A network security architecture to reduce the risk of data leakage for health care organizations

Health care is a highly regulated industry in which much value is placed upon privacy and confidentiality. The business of health care, particularly in certain academic environments, requires access to data of varying sensitivities, including information from the public Internet. This paper proposes a VLAN-based architecture for segregating data of varying sensitivities, a list of components that facilitate access to and distillation of data, and a method for one-way promotion of individual nodes from areas of lower security to areas of higher security. The proposed solution is an implementable and pragmatic approach to reducing the risk of data leakage. Quality of experience (QoE) measures of two methods for access (node promotion and porthole-based access) are compared. The node promotion method improves the user-perceived responsiveness of applications over the porthole-based method while reducing flexibility.

[1]  John McLean,et al.  Reasoning About Security Models , 1987, 1987 IEEE Symposium on Security and Privacy.

[2]  V. Rajaravivarma,et al.  Virtual local area network technology and applications , 1997, Proceedings The Twenty-Ninth Southeastern Symposium on System Theory.

[3]  Ethan V. Munson,et al.  Is 100 Milliseconds Too Fast? , 2001, CHI Extended Abstracts.

[4]  A. Perkis,et al.  A model for measuring Quality of Experience , 2006, Proceedings of the 7th Nordic Signal Processing Symposium - NORSIG 2006.

[5]  Lori C. Phillips,et al.  Using the i2b2 hive for clinical discovery: an example. , 2007, AMIA ... Annual Symposium proceedings. AMIA Symposium.

[6]  S.A.J. Alabady Design and Implementation of a Network Security Model using Static VLAN and AAA Server , 2008, 2008 3rd International Conference on Information and Communication Technologies: From Theory to Applications.

[7]  Clive Blackwell The management of online credit card data using the Payment Card Industry Data Security Standard , 2008, 2008 Third International Conference on Digital Information Management.

[8]  Jiajia Liu,et al.  Security analysis of VLAN-based Virtual Desktop Infrastructure , 2010, 2010 International Conference on Educational and Network Technology.

[9]  James W. Brady Securing Health Care: Assessing Factors That Affect HIPAA Security Compliance in Academic Medical Centers , 2011, 2011 44th Hawaii International Conference on System Sciences.

[10]  Jung A Kim The Creative Destruction of Medicine: How the Digital Revolution Will Create Better Health Care , 2011 .

[11]  Wei Hong Fu,et al.  VLAN Technology Application Research Based on Campus Network Security , 2012 .

[12]  Richard Rauscher Cloud Computing Considerations for Biomedical Applications , 2012, 2012 IEEE Second International Conference on Healthcare Informatics, Imaging and Systems Biology.

[13]  Michael Seufert,et al.  Quality of experience in remote virtual desktop services , 2013, 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013).

[14]  Eran Halperin,et al.  Identifying Personal Genomes by Surname Inference , 2013, Science.

[15]  Krystle Montoya Family Education Rights and Privacy Act (FERPA) , 2015 .

[16]  Jim Kurose,et al.  Computer Networking: A Top-Down Approach , 1999 .