nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Proposed Privacy Patterns for Privacy Preserving Healthcare Systems in Accord with Nova Scotia’s Personal Health Information Act

verfasst von : Maha Aljohani, Kirstie Hawkey, James Blustein

Erschienen in: Human Aspects of Information Security, Privacy, and Trust

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We propose privacy design patterns in the context of healthcare systems. These patterns are designed to support the Privacy-By-Design concept through the software lifecycle, focusing on the early design phase and mitigating privacy risks. As a departure point, we used Personal Health Information Act (PHIA) in Nova Scotia to derive the following five proposed privacy patterns: 1-request an access 2-request a correction 3-request not to disclose Personal Health Information 4-being notified if the PHI is lost, stolen or subject to unauthorized access 5-request a review. The patterns provide a guide to designers and developers in designing privacy-preserving systems in healthcare.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Secure Communication Protocol Between a Human and a Bank Server for Preventing Man-in-the-Browser Attacks

Nächstes Kapitel Information Security Application Design: Understanding Your Users

https://www.anonymizer.com.

http://www.tno.nl/instit/fel/pisa.

Provide users with feedback on collected information [18].

Security patterns and measures are out of the scope of this phase of the project.

Government Nova Scotia. Personal Health Information Act (2013). http://novascotia.ca/dhw/phia/public.asp

Cavoukian, A.: Privacy by design: leadership, methods, and results. In: European Data Protection: Coming of Age, pp. 175–202. Springer, Netherlands (2013)

National Research Council: Who goes there? Authentication through the lens of privacy. National Academies Press, Washington, D.C. (2003)

OECD: OECD guidelines on the protection of privacy and transborder flows of personal data (1980). http://www.oecd.org/home/

Brodie, C., Karat, C.M., Karat, J., Feng, J.: Usable security and privacy: a case study of developing privacy management tools. In: Proceedings of the 2005 Symposium on Usable Privacy and Security, pp. 35–43. ACM, July 2005

Guarda, P., Zannone, N.: Towards the development of privacy-aware systems. Inf. Softw. Technol. 51(2), 337–350 (2009)CrossRef

Office of the Information & privacy commissioner in Nova Scotia (2015). http://foipop.ns.ca

http://privacybydesign.ca

Chung, E.S., Hong, J.I., Lin, J., Prabaker, M.K., Landay, J.A., Liu, A.L.: Development and evaluation of emerging design patterns for ubiquitous computing. In: Proceedings of the 5th Conference on Designing Interactive Systems: Processes, Practices, Methods, and Techniques, pp. 233–242. ACM, August 2004

10.

Romanosky, S., Acquisti, A., Hong, J., Cranor, L.F., Friedman, B.: Privacy patterns for online interactions. In: Proceedings of the 2006 Conference on Pattern Languages Of Programs, p. 12. ACM, October 2006

11.

Borking, J.: Deridentity-protector. Datenschutz und Datensicherheit 20(11), 654–658 (1996)

12.

Seničar, V., Jerman-Blažič, B., Klobučar, T.: Privacy-enhancing technologies—approaches and development. Comput. Stan. Interfaces 25(2), 147–158 (2003)CrossRef

13.

Damiani, M.L.: Privacy enhancing techniques for the protection of mobility patterns in LBS: research issues and trends. In: European Data Protection: Coming of Age, pp. 223–239. Springer Netherlands (2013)

14.

W3C, Platform for Privacy Preferences, P3P 1.0 (2002). http://www.w3.org/P3P/

15.

Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)

16.

Communication COM (2007) 228: from the Commission to the European Parliament and the Council. On Promoting Data Protection by Privacy Enhancing Technologies (PETs) (2007)

17.

Fischer-Hübnner, S., Köffel, C., Pettersson, J.-S., Wolkerstorfer, P., Graf, C., Holtz, L.E., König, U., Hedbom, H., Kellermann, B.: Prime Life (2010). http://primelife.ercim.eu/images/stories/deliverables/d4.1.3-hci_pattern_collection_v2-public.pdf

18.

Compagna, L., El Khoury, P., Krausová, A., Massacci, F., Zannone, N.: How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns. Artif. Intell. Law 17(1), 1–30 (2009)CrossRef

19.

Porekar, J., Jerman-Blazic, A., Klobucar, T.: Towards organizational privacy patterns. In: 2008 Second International Conference on the Digital Society, pp. 15–19. IEEE, February 2008

20.

Bier, C., Krempel, E.: Common privacy patterns in video surveillance and smart energy. In: 2012 7th International Conference on Computing and Convergence Technology (ICCCT), pp. 610–615. IEEE, December 2012

21.

Privacypatterns.org, accessed 2015. http://privacypatterns.org/patterns/

22.

Department of Health and Community Services (2015). http://www.health.gov.nl.ca/health/phia/

23.

Personal Health Information Act, Department of Health and Community Services (2014). http://assembly.nl.ca/Legislation/sr/statutes/p07-01.htm

24.

ISO/IEC 29100. Information technology–Security techniques–Privacy framework. Technical report, ISO JTC 1/SC 27

25.

Buschmann, F., Meunier, R., Rohnert, H., Sommerlad, P., Stal, M.: Pattern-Oriented Software Architecture. John Wiley, Chichester (1996)

26.

The tech report is named CS-2016-01 and available at: https://www.cs.dal.ca/research/techreports/cs-2016-01

27.

Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (2004)

Titel: Proposed Privacy Patterns for Privacy Preserving Healthcare Systems in Accord with Nova Scotia’s Personal Health Information Act
verfasst von: Maha Aljohani
Kirstie Hawkey
James Blustein
Verlag: Springer International Publishing
Buch: Human Aspects of Information Security, Privacy, and Trust
Print ISBN: 978-3-319-39380-3

Electronic ISBN: 978-3-319-39381-0

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-39381-0_9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"