Published: Apr 1, 2012
Converted to Gold OA:
DOI: 10.4018/ijcmam.20120401.pre
Volume 3
Content Forthcoming
Add to Your Personal Library: Article Published: Apr 1, 2012
Converted to Gold OA:
DOI: 10.4018/jcmam.2012040101
Volume 3
Ruoyu Wu, Gail-Joon Ahn, Hongxin Hu
In modern healthcare environments, there is a strong need to create an infrastructure that reduces time-consuming efforts and costly operations to obtain a patient’s complete medical record and...
Show More
In modern healthcare environments, there is a strong need to create an infrastructure that reduces time-consuming efforts and costly operations to obtain a patient’s complete medical record and uniformly integrates this heterogeneous collection of medical data to deliver it to the healthcare professionals. As a result, healthcare providers are more willing to shift their electronic medical record (EMR) systems to clouds that can remove the geographical distance barriers among providers and patients. Since a shared electronic health record (EHR) essentially represents a virtualized aggregation of distributed clinical records from multiple healthcare providers, sharing of such integrated EHRs should comply with various authorization policies from these data providers. In previous work, the authors present and implement a secure medical data sharing system to support selective sharing of composite EHRs aggregated from various healthcare providers in cloud computing environments. In this paper, the authors point out that when EMR systems are migrated to clouds, it is also critical to ensure that EMR systems are compliant with government regulations such as the Health Insurance Portability and Accountability Act (HIPAA). Also, the authors propose a HIPAA compliance management approach by leveraging logic-based techniques and apply it to the cloud-based EHRs sharing system. The authors also describe evaluation results to demonstrate the feasibility and effectiveness of the approach.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Wu, Ruoyu, et al. "Towards HIPAA-Compliant Healthcare Systems in Cloud Computing." IJCMAM vol.3, no.2 2012: pp.1-22. http://doi.org/10.4018/jcmam.2012040101
APA
Wu, R., Ahn, G., & Hu, H. (2012). Towards HIPAA-Compliant Healthcare Systems in Cloud Computing. International Journal of Computational Models and Algorithms in Medicine (IJCMAM), 3(2), 1-22. http://doi.org/10.4018/jcmam.2012040101
Chicago
Wu, Ruoyu, Gail-Joon Ahn, and Hongxin Hu. "Towards HIPAA-Compliant Healthcare Systems in Cloud Computing," International Journal of Computational Models and Algorithms in Medicine (IJCMAM) 3, no.2: 1-22. http://doi.org/10.4018/jcmam.2012040101
Export Reference
Published: Apr 1, 2012
Converted to Gold OA:
DOI: 10.4018/jcmam.2012040102
Volume 3
Jason King, Ben Smith, Laurie Williams
Inadequate audit mechanisms may result in undetected misuse of data in software-intensive systems. In the healthcare domain, electronic health record (EHR) systems should log the creating, reading...
Show More
Inadequate audit mechanisms may result in undetected misuse of data in software-intensive systems. In the healthcare domain, electronic health record (EHR) systems should log the creating, reading, updating, or deleting of privacy-critical protected health information. The objective of this paper is to assess electronic health record audit mechanisms to determine the current degree of auditing for non-repudiation and to assess whether general audit guidelines adequately address non-repudiation. The authors analyzed the audit mechanisms of two open source EHR systems, OpenEMR and Tolven eCHR, and one proprietary EHR system. The authors base the qualitative assessment on a set of 16 general auditable events and 58 black-box test cases for specific auditable events. The authors find that OpenEMR satisfies 62.5% of the general criteria and passes 63.8% of the black-box test cases. Tolven eCHR and the proprietary EHR system each satisfy less than 19% of the general criteria and pass less than 11% of the black-box test cases.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
King, Jason, et al. "Audit Mechanisms in Electronic Health Record Systems: Protected Health Information May Remain Vulnerable to Undetected Misuse." IJCMAM vol.3, no.2 2012: pp.23-42. http://doi.org/10.4018/jcmam.2012040102
APA
King, J., Smith, B., & Williams, L. (2012). Audit Mechanisms in Electronic Health Record Systems: Protected Health Information May Remain Vulnerable to Undetected Misuse. International Journal of Computational Models and Algorithms in Medicine (IJCMAM), 3(2), 23-42. http://doi.org/10.4018/jcmam.2012040102
Chicago
King, Jason, Ben Smith, and Laurie Williams. "Audit Mechanisms in Electronic Health Record Systems: Protected Health Information May Remain Vulnerable to Undetected Misuse," International Journal of Computational Models and Algorithms in Medicine (IJCMAM) 3, no.2: 23-42. http://doi.org/10.4018/jcmam.2012040102
Export Reference
Published: Apr 1, 2012
Converted to Gold OA:
DOI: 10.4018/jcmam.2012040103
Volume 3
Thomas Trojer, Basel Katt, Ruth Breu, Thomas Schabetsberger, Richard Mair
A central building block of data privacy is the individual right of information self-determination. Following from that when dealing with shared electronic health records (SEHR), citizens, as the...
Show More
A central building block of data privacy is the individual right of information self-determination. Following from that when dealing with shared electronic health records (SEHR), citizens, as the identified individuals of such records, have to be enabled to decide what medical data can be used in which way by medical professionals. In this context individual preferences of privacy have to be reflected by authorization policies to control access to personal health data. There are two potential challenges when enabling patient-controlled access control policy authoring: First, an ordinary citizen neither can be considered a security expert, nor does she or he have the expertise to fully understand typical activities and workflows within the health-care domain. Thus, a citizen is not necessarily aware of implications her or his access control settings have with regards to the protection of personal health data. Both privacy of citizen’s health-data and the overall effectiveness of a health-care information system are at risk if inadequate access control settings are in place. This paper refers to scenarios of a case study previously conducted and shows how privacy and information system effectiveness can be defined and evaluated in the context of SEHR. The paper describes an access control policy analysis method which evaluates a patient-administered access control policy by considering the mentioned evaluation criteria.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Trojer, Thomas, et al. "Managing Privacy and Effectiveness of Patient-Administered Authorization Policies." IJCMAM vol.3, no.2 2012: pp.43-62. http://doi.org/10.4018/jcmam.2012040103
APA
Trojer, T., Katt, B., Breu, R., Schabetsberger, T., & Mair, R. (2012). Managing Privacy and Effectiveness of Patient-Administered Authorization Policies. International Journal of Computational Models and Algorithms in Medicine (IJCMAM), 3(2), 43-62. http://doi.org/10.4018/jcmam.2012040103
Chicago
Trojer, Thomas, et al. "Managing Privacy and Effectiveness of Patient-Administered Authorization Policies," International Journal of Computational Models and Algorithms in Medicine (IJCMAM) 3, no.2: 43-62. http://doi.org/10.4018/jcmam.2012040103
Export Reference
Published: Apr 1, 2012
Converted to Gold OA:
DOI: 10.4018/jcmam.2012040104
Volume 3
Matt Matlock, Nakeisha Schimke, Liang Kong, Stephen Macke, John Hale
In neuroscience, collaboration and data sharing are undermined by concerns over the management of protected health information (PHI) and personal identifying information (PII) in neuroimage...
Show More
In neuroscience, collaboration and data sharing are undermined by concerns over the management of protected health information (PHI) and personal identifying information (PII) in neuroimage datasets. The HIPAA Privacy Rule mandates measures for the preservation of subject privacy in neuroimaging studies. Unfortunately for the researcher, the management of information privacy is a burdensome task. Wide scale data sharing of neuroimages is challenging for three primary reasons: (i) A dearth of tools to systematically expunge PHI/PII from neuroimage data sets, (ii) a facility for tracking patient identities in redacted datasets has not been produced, and (iii) a sanitization workflow remains conspicuously absent. This article describes the XNAT Redaction Toolkit - an integrated redaction workflow which extends a popular neuroimage data management toolkit to remove PHI/PII from neuroimages. Quickshear defacing is also presented as a complementary technique for deidentifying the image data itself. Together, these tools improve subject privacy through systematic removal of PII/PHI.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Matlock, Matt, et al. "Systematic Redaction for Neuroimage Data." IJCMAM vol.3, no.2 2012: pp.63-75. http://doi.org/10.4018/jcmam.2012040104
APA
Matlock, M., Schimke, N., Kong, L., Macke, S., & Hale, J. (2012). Systematic Redaction for Neuroimage Data. International Journal of Computational Models and Algorithms in Medicine (IJCMAM), 3(2), 63-75. http://doi.org/10.4018/jcmam.2012040104
Chicago
Matlock, Matt, et al. "Systematic Redaction for Neuroimage Data," International Journal of Computational Models and Algorithms in Medicine (IJCMAM) 3, no.2: 63-75. http://doi.org/10.4018/jcmam.2012040104
Export Reference
IGI Global Open Access Collection provides all of IGI Global’s open access content in one convenient location and user-friendly interface
that can easily searched or integrated into library discovery systems.
Browse IGI Global Open
Access Collection
Author Services Inquiries
For inquiries involving pre-submission concerns, please contact the Journal Development Division:
journaleditor@igi-global.comOpen Access Inquiries
For inquiries involving publishing costs, APCs, etc., please contact the Open Access Division:
openaccessadmin@igi-global.comProduction-Related Inquiries
For inquiries involving accepted manuscripts currently in production or post-production, please contact the Journal Production Division:
journalproofing@igi-global.comRights and Permissions Inquiries
For inquiries involving permissions, rights, and reuse, please contact the Intellectual Property & Contracts Division:
contracts@igi-global.comPublication-Related Inquiries
For inquiries involving journal publishing, please contact the Acquisitions Division:
acquisition@igi-global.comDiscoverability Inquiries
For inquiries involving sharing, promoting, and indexing of manuscripts, please contact the Citation Metrics & Indexing Division:
indexing@igi-global.com Editorial Office
701 E. Chocolate Ave.
Hershey, PA 17033, USA
717-533-8845 x100