Automated Transformation of Semi-Structured Text Elements

Interconnected systems, such as electronic health records (EHR), considerably improved the handling and processing of health information while keeping the costs at a controlled level. Since the EHR virtually stores all data in digitized form, personal medical documents are easily and swiftly available when needed. However, multiple formats and differences in the health documents managed by various health care providers severely reduce the efficiency of the data sharing process. This paper presents a rule-based transformation system that converts semi-structured (annotated) text into standardized formats, such as HL7 CDA. It identifies relevant information in the input document by analyzing its structure as well as its content and inserts the required elements into corresponding reusable CDA templates, where the templates are selected according to the CDA document type-specific requirements

Farm/IT - Mein Entscheidungshilfeassistent in der Fruchtfolgeplanung

Farm/IT ist ein Fruchtfolgeplanungstool. Es erstellt Fruchtfolgen unter Berücksichtigung der Nutzerpräferenzen und liefert ökonomische und agronomische Daten. Es eröffnet neue Denkansätze, um die eigenen Fruchtfolgen genauer unter die Lupe zu nehmen

A framework for the application of pseudonymization for primary and secondary use of health data

Zusammenfassung in deutscher SpracheToday's world is characterized by the availability of large amounts of data and the technologies to process them. This has been a significant boost to today's economy, but has also increased the need for data security. Whenever sensitive and personal data is involved, adequate data protection mechanisms must be installed to prevent unauthorized data disclosure which results in adverse consequences for individuals. Personal health data is a particular, usually highly sensitive type of data, which is why its disclosure must be tightly controlled in order to protect the privacy of individuals. The introduction of interconnected systems like electronic health records has made it easier to acquire and process vital information and has thus improved general health care, though the facilitated access to critical data has also increased the fear of data abuse by unauthorized parties. More often than not, unregulated disclosure of personal health data leads to discrimination or harassment of the affected individuals. Thus, existing legal regulations should be supplemented by technical means. However, personal health data is also an important source of information for research purposes, and patients usually agree to this form of beneficial data disclosure to third parties for secondary use, as long as their privacy is preserved. Thus, it is necessary to keep the balance between the patients' privacy and the usability of their health data for research purposes. In this thesis, pseudonymization is investigated as a method to keep this balance between privacy and data usability. The security architecture based on pseudonymization ensures that the patients' health data is stored in a pseudonymized state, which enables privacy-preserving secondary use. Since pseudonymization is a reversible process, access to the original de-pseudonymized data can be granted to trusted health care providers for direct primary care. This form of authorized data access is controlled exclusively by the patients who are acting as owners of their data. Therefore, this pseudonymization architecture supports the concurrent patient-controlled primary use and privacy-preserving secondary use of health data. Furthermore, the thesis also investigates pseudonymization in a scenario purely for secondary use including the necessary steps to convert existing archived health data into a form suitable for privacy-preserving processing for research purposes.12

The definition of secure business processes with respect to multiple objectives

Zsfassung in dt. SpracheBusiness processes have gained more and more importance in today's business environment, and their unimpeded execution is crucial for a company's success. Since business processes are permanently exposed to several threats, organizations are forced to pay attention to security issues. Although security of business activities is widely considered as important, business processes and security aspects are often developed separately. Recent approaches for managing business process security focus on certain aspects only and neglect others, thus not providing a holistic framework for analyzing process security and evaluating security safeguards. Often, these safeguards are evaluated according to technical aspects only; multiple objectives are not considered.This diploma thesis introduces a model-supported, risk-based multiobjective decision making methodology (MR-MOD) for the elicitation of security requirements of business processes, for the analysis of assets, threats, and vulnerabilities, and for the selection of appropriate security technologies. Thereby it combines the strengths of different methods, including process modeling, quantitative risk assessment, and multiobjective decision making techniques, for the definition of Secure Business Processes. MR-MOD is supported by the MODStool, a software application developed in the course of this thesis.Finally, the feasibility of this methodology is demonstrated in a case study.Im heutigen Geschäftsumfeld gewinnen Geschäftsprozesse mehr und mehr an Bedeutung und deren ungestörter Ablauf ist entscheidend für den Erfolg eines Unternehmens. Da Geschäftsprozesse permanent mehreren Gefahren ausgesetzt sind, sind Organisationen dazu gezwungen sicherheitsrelevanten Problemen Bedeutung beizumessen. Obwohl die Sicherheit von Geschäftstätigkeiten allgemein für wichtig erachtet wird, werden Geschäftsprozesse und Sicherheitsaspekte häufig getrennt voneinander entwickelt. Gegenwärtige Ansätze zur Gewährleistung der Sicherheit von Geschäftsprozessen richten ihr Hauptaugenmerk nur auf bestimmte Aspekte und vernachlässigen dadurch andere. Folglich stellen sie keine ganzheitliche Methodik dar, um die Sicherheit von Prozessen zu analysieren und um Sicherheitsmaßnahmen zu evaluieren. Oft werden diese nur nach technischen Gesichtspunkten bewertet, mehrfache Kriterien bleiben weitgehend unberücksichtigt.Diese Diplomarbeit stellt eine Methodik zur modellunterstützten und risikobasierten Multikriteriellen Entscheidungsfindung (MR-MOD) vor, die zur Erhebung von Sicherheitsanforderungen von Geschäftsprozessen, zur Analyse von Wertanlagen, Bedrohungen und Schwachstellen und zur Auswahl von geeigneten Sicherheitstechnologien herangezogen werden kann. Dabei verbindet sie die Stärken verschiedener Methoden zur Definition von sicheren Geschäftsprozessen, darunter Prozessmodellierung, Risikobewertung und Techniken der Multikriteriellen Entscheidungsfindung. MR-MOD wird durch die Softwareapplikation MODStool unterstützt, welche im Rahmen dieser Arbeit entwickelt wurde.Schließlich wird die Machbarkeit dieser Methodik anhand einer Fallstudie demonstriert.19

How to Increase the Inventory Efficiency in Information Security Risk and Compliance Management

The inventory process, i.e. the assessment of assets and implemented countermeasures, consumes a significant amount of time in the risk and compliance management process. Assets and countermeasures have to be identified and classified in terms of confidentiality, integrity and availability requirements. Depending on the organization\u27s size this process may include thousands of assets and countermeasures. This paper presents a novel inventory approach for assets and already implemented technical, physical, and organizational countermeasures (based on tools for network device mapping, software inventory, asset management, etc.). To efficiently assess implemented organizational countermeasures (policies, guidelines, etc.) we developed a keyword- and rule-based approach which automatically identifies existing policies in the ISO 27002 control context. The method and its implementation support middle and large organizations at efficiently assessing assets and implemented countermeasures by highly automating the inventory process. The method is not bound to any organization type or industry sector