A platform for secure monitoring and sharing of generic health data in the Cloud

The growing need for the remote caring of patients at home combined with the ever-increasing popularity of mobile devices due to their ubiquitous nature has resulted in many apps being developed to enable mobile telecare. The Cloud, in combination with mobile technologies has enabled doctors to conveniently monitor and assess a patient’s health while the patient is at the comfort of their own home. This demands sharing of health information between healthcare teams such as doctors and nurses in order to provide better and safer care of patients. However, the sharing of health information introduces privacy and security issues which may conflict with HIPAA standards. In this paper, we attempt to address the issues of privacy and security in the domain of mobile telecare and Cloud computing. We first demonstrate a telecare application that will allow doctors to remotely monitor patients via the Cloud. We then use this system as a basis to showcase our model that will allow patients to share their health information with other doctors, nurses or medical professional in a secure and confidential manner. The key features of our model include the ability to handle large data sizes and efficient user revocation

A new Sharing Paradigm for the Personal Cloud

International audiencePushed by recent legislation and smart disclosure initiatives, personal cloud solutions emerge and hold the promise of giving the control back to the individual on her data. However, this shift leaves the privacy and security issues in user's hands, a role that few people can properly endorse. Considering the inadequacy of existing sharing models, we advocate the definition of a new sharing paradigm dedicated to the personal cloud context. This sharing paradigm, called SWYSWYK (Share What You See with Who You Know), allows to derive intuitive sharing rules from the personal cloud content, to self-administer the subjects and the sensitive permissions, and to visualize the net effects of the sharing policy on the user's personal cloud. We then propose a reference architecture providing the users tangible guarantees about the enforcement of the SWYSWYK policies. An instance of this architecture has been implemented on top of an existing personal cloud platform to demonstrate the practicality of the approach

Risk and Information Disclosure in Google Drive Sharing of Tax Data

Risk abounds as individuals engage in activities involving the sharing of sensitive information through a third-party cloud storage tool. In this research, we investigate the storage and sharing of very sensitive information (an individual\u27s tax filing information) through a specific third-party technology provider, Google Drive. Within the specifics of such a potentially risky act we argue that information assurance mechanisms implemented by the cloud storage service provider reduce risk perceptions of individuals even when very sensitive information is being shared. Previous positive experience with a cloud service is likely to mitigate concerns on information sharing on the cloud. To elaborate this proposed relationship a research model of information assurance is proposed and tested in the context of tax filing sharing intention

e-Health Cloud: Privacy Concerns and Mitigation Strategies

Cloud based solutions have permeated in the healthcare domain due to a broad range of benefits offered by the cloud computing. Besides the financial advantages to the healthcare organizations, cloud computing also offers large-scale and on-demand storage and processing services to various entities of the cloud based health ecosystem. However, outsourcing the sensitive health information to the third-party cloud providers can result in serious privacy concerns. This chapter highlights the privacy issues related to the health-data and also presents privacy preserving requirements. Besides the benefits of the cloud computing in healthcare, cloud computing deployment models are also discussed from the perspective of healthcare systems. Moreover, some recently developed strategies to mitigate the privacy concerns and to fulfill the privacy preserving requirements are also discussed in detail. Furthermore, strengths and weaknesses of each of the presented strategies are reported and some open issues for the future research are also presented