Data privacy considerations in Intensive Care Grids

Jesus Luna; Marios D. Dikaiakos; Theodoros Kyprianou; Angelos Bilas; Manolis Marazakis

Data privacy considerations in Intensive Care Grids

Jesus Luna, Marios D. Dikaiakos, Theodoros Kyprianou, Angelos Bilas, Manolis Marazakis

Medical School

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Novel eHealth systems are being designed to provide a citizen-centered health system, however the even demanding need for computing and data resources has required the adoption of Grid technologies. In most of the cases, this novel Health Grid requires not only conveying patient's personal data through public networks, but also storing it into shared resources out of the hospital premises. These features introduce new security concerns, in particular related with privacy. In this paper we survey current legal and technological approaches that have been taken to protect a patient's personal data into eHealth systems, with a particular focus in Intensive Care Grids. However, thanks to a security analysis applied over the Intensive Care Grid system (ICGrid) we show that these security mechanisms are not enough to provide a comprehensive solution, mainly because the data-at-rest is still vulnerable to attacks coming from untrusted Storage Elements where an attacker may directly access them. To cope with these issues, we propose a new privacy-oriented protocol which uses a combination of encryption and fragmentation to improve data's assurance while keeping compatibility with current legislations and Health Grid security mechanisms.

Original language	English
Title of host publication	Global Healthgrid
Subtitle of host publication	E-Science Meets Biomedical Informatics - Proceedings of HealthGrid 2008
Pages	178-187
Number of pages	10
Volume	138
Publication status	Published - 2008
Event	6th Annual HealthGrid Conference - Global HealthGrid: E-Science Meets Biomedical Informatics, HealthGrid 2008 - Chicago, IL, United States Duration: 2 Jun 2008 → 4 Jun 2008

Other

Other	6th Annual HealthGrid Conference - Global HealthGrid: E-Science Meets Biomedical Informatics, HealthGrid 2008
Country/Territory	United States
City	Chicago, IL
Period	2/06/08 → 4/06/08

Keywords

EHealth security
Encryption
Fragmentation
Intensive care grid
Privacy

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Cite this

@inproceedings{7be9dd8c603549ca94147c0f66ac98bf,

title = "Data privacy considerations in Intensive Care Grids",

abstract = "Novel eHealth systems are being designed to provide a citizen-centered health system, however the even demanding need for computing and data resources has required the adoption of Grid technologies. In most of the cases, this novel Health Grid requires not only conveying patient's personal data through public networks, but also storing it into shared resources out of the hospital premises. These features introduce new security concerns, in particular related with privacy. In this paper we survey current legal and technological approaches that have been taken to protect a patient's personal data into eHealth systems, with a particular focus in Intensive Care Grids. However, thanks to a security analysis applied over the Intensive Care Grid system (ICGrid) we show that these security mechanisms are not enough to provide a comprehensive solution, mainly because the data-at-rest is still vulnerable to attacks coming from untrusted Storage Elements where an attacker may directly access them. To cope with these issues, we propose a new privacy-oriented protocol which uses a combination of encryption and fragmentation to improve data's assurance while keeping compatibility with current legislations and Health Grid security mechanisms.",

keywords = "EHealth security, Encryption, Fragmentation, Intensive care grid, Privacy",

author = "Jesus Luna and Dikaiakos, {Marios D.} and Theodoros Kyprianou and Angelos Bilas and Manolis Marazakis",

year = "2008",

language = "English",

isbn = "9781586038748",

volume = "138",

pages = "178--187",

booktitle = "Global Healthgrid",

note = "6th Annual HealthGrid Conference - Global HealthGrid: E-Science Meets Biomedical Informatics, HealthGrid 2008 ; Conference date: 02-06-2008 Through 04-06-2008",

}

Luna, J, Dikaiakos, MD, Kyprianou, T, Bilas, A & Marazakis, M 2008, Data privacy considerations in Intensive Care Grids. in Global Healthgrid: E-Science Meets Biomedical Informatics - Proceedings of HealthGrid 2008. vol. 138, pp. 178-187, 6th Annual HealthGrid Conference - Global HealthGrid: E-Science Meets Biomedical Informatics, HealthGrid 2008, Chicago, IL, United States, 2/06/08.

TY - GEN

T1 - Data privacy considerations in Intensive Care Grids

AU - Luna, Jesus

AU - Dikaiakos, Marios D.

AU - Kyprianou, Theodoros

AU - Bilas, Angelos

AU - Marazakis, Manolis

PY - 2008

Y1 - 2008

N2 - Novel eHealth systems are being designed to provide a citizen-centered health system, however the even demanding need for computing and data resources has required the adoption of Grid technologies. In most of the cases, this novel Health Grid requires not only conveying patient's personal data through public networks, but also storing it into shared resources out of the hospital premises. These features introduce new security concerns, in particular related with privacy. In this paper we survey current legal and technological approaches that have been taken to protect a patient's personal data into eHealth systems, with a particular focus in Intensive Care Grids. However, thanks to a security analysis applied over the Intensive Care Grid system (ICGrid) we show that these security mechanisms are not enough to provide a comprehensive solution, mainly because the data-at-rest is still vulnerable to attacks coming from untrusted Storage Elements where an attacker may directly access them. To cope with these issues, we propose a new privacy-oriented protocol which uses a combination of encryption and fragmentation to improve data's assurance while keeping compatibility with current legislations and Health Grid security mechanisms.

AB - Novel eHealth systems are being designed to provide a citizen-centered health system, however the even demanding need for computing and data resources has required the adoption of Grid technologies. In most of the cases, this novel Health Grid requires not only conveying patient's personal data through public networks, but also storing it into shared resources out of the hospital premises. These features introduce new security concerns, in particular related with privacy. In this paper we survey current legal and technological approaches that have been taken to protect a patient's personal data into eHealth systems, with a particular focus in Intensive Care Grids. However, thanks to a security analysis applied over the Intensive Care Grid system (ICGrid) we show that these security mechanisms are not enough to provide a comprehensive solution, mainly because the data-at-rest is still vulnerable to attacks coming from untrusted Storage Elements where an attacker may directly access them. To cope with these issues, we propose a new privacy-oriented protocol which uses a combination of encryption and fragmentation to improve data's assurance while keeping compatibility with current legislations and Health Grid security mechanisms.

KW - EHealth security

KW - Encryption

KW - Fragmentation

KW - Intensive care grid

KW - Privacy

UR - http://www.scopus.com/inward/record.url?scp=53249097950&partnerID=8YFLogxK

M3 - Conference contribution

C2 - 18560120

AN - SCOPUS:53249097950

SN - 9781586038748

VL - 138

SP - 178

EP - 187

BT - Global Healthgrid

T2 - 6th Annual HealthGrid Conference - Global HealthGrid: E-Science Meets Biomedical Informatics, HealthGrid 2008

Y2 - 2 June 2008 through 4 June 2008

ER -

Data privacy considerations in Intensive Care Grids

Abstract

Other

Keywords

UN SDGs

Other files and links

Fingerprint

Cite this