وبلاگ بلیان

Security and Privacy of Electronic Healthcare Records: Concepts, paradigms and solutions (Healthcare Technologies)

معرفی کتاب «Security and Privacy of Electronic Healthcare Records: Concepts, paradigms and solutions (Healthcare Technologies)» نوشتهٔ Sudeep Tanwar; Sudhanshu Tyagi; Neeraj Kumar, (Computer scientist); Institution of Engineering and Technology، منتشرشده توسط نشر IET/The Institution Of Engineering And Technology در سال 2019. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

Hospitals, medical practices and healthcare organizations are implementing new technologies at breakneck speed. Yet privacy and security considerations are often an afterthought, putting healthcare organizations at risk of data security and privacy issues, fines, damage to their reputations, with serious potential consequences for the patients. Electronic Health Record systems (EHRs) consist of clinical notes, patient listings, lab results, imaging results and screening tests. EHRs are growing in complexity over time and requiring increasing amounts of data storage. With the development of the IoT, the Cloud and Smart Cities frameworks, new privacy and security methods are being pursued to secure healthcare-based systems and platforms. Presenting a detailed framework as well as comparative case studies for security protection, data integrity, privacy preservation, scalability, and healthcare legislation, this edited volume covers state of the art research and addresses privacy and security methods and technologies for EHRs. Cover......Page 1 Contents......Page 6 About the editors......Page 18 Preface......Page 20 Part I. Technological developments in healthcare......Page 24 1 Introduction......Page 26 1.1 Personal health record......Page 27 1.2.4 Uncontrolled secondary usage......Page 28 1.3 Electronic health record......Page 29 1.3.1 Advantages of having EHRs......Page 30 1.5 Security and privacy concern in HER......Page 31 1.5.1 Privacy in HER......Page 32 1.5.2 Security in HER......Page 34 1.6.6 Profiles of user......Page 35 References......Page 36 2.1 Introduction to electronic health records......Page 40 2.1.1 Paper-based records......Page 41 2.1.2 Moving toward EHR......Page 42 2.2.1 Core components of an EHR......Page 45 2.2.2 Additional desirable capabilities......Page 46 2.3.2 Financial challenge......Page 47 2.3.6 Usability......Page 48 2.3.7 Data completeness and correctness......Page 49 2.3.9 Security of EHR data......Page 50 2.3.10 Privacy concerns......Page 51 2.4.2 Application security......Page 52 2.4.6 Ubiquitous device security......Page 53 2.4.9 Data availability......Page 54 2.4.12 Data breach and mandatory disclosure......Page 55 2.5 Curbing security concerns......Page 56 2.6.1.1 Real owner of patient data......Page 57 2.6.1.4 Role-based access and authorization......Page 58 2.6.2.1 Indian context......Page 59 2.6.2.2 US context......Page 60 2.6.3.1 Homomorphic encryption......Page 61 References......Page 62 3.1.1 What is EHR (electronic health record)?......Page 66 3.1.2 Workflow of traditional medical care system......Page 67 3.1.3 Workflow of electronic health record system......Page 68 3.1.4 Advantages of the EHR system......Page 70 3.2.2 Privacy and confidentiality......Page 71 3.2.4 Problems arise in security and privacy......Page 72 3.3 The HIPAA rules and patient's rights for health care......Page 73 3.3.1 The HIPAA privacy rule......Page 74 3.3.3 The breach notification rule......Page 75 3.4.2 Examination and enforcement of potential ACT violations......Page 76 3.4.3 Understanding patients' health information rights......Page 77 3.5 Generalize E-health-care models......Page 78 References......Page 79 4.1 Introduction......Page 84 4.2 ISO standards for security......Page 85 4.2.2 ISO/IEC 9798......Page 86 4.3.1 Identification......Page 87 4.3.2 Authentication......Page 89 4.3.4 Access management......Page 94 4.3.4.1 Access management activities......Page 97 4.4 Policies for identity and access management......Page 100 4.5 Security attacks and goals......Page 102 4.6 Identification and access management techniques......Page 103 4.6.1.2 Federated identity management......Page 104 4.7.1 IoT-based healthcare security......Page 105 4.7.3 Implementation components for the e-health care system......Page 108 4.8 Summary......Page 111 References......Page 112 5.1 Introduction......Page 116 5.2 Understanding EHR systems......Page 117 5.2.2 Structure of electronic health record......Page 118 5.2.4.2 Interoperability and open systems......Page 119 5.2.4.3 Increased patient control......Page 120 5.2.4.4 Privacy and security......Page 121 5.3.1 Compliance......Page 122 5.3.3 Access control......Page 123 5.3.3.3 Cryptographic access control......Page 124 5.3.4.1 Ciphertext policy attribute-based encryption......Page 125 5.3.5 Key management......Page 126 5.3.6.1 Anonymous signatures......Page 127 5.4.1 Advantages of cloud......Page 128 5.4.2 Organization of EHR frameworks......Page 129 5.4.3 Cloud-based electronic record systems......Page 130 5.5 Blockchain for EHR systems......Page 134 5.5.1.2 Security and privacy issues......Page 136 5.5.2.1 Advantages of using blockchain......Page 137 5.5.2.2 Implementation......Page 138 5.5.2.4 Consensus algorithms......Page 139 5.5.2.6 Challenges......Page 140 5.5.3 MedRec......Page 142 5.5.4 Storing data off chain......Page 143 5.5.5 Identity and claims......Page 144 5.5.5.2 Verifiable credential......Page 145 5.5.5.3 Working of Sovrin......Page 146 5.6 Conclusion......Page 148 References......Page 149 6 Sustainable future IoT services with touch-enabled handheld devices......Page 154 6.1 Introduction......Page 155 6.2 Emerging IoT technologies......Page 156 6.2.3 Zigbee......Page 157 6.3 IoT architecture for diverse solutions......Page 158 6.4.1 Healthcare......Page 164 6.4.4 Logistics and supply chain management (SCM)......Page 165 6.5 The role of handheld devices in IoTs......Page 166 6.6.2 Network scalability in heterogeneous environment......Page 167 6.6.3 Required low deployment and adaptability cost......Page 168 6.7 Opportunities and challenges of IoTs with handheld devices......Page 170 References......Page 171 Part II. Healthcare models, solutions, and security standards......Page 176 7 Existing enabling technologies and solutions to maintain privacy and security in healthcare records......Page 178 7.1 Introduction......Page 179 7.1.1 Contributions......Page 180 7.2.1 Cloud computing......Page 181 7.3.2 Interoperability......Page 183 7.3.8 User revocation......Page 184 7.4.6 Insider attack......Page 185 7.5.1 Symmetric key encryption......Page 186 7.5.2 Public key encryption......Page 187 7.5.4 Attribute-based encryption......Page 188 7.5.5 Multiauthority attribute-based encryption......Page 189 7.5.7 Attribute set based encryption......Page 191 7.5.8 Hierarchical attribute set based encryption......Page 193 7.5.10 Various authentication schemes......Page 194 7.5.10.6 Smart card based authentication schemes......Page 196 7.6 A recent development to maintain privacy and security of HER......Page 197 7.6.1 Blockchain technology......Page 199 7.6.3 Comparison of cloud computing and blockchain......Page 200 References......Page 201 8 Healthcare models and algorithms for privacy and security in healthcare records......Page 206 8.1 Introduction to data security in healthcare......Page 207 8.2.1 Healthcare evolution......Page 209 8.2.3 Need to implement privacy in healthcare data and information......Page 210 8.3 Security issues in healthcare data and information......Page 211 8.4 Models for healthcare security......Page 214 8.4.1 RBAC healthcare model......Page 215 8.4.2 Task role-based access control model......Page 217 8.4.3 HL7 role-based access control model......Page 218 8.4.5 Privacy access control model for e-healthcare service......Page 219 8.4.6 TMAC model......Page 220 8.4.7 Security model for healthcare in cloud computing......Page 221 8.4.8 Security model for healthcare in big data......Page 223 8.4.9 Security model for healthcare in wireless sensor network......Page 224 8.5 Introduction to algorithms for security and privacy of healthcare system......Page 226 8.6 Data storage security......Page 227 8.6.1 Threat analysis......Page 229 8.7 Data access security......Page 231 8.7.1 Public key cryptography......Page 232 8.7.2 Data sharing security......Page 235 8.8 Authentication......Page 236 8.9 Conclusion......Page 238 References......Page 239 9.1 Introduction......Page 246 9.2.2 Classification of threats......Page 248 9.2.2.1 Organizational threats......Page 249 9.3.1 Information access control......Page 250 9.3.2 Statistical disclosure control......Page 252 9.4.1.1 Role-based access control......Page 253 9.4.1.2 Contextual role-based access control......Page 254 9.4.1.3 Tag-based data model......Page 256 9.4.1.4 Privacy management architecture......Page 258 9.4.2.1 Pseudonymization......Page 260 9.4.2.2 p-sensitive k-anonymity property......Page 262 9.4.2.3 Microaggregation......Page 264 9.5 Conclusions and future directions......Page 265 References......Page 267 10 Safety measures for EHR systems......Page 272 10.1.1 Traditional record maintenance in EHR......Page 273 10.1.2.3 Mandatory safety for EHR in an organization......Page 274 10.2.1 Safety and effectiveness of EHR......Page 275 10.2.4 Using EHR as a tool in health care process......Page 276 10.3.1 Implementation and design of safe EHR......Page 277 10.3.3 Managing and preventing EHR-related flaws......Page 278 10.4 Medical data breach......Page 279 10.5 Technical issues......Page 280 10.5.1.1 NIST approach......Page 281 10.5.2 Synchronization of records......Page 282 10.5.3.3 Organization of data......Page 284 10.7 Building a safety EHR safety metrics......Page 285 References......Page 286 11.1 Introduction......Page 290 11.3 Special protection for sensitive data and prohibition of the processing of personal data......Page 292 11.4 Medical data processing by a professional......Page 293 11.5 Safety standards in EHRs......Page 294 11.7 Case study: implementation of a secure EHRs system in the cloud......Page 295 11.8 From the optional computer to the cloud......Page 296 11.9 Application implemented completely in the cloud......Page 298 References......Page 302 12.1.2 Security and privacy issues in healthcare infrastructure......Page 306 12.2.1 Security attacks......Page 307 12.3.1 Overall solution description resolving discussed S&P issues......Page 308 12.3.2 Resistance against security attacks......Page 310 12.4 Conclusion and future directions......Page 311 A.1 Identify the need for PIA......Page 312 A.2 Describe the information flow (As shown in Figures A.1–A.3)......Page 313 A.3 Identify the privacy and related risks......Page 315 A.4 Identify privacy solutions......Page 317 A.5 Sign off and record the PIA outcomes......Page 320 A.6 Integrate the PIA outcomes back into the project plan......Page 321 References......Page 322 Part III. The role of blockchain to maintain security and privacy in healthcare......Page 326 13 Blockchain-based health information privacy protection......Page 328 13.2.2 Authentication and access for health data......Page 329 13.2.5 Case studies in health information privacy......Page 330 13.3.2 Practical examples of privacy policies......Page 334 13.3.3 Standards in the area of privacy and security......Page 335 13.4.3 IT security challenges and case studies......Page 336 13.5.1 Blockchain impact on health information privacy......Page 338 13.5.3 Performance evaluation metrics for security and privacy......Page 339 Further Reading......Page 340 14 The importance of healthcare information privacy through blockchain......Page 344 14.1 Introduction......Page 345 14.2 Blockchain: how it works?......Page 347 14.3 The general architecture of blockchain integrated healthcare data management system......Page 349 14.4 Privacy and integrity of healthcare data: challenges and issues of utilizing blockchain......Page 354 14.4.3 Data privacy and protection......Page 355 14.5 Healthcare data management: scope for tightening security offered by blockchain......Page 356 14.5.1.3 Distributed consensus-based on network scenario......Page 358 14.5.2.2 Ethereum account......Page 359 14.6 Potential uses of blockchain technology in healthcare industry......Page 361 14.6.3 Patient controlled healthcare services......Page 362 14.6.5 Digital identification of the patient......Page 363 14.7 Future research directions of utilizing blockchain in healthcare......Page 364 References......Page 365 15.1 Introduction......Page 368 15.1.1 The laws of privacy......Page 369 15.2.1 Traditional health-care system......Page 370 15.2.2 History of health care......Page 371 15.2.4 History of blockchain technology......Page 372 15.2.5 Transaction of blockchain life cycle......Page 373 15.3.1 Security principle......Page 375 15.3.2 Distributed network......Page 376 15.3.3 Patients......Page 378 15.3.4 Doctors......Page 379 15.3.7 Cloud......Page 380 15.3.9 Pharmaceutical industry......Page 381 15.4 The blockchain-based health-care industry......Page 382 15.4.1 Benefits of health-care blockchain......Page 385 15.4.2 Challenges of health-care blockchain......Page 387 15.5 Future trends......Page 388 References......Page 389 16.1 Introduction......Page 392 16.2 Preliminaries......Page 396 16.3 The proposed system......Page 398 16.3.1 Description of the protocol......Page 400 16.3.1.1 Policy generation......Page 401 16.3.2 Medical reports uploading......Page 402 16.3.3 Policy claim against treatment......Page 403 16.4 Analysis and discussions......Page 404 References......Page 407 17 Conclusion......Page 412 Index......Page 414 Back Cover......Page 433 Gathering International Contributions, This Book Is The First 'how-to' Guide Addressing Privacy And Security For Electronics Health Records (ehrs): Who Can Access Ehr Information? How Can Users And Healthcare Staff View Ehr Information And Make Sure It Is Correct? How Is The Information Protected From Loss, Theft And Hacking? What Should Users And Healthcare Staff Do If They Think The Information Has Been Compromised? The Team Of Authors Present A Detailed Framework For Security And Privacy In Ehrs, As Well As Comparative Case Studies For Privacy Preservation, Scalability, And Healthcare Legislation.
دانلود کتاب Security and Privacy of Electronic Healthcare Records: Concepts, paradigms and solutions (Healthcare Technologies)