Cyber insurance of information systems: Security and privacy cyber insurance contracts for ICT and helathcare organizations

Nowadays, more-and-more aspects of our daily activities are digitalized. Data and assets in the cyber-space, both for individuals and organizations, must be safeguarded. Thus, the insurance sector must face the challenge of digital transformation in the 5G era with the right set of tools. In this paper, we present CyberSure-an insurance framework for information systems. CyberSure investigates the interplay between certification, risk management, and insurance of cyber processes. It promotes continuous monitoring as the new building block for cyber insurance in order to overcome the current obstacles of identifying in real-time contractual violations by the insured party and receiving early warning notifications prior the violation. Lightweight monitoring modules capture the status of the operating components and send data to the CyberSure backend system which performs the core decision making. Therefore, an insured system is certified dynamically, with the risk and insurance perspectives being evaluated at runtime as the system operation evolves. As new data become available, the risk management and the insurance policies are adjusted and fine-tuned. When an incident occurs, the insurance company possesses adequate information to assess the situation fast, estimate accurately the level of a potential loss, and decrease the required period for compensating the insured customer. The framework is applied in the ICT and healthcare domains, assessing the system of medium-size organizations. GDPR implications are also considered with the overall setting being effective and scalable

Reviewing the integration of patient data: how systems are evolving in practice to meet patient needs

<p>Abstract</p> <p>Background</p> <p>The integration of Information Systems (IS) is essential to support shared care and to provide consistent care to individuals – patient-centred care. This paper identifies, appraises and summarises studies examining different approaches to integrate patient data from heterogeneous IS.</p> <p>Methods</p> <p>The literature was systematically reviewed between 1995–2005 to identify articles mentioning patient records, computers and data integration or sharing.</p> <p>Results</p> <p>Of 3124 articles, 84 were included describing 56 distinct projects. Most of the projects were on a regional scale. Integration was most commonly accomplished by messaging with pre-defined templates and middleware solutions. HL7 was the most widely used messaging standard. Direct database access and web services were the most common communication methods. The user interface for most systems was a Web browser. Regarding the type of medical data shared, 77% of projects integrated diagnosis and problems, 67% medical images and 65% lab results. More recently significantly more IS are extending to primary care and integrating referral letters.</p> <p>Conclusion</p> <p>It is clear that Information Systems are evolving to meet people's needs by implementing regional networks, allowing patient access and integration of ever more items of patient data. Many distinct technological solutions coexist to integrate patient data, using differing standards and data architectures which may difficult further interoperability.</p

An architecture for regional health information networks addressing issues of modularity and interoperability

A fundamental pre-requisite for the establishment of a scaleable regional health information network (RHIN) is the development of an architectural framework and tools for the integration of specialized autonomous systems and e-health service platforms supported by an underlying health information infrastructure (HII). In this context, HYGEIAnet, which is the RHIN of Crete in Greece, has identified and utilized a number of critical software components enabling integrated access to clinically significant information, based on an open architecture addressing successfully the various interoperability challenges at hand. HYGEIAnet provides the framework for the reuse of standardized common components and public interfaces, thus enabling integrated and personalized delivery of healthcare

Role based access to patient’s clinical data: The InterCare approach in the region of Crete

Summarization: The basics of a particular Integrated Electronic Health Record (I-EHR) implementation are presented, as realised by the Patient Clinical Data Directory (PCDD) system. PCDD operates within the context of HYGEIAnet, the Integrated Healthcare Telematics Network of Crete. PCDD is based on a federation of autonomous information systems and provides to its authorized users alternative views of the health record as well as access and retrieval services to its geographically distributed segments. The data model of the PCDD is based on the Subjective Objective Assessment Plan (SOAP) model that originates from the primary healthcare domain. Access to detailed information on particular patients healthcare encounters is delivered via role-based authorisarion privilages and controls. The administration of the national healthcare organizations' business rules, for different user-groups, is made via a specially tailored and developed ruleeditor.Παρουσιάστηκε στο: Medical Informatics in Europe (MIE 2000) Conference

Resource capacity allocation to stochastic dynamic competitors:knapsack problem for perishable items and index-knapsack heuristic

In this paper we propose an approach for solving problems of optimal resource capacity allocation to a collection of stochastic dynamic competitors. In particular, we introduce the knapsack problem for perishable items, which concerns the optimal dynamic allocation of a limited knapsack to a collection of perishable or non-perishable items. We formulate the problem in the framework of Markov decision processes, we relax and decompose it, and we design a novel index-knapsack heuristic which generalizes the index rule and it is optimal in some specific instances. Such a heuristic bridges the gap between static/deterministic optimization and dynamic/stochastic optimization by stressing the connection between the classic knapsack problem and dynamic resource allocation. The performance of the proposed heuristic is evaluated in a systematic computational study, showing an exceptional near-optimality and a significant superiority over the index rule and over the benchmark earlier-deadline-first policy. Finally we extend our results to several related revenue management problems