Hugendubel.info - Die B2B Online-Buchhandlung 

Merkliste
Die Merkliste ist leer.
Bitte warten - die Druckansicht der Seite wird vorbereitet.
Der Druckdialog öffnet sich, sobald die Seite vollständig geladen wurde.
Sollte die Druckvorschau unvollständig sein, bitte schliessen und "Erneut drucken" wählen.

Electronic Healthcare Information Security

E-BookPDF1 - PDF WatermarkE-Book
190 Seiten
Englisch
Springer USerschienen am03.11.20102010
The adoption of Information and Communication Technologies (ICT) in healthcare is driven by the need to contain costs while maximizing quality and efficiency. However, ICT adoption for healthcare information management has brought far-reaching effects and implications on the spirit of the Hippocratic Oath, patient privacy and confidentiality. A wave of security breaches have led to pressing calls for opt-in and opt-out provisions where patients are free to choose to or not have their healthcare information collected and recorded within healthcare information systems. Such provisions have negative impact on cost, efficiency and quality of patient care. Thus determined efforts to gain patient trust is increasingly under consideration for enforcement through legislation, standards, national policy frameworks and implementation systems geared towards closing gaps in ICT security frameworks. The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency in patient care services are driving innovation in healthcare information management. Key among the main innovations is the introduction of new healthcare practice concepts such as shared care, evidence-based medicine, clinical practice guidelines and protocols, the cradle-to-grave health record and clinical workflow or careflow. Central to these organizational re-engineering innovations is the widespread adoption of Information and Communication Technologies (ICT) at national and regional levels, which has ushered in computer-based healthcare information management that is centred on the electronic healthcare record (EHR).mehr
Verfügbare Formate
BuchGebunden
EUR113,50
BuchKartoniert, Paperback
EUR128,39
E-BookPDF1 - PDF WatermarkE-Book
EUR96,29

Produkt

KlappentextThe adoption of Information and Communication Technologies (ICT) in healthcare is driven by the need to contain costs while maximizing quality and efficiency. However, ICT adoption for healthcare information management has brought far-reaching effects and implications on the spirit of the Hippocratic Oath, patient privacy and confidentiality. A wave of security breaches have led to pressing calls for opt-in and opt-out provisions where patients are free to choose to or not have their healthcare information collected and recorded within healthcare information systems. Such provisions have negative impact on cost, efficiency and quality of patient care. Thus determined efforts to gain patient trust is increasingly under consideration for enforcement through legislation, standards, national policy frameworks and implementation systems geared towards closing gaps in ICT security frameworks. The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency in patient care services are driving innovation in healthcare information management. Key among the main innovations is the introduction of new healthcare practice concepts such as shared care, evidence-based medicine, clinical practice guidelines and protocols, the cradle-to-grave health record and clinical workflow or careflow. Central to these organizational re-engineering innovations is the widespread adoption of Information and Communication Technologies (ICT) at national and regional levels, which has ushered in computer-based healthcare information management that is centred on the electronic healthcare record (EHR).
Details
Weitere ISBN/GTIN9780387849195
ProduktartE-Book
EinbandartE-Book
FormatPDF
Format Hinweis1 - PDF Watermark
FormatE107
Erscheinungsjahr2010
Erscheinungsdatum03.11.2010
Auflage2010
ReiheAdvances in Information Security
Reihen-Nr.53
Seiten190 Seiten
SpracheEnglisch
IllustrationenXXI, 190 p.
Artikel-Nr.1716431
Rubriken
Genre9200

Inhalt/Kritik

Inhaltsverzeichnis
1;Acknowledgements;7
2;Preface;8
3;Contents;10
4;List of Figures;15
5;List of Tables;17
5.1;LIST OF CONTRIBUTORS AND ORGANISATIONS;18
6;Chapter 1 Introduction to e-Healthcare Information Security;19
6.1;1.1 Introduction;19
6.2;1.2 The e-Healthcare Information: Nature and Trends;19
6.3;1.3 Security Impact of Trends in e-Healthcare Information Management;21
6.4;1.4 Trends in e-Healthcare Environment;22
6.4.1;1.4.1 Case Study: Canada;23
6.4.2;1.4.2 Case Study: IZIP and General Health Insurance Company of the Czech Republic;26
6.4.3;1.4.3 Case Study: Danish Health Data Network (DHDN);27
6.4.4;1.4.4 Case Study: The Norwegian Healthcare System;31
6.4.5;1.4.5 Case Study: Sweden;33
6.4.6;1.4.6 Case Study: UK NHS Direct Online (NHSDO) Information Service;35
6.5;1.5 Securing e-Healthcare Information: Signi.cance and Challenges;37
6.6;1.6 Concepts of e-Healthcare Information Security;38
6.7;1.7 Frameworks and Approaches;39
6.8;1.8 Issues in e-Healthcare Information Security;41
6.9;1.9 Summary;43
6.10;References;43
7;Chapter 2 Securing e-Healthcare Information;46
7.1;2.1 Introduction;46
7.2;2.2 Breaches of Privacy and Con.dentiality in e-Healthcare;47
7.2.1;2.2.1 Accidental Privacy and Condentiality Breaches;47
7.2.2;2.2.2 Ethically Questionable Conduct;48
7.2.3;2.2.3 Breaches Due to Illegal Actions;49
7.2.4;2.2.4 Laxity in Security for Sensitive e-Healthcare Information;49
7.3;2.3 The IT Security Challenge for Securing e-Healthcare Information;49
7.4;2.4 The Privacy and Con.dentiality Challenge;50
7.5;2.5 Utilisation Challenges;52
7.6;2.6 Legal Protection Challenges;53
7.7;2.7 The Nature of Secure e-Healthcare Information;53
7.8;2.8 The Principles for Securing e-Healthcare Information;55
7.9;2.9 Combining Security with Privacy and Con.dentiality;57
7.10;2.10 Identi.ability in Securing e-Healthcare Information;59
7.11;2.11 Anonymisation and Pseudonymisation;60
7.12;2.12 Technological Frameworks in Securing e-Healthcare Information;62
7.13;2.13 Engineering of Secure e-Healthcare Information;64
7.13.1;2.13.1 Methodologies for Engineering Secure e-Healthcare Information Systems;64
7.13.2;2.13.2 Measures and Security Metrics for Securing e-Healthcare Information;66
7.13.3;2.13.3 Evaluation of Secure e-Healthcare Information;67
7.14;2.14 Discussion and Summary of Issues in Securing e-Healthcare Information;67
7.15;References;68
8;Chapter 3 Laws and Standards for Secure e-Healthcare Information;75
8.1;3.1 Introduction;75
8.2;3.2 The Rationale for Laws and Standards in Securing e-Healthcare Information;76
8.3;3.3 Laws and Standards: Relationships, Roles and Interactions;77
8.4;3.4 Legal Protection of Privacy in e-Healthcare Information Management;78
8.4.1;3.4.1 International and EU Law on Protection of e-Healthcare Information;78
8.4.2;3.4.2 Irish Law on Protection of e-Healthcare Information;80
8.4.3;3.4.3 UK Law on Protection of e-Healthcare Information;82
8.4.4;3.4.4 Australian Law on Protection of e-Healthcare Information;82
8.4.5;3.4.5 New Zealand Law on Protection of e-Healthcare Information;82
8.4.6;3.4.6 Japanese Law on Protection of e-Healthcare Information;83
8.4.7;3.4.7 US Law on Protection of e-Healthcare Information;83
8.4.7.1;3.4.7.1 Health Insurance Portability and Accountability Act (HIPAA) in 1996;84
8.4.7.2;3.4.7.2 HIPAA Rules;84
8.4.7.3;3.4.7.3 HIPAA Privacy and Security Rules;85
8.4.7.4;3.4.7.4 The Impact of HIPAA 1996;86
8.4.7.5;3.4.7.5 Merits and De-Merits of HIPAA Approach;86
8.4.8;3.4.8 Canadian Law on Protection of e-Healthcare Information;87
8.5;3.5 Standards for Secure e-Healthcare Information;88
8.5.1;3.5.1 Health Level 7 (HL7) Standardisation;88
8.5.2;3.5.2 Committee for European Normalisation (CEN) Technical Committee (TC) 251 Standardisation;90
8.5.3;3.5.3 The openEHR Specication Standard;91
8.5.4;3.5.4 International Standards Organisation Technical Committee (ISO/TC) 215 Healthcare Informatics Standardisation;94
8.5.5;3.5.5 ASTM Committee E31 on Healthcare Informatics Standardisation;95
8.5.5.1;3.5.5.1 ASTM Committee E31 Standards for Security and Privacy inHealthcare Informatics;95
8.5.5.2;3.5.5.2 ASTM E31 Security Model for e-Healthcare Information;99
8.5.6;3.5.6 Generic IT Security within e-Healthcare Information Management;100
8.5.6.1;3.5.6.1 Authentication and Authorisation in e-Healthcare;100
8.5.6.2;3.5.6.2 Identity and the Unique Position of Biometric Methods forAuthentication;101
8.5.6.3;3.5.6.3 Authentication and Authorisation in Emerging Technologies fore-Healthcare InformationManagement;101
8.5.6.4;3.5.6.4 Data Integrity and Non-repudiation;103
8.5.6.5;3.5.6.5 Dominant Encryption Standards for Protecting Confidentiality;104
8.5.6.6;3.5.6.6 Encryption for Protecting Confidentiality in e-Healthcare;105
8.5.6.7;3.5.6.7 Security Certification;107
8.5.6.8;3.5.6.8 Security in Web-based Contexts;108
8.5.6.9;3.5.6.9 Conclusion;109
8.6;3.6 Discussion and Summary of the Legal and Standardisation Challenges;109
8.7;3.7 Summary;111
8.8;References;112
9;Chapter 4 Secure e-Healthcare Information Systems;117
9.1;4.1 Introduction;117
9.2;4.2 The elements of Security and Privacy in e-Healthcare Information Systems;118
9.3;4.3 Security and Privacy Provisions in EHR Systems;120
9.3.1;4.3.1 The Canadian Health Infoway;121
9.3.2;4.3.2 Security and Privacy Provisions in the UK NHS Care Records;122
9.3.3;4.3.3 Security and Privacy Provisions in the WorldVistA EHR System;124
9.4;4.4 Security and Privacy Provisions in Electronic Personal Healthcare Records;125
9.4.1;4.4.1 Google Health e-PHR;126
9.4.2;4.4.2 The Microsoft e-PHR service: The HealthVault;127
9.4.3;4.4.3 The Indivo Open Source e-PHR system;128
9.4.4;4.4.4 Summary of Concerns and Issues with e-PHR systems and Services;128
9.5;4.5 Security and Privacy in Clinical Decision Support Systems;130
9.6;4.6 The Challenges from Security and Privacy for e-Healthcare Information Security;133
9.7;4.7 Future e-Healthcare Information Management: Towards the EHR/PEHR Hybridisation;134
9.8;4.8 Summary;136
9.9;References;137
10;Chapter 5 Towards a Comprehensive Framework for Secure e-Healthcare Information;138
10.1;5.1 Introduction;138
10.2;5.2 The Problem of Securing e-Healthcare Information;139
10.3;5.3 The Context and Concepts for Securing e-Healthcare Information;140
10.4;5.4 Towards Future-Enabled Requirements for Securing e-Healthcare Information;143
10.4.1;5.4.1 The Security and Privacy Impact of the Evolution of the Control of e-Healthcare Information in Context of the Patient-Centred Paradigm;144
10.4.2;5.4.2 The nature, security and privacy implications of the EHR/PEHR hybrid;147
10.4.3;5.4.3 The Role of Security Metrics;149
10.4.4;5.4.4 Summary of Security and Privacy Requirements for Future-Enabled e-Healthcare Information;150
10.5;5.5 The Approach to Securing e-Healthcare Information;150
10.6;5.6 The Framework for Securing e-Healthcare Information Security and Privacy;152
10.6.1;5.6.1 The Key Drivers to the Security and Privacy of e-Healthcare Information Security;153
10.6.2;5.6.2 The Model for the e-Healthcare Information Control and Security and Privacy Risk Level Over Time;155
10.6.2.1;5.6.2.1 Period 1: The immediate past - absolute control by the clinician orhealthcare organisation;156
10.6.2.2;5.6.2.2 Period 2 and 3A: The present - transition to patient control;156
10.6.2.3;5.6.2.3 Periods 3B and 4: The immediate future- Balancing professionalrequirements with patient privacy;157
10.6.3;5.6.3 The Conceptual Framework for Secure e-Health Information;159
10.7;5.7 The Conceptual Architecture;161
10.8;5.8 Discussion and Summary;163
10.9;References;165
11;Chapter 6 Towards a Uni.ed Security Evaluation Framework for e-Healthcare Information Systems;166
11.1;6.1 Introduction;166
11.2;6.2 Evaluating Privacy and Security in e-Healthcare;166
11.3;6.3 Approaches to Evaluation of e-Healthcare Information Security and Privacy;168
11.3.1;6.3.1 Standards-Based Security and Privacy Evaluation;168
11.3.2;6.3.2 Privacy Policy Evaluation;168
11.3.3;6.3.3 Ontology-Based Privacy Evaluation;169
11.3.4;6.3.4 Security and Privacy Metrics;169
11.3.4.1;6.3.4.1 Policy-Based SecurityMetrics;170
11.3.4.2;6.3.4.2 Risk Security Metrics;170
11.3.4.3;6.3.4.3 Attack Graph-Based Security Metrics;170
11.3.4.4;6.3.4.4 Arguments Against Security and PrivacyMetrics;171
11.3.4.5;6.3.4.5 The Qualities of a Good Security or PrivacyMetric;172
11.3.5;6.3.5 Model-Based Approach to Security and Privacy Evaluation;175
11.4;6.4 Frameworks for e-Healthcare Information Privacy and Security Evaluation;175
11.4.1;6.4.1 Information Security Management Model-Based Evaluation Frameworks;175
11.4.2;6.4.2 Security Metric-Based Evaluation Frameworks;176
11.4.3;6.4.3 Security and Privacy Policy-Based Evaluation Frameworks;176
11.5;6.5 Towards a Uni.ed Privacy and Security Evaluation Framework for e-Healthcare Information;177
11.5.1;6.5.1 The Security and Privacy Evaluation Challenges for e-Healthcare Information;177
11.5.2;6.5.2 Towards a Unied Framework for Evaluating Privacy and Security of e-Healthcare Information;178
11.6;6.6 Human Factors in Evaluating e-Healthcare Information Security and Privacy;182
11.6.1;6.6.1 Impact of Technological Human Factors;182
11.7;6.7 Summary;183
11.8;References;184
12;Chapter 7 Discussions;188
12.1;7.1 Introduction;188
12.2;7.2 Securing Personal e-Healthcare;189
12.3;7.3 Proliferation of New Technologies;191
12.4;7.4 Health Identifier;193
12.5;7.5 Problem of Securing e-Healthcare Information;194
12.6;7.6 Contribution to Knowledge;196
12.7;7.7 Conclusion;197
12.8;7.8 Future Work and Research Directions;197
12.9;References;198
13;Appendix A International Standards Organisational Technical Committee (ISO/TX) 215 Healthcare Informatics Standardisation;199
14;Index;202mehr

Autor