terms of motivation and social implications

Design Requirements for a Patient Administered Personal Electronic Health Record

Published version of a chapter in the book: Biomedical engineering, trends in electronics, communications and software. Intech, 2011 Open Acces

Pervasive Technologies and Support for Independent Living

A broad range of pervasive technologies are used in many domains, including healthcare: however, there appears to be little work examining the role of such technologies in the home, or the different wants and needs of elderly users. Additionally, there exist ethical issues surrounding the use of highly personal healthcare-related data, and interface issues centred on the novelty of the technologies and the disabilities experienced by the users. This report examines these areas, before considering the ways in which they might come together to help support independent-living users with disabilities which may be age-related

Brady Statute Data: Establishing Noncriminal Classifications for the Alaska Department of Public Safety

The Brady Handgun Violence Prevention Act of 1993 prohibits the purchase of firearms by persons in certain noncriminal categories. These reports describe potential data sources for the identification of mental committments, addicted substance abusers, illegal aliens, and persons who have been the subject of a domestic violence restraining order and discusses possible procedures, problems, and solutions associated with data collection for the purpose of Brady background checks. Lack of infrastructure for collecting certain types of data, incompleteness of information, and state constitutional protections, including the guarantee of privacy, are the chief obstacles to completely meeting the provisions of the Brady Act in Alaska.Bureau of Justice Statistics, United States Department of Justice Grant No. 96-RU-RX-K026Background / Needs and Benefits / Goals and Objectives / Project Design / Findings by Classification / Conclusio

Integrated, reliable and cloud-based personal health record: a scoping review.

Personal Health Records (PHR) emerge as an alternative to integrate patient’s health information to give a global view of patients' status. However, integration is not a trivial feature when dealing with a variety electronic health systems from healthcare centers. Access to PHR sensitive information must comply with privacy policies defined by the patient. Architecture PHR design should be in accordance to these, and take advantage of nowadays technology. Cloud computing is a current technology that provides scalability, ubiquity, and elasticity features. This paper presents a scoping review related to PHR systems that achieve three characteristics: integrated, reliable and cloud-based. We found 101 articles that addressed thosecharacteristics. We identified four main research topics: proposal/developed systems, PHR recommendations for development, system integration and standards, and security and privacy. Integration is tackled with HL7 CDA standard. Information reliability is based in ABE security-privacy mechanism. Cloud-based technology access is achieved via SOA.CONACYT - Consejo Nacional de Ciencia y TecnologíaPROCIENCI

Context-Based Access for Infrequent Requests in Tanzania\u27s Health Care System

Access control is an important aspect of any information system. It is a way of ensuring that users can only access what they are authorised to and no more. This can be achieved by granting users access to resources based on pre-defined organisational and legislative rules. Although access control has been extensively studied, and as a result, a wide range of access control models, mechanisms and systems have been proposed, specific access control requirements for healthcare systems that needs to support the continuity of care in an accountable manner have not been addressed. This results in a gap between what is required by the application domain and what is actually practised, and thus access control solutions implemented for the domain become too restrictive. The continuity of care is defined as the delivery of seamless health care services to patients through integration, coordination and sharing of information between providers. This thesis, therefore, designs a context-based access control model that allows healthcare professionals to bypass access rules in an accountable manner in case of an infrequent access request involving an emergency situation. This research uses the Tanzania\u27s healthcare system as a case study domain