Data security and privacy management in healthcare applications and clinical data warehouse environment

Health Information is considered the most sensitive information associated to an individual. Even though numerous suitable policies, guidelines, and compliance requirements are in place to safeguard health information, privacy and security breach remains key issues for electronic healthcare systems. In this paper we focus on these issues and propose a security and privacy model implemented in Methodist Environment for Translational and Outcomes Research (METEOR). METEOR was developed at Houston Methodist Hospital and consists of two components: the enterprise data warehouse (EDW) and a software intelligence and analytics (SIA) layer. This model indicates that patient privacy is best protected by implementing a systematic mix of technologies and best practices such as technical de-identification of data, restrictive data access, and security measures in the underlying technical platforms. Our results suggest that the proposed security model make data security compromise and unauthorized access of protected patient health information extremely improbable.

[1]  Anwar Pasha Deshmukh,et al.  Transparent Data Encryption -- Solution for Security of Database Contents , 2013, ArXiv.

[2]  Leslie S. Liu,et al.  Barriers to the adoption and use of personal health record systems , 2011, iConference.

[3]  Martin S. Olivier Database privacy: balancing confidentiality, integrity and availability , 2002, SKDD.

[4]  Noboru Sonehara,et al.  Aspects of privacy for electronic health records , 2011, Int. J. Medical Informatics.

[5]  Robert Boguslaw,et al.  Privacy and Freedom , 1968 .

[6]  José Luis Fernández Alemán,et al.  Security and privacy in electronic health records: A systematic literature review , 2013, J. Biomed. Informatics.

[7]  Mark A Rothstein Health privacy in the electronic age. , 2007, The Journal of legal medicine.

[8]  Maryam Ahmadi,et al.  Security Requirements and Solutions in Electronic Health Records: Lessons Learned from a Comparative Study , 2010, Journal of Medical Systems.

[9]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[10]  D. Levicky,et al.  Multimodal biometric authentication using speech and hand geometry fusion , 2008, 2008 15th International Conference on Systems, Signals and Image Processing.

[11]  Stephen T. C. Wong,et al.  METEOR: An Enterprise Health Informatics Environment to Support Evidence-Based Medicine , 2015, IEEE Transactions on Biomedical Engineering.

[12]  Carl A. Gunter Building a smarter health and wellness future: Privacy and security challenges , 2013 .

[13]  Mario Piattini,et al.  Security requirements engineering framework for software product lines , 2010, Inf. Softw. Technol..

[14]  Shifali Arora,et al.  Privacy and Security in Mobile Health (mHealth) Research , 2014, Alcohol research : current reviews.