Legal framework for health cloud: A systematic review

BACKGROUND The complicated nature of cloud computing encompassing internet-based technologies and service models for delivering IT applications, processing capability, storage, and memory space brings along challenging problems. Some issues such as information security, privacy, and legal aspects of cloud computing may become challenging while cross passing with another complex domain like healthcare. OBJECTIVES The present study was conducted to report the results of a systematic literature review on the legal aspects of health cloud. METHOD The original English papers published in Pub Med, Scopus, Web of Science, and IEEE Digital Library databases were extracted, among which1582 were related to the legal aspects of health cloud environment and were selected using predefined search strings. CONCLUSION Through the review process, effective factors in relation to a health cloud legal framework were identified and accordingly, a proper design was developed for this domain. Next, the identified factors were confirmed and adjusted by mapping the contents of the selected papers to different categories and subcategories under the proposed framework. Five Main categories like the issues related to the compliance, data protection, Identity Credential Access Management (ICAM), ownership, and quality of service were selected as the basic pillars in the proposed framework. Finally, 22 papers were selected, among which 19 were mapped to the compliance issues, 18 the issues related to "Data protection" were addressed, and 14 "Identity Credential Access Management (ICAM)" was discussed. Fifteen Papers were mapped to "Data ownership" and "Quality of service" categories. Some papers were found to present some solutions in all the mentioned areas; however, most of them have addressed only a few issues.

[1]  Repu Daman,et al.  Security issues in cloud computing for healthcare , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[2]  Nader Mohamed,et al.  e-Health cloud implementation issues and efforts , 2015, 2015 International Conference on Industrial Engineering and Operations Management (IEOM).

[3]  Jennifer Harris,et al.  Genomic cloud computing: legal and ethical points to consider , 2014, European Journal of Human Genetics.

[4]  Rajkumar Buyya,et al.  Pricing Cloud Compute Commodities: A Novel Financial Economic Model , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[5]  William C. McGaghie,et al.  Problem statement, conceptual framework, and research question , 2001 .

[6]  Patrick C. K. Hung,et al.  Privacy Requirements for mobile e-Service in the Health Authority - Abu Dhabi (HAAD) , 2016, 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST).

[7]  Muthu Ramachandran,et al.  Cloud Computing Adoption Framework – a security framework for business clouds , 2015 .

[8]  Miguel López-Coronado,et al.  Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records Systems , 2013, Journal of medical Internet research.

[9]  Victor I. Chang,et al.  The development that leads to the Cloud Computing Business Framework , 2013, Int. J. Inf. Manag..

[10]  Mariana Gerber,et al.  Information security risk measures for Cloud-based personal health records , 2014, International Conference on Information Society (i-Society 2014).

[11]  Paul G Nagy,et al.  Cloud computing in medical imaging. , 2013, Medical physics.

[12]  Mohammad Sayad Haghighi,et al.  A conceptual trust model for the Internet of Things interactions , 2016, 2016 8th International Symposium on Telecommunications (IST).

[13]  Joan Hash,et al.  SP 800-66 Rev. 1. An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule , 2008 .

[14]  Sanjay P. Ahuja,et al.  A Survey of the State of Cloud Computing in Healthcare , 2012, Netw. Commun. Technol..

[15]  Victor I. Chang Data analytics and visualization for inspecting cancers and genes , 2017, Multimedia Tools and Applications.

[16]  Sai Peck Lee,et al.  An interoperability model for ultra large scale systems , 2014, Adv. Eng. Softw..

[17]  Lawrence E. Whitman,et al.  THE MISSING LINK: CULTURE AND LANGUAGE BARRIERS TO INTEROPERABILITY , 2006 .

[18]  Paula Kotzé,et al.  A review of interoperability standards in e-Health and imperatives for their adoption in Africa , 2013, South Afr. Comput. J..

[19]  Victor I. Chang,et al.  A model to compare cloud and non-cloud storage of Big Data , 2016, Future Gener. Comput. Syst..

[20]  Matthew B. Miles,et al.  Qualitative Data Analysis: An Expanded Sourcebook , 1994 .

[21]  Mike P. Papazoglou,et al.  Introduction: Service-oriented computing , 2003, CACM.

[22]  Ali Sunyaev,et al.  One Size does not Fit All: Information Security and Information Privacy for genomic Cloud Services , 2016, ECIS.

[23]  Abbas Asosheh,et al.  The conceptual model to solve the problem of interoperability in health information systems , 2016, 2016 8th International Symposium on Telecommunications (IST).

[24]  Rossana Ducato,et al.  Cloud computing for s-health and the data protection challenge: Getting ready for the General Data Protection Regulation , 2016, 2016 IEEE International Smart Cities Conference (ISC2).

[25]  Dimitrios Katsaros,et al.  Architectural Requirements for Cloud Computing Systems: An Enterprise Cloud Approach , 2011, Journal of Grid Computing.

[26]  James J. Cimino,et al.  Don't take your EHR to heaven, donate it to science: legal and research policies for EHR post mortem , 2014, J. Am. Medical Informatics Assoc..

[27]  Samuel D. Lustgarten Emerging ethical threats to client privacy in cloud communication and data storage. , 2015 .

[28]  S. Rosenbaum,et al.  Health Information Law in the Context of Minors , 2009, Pediatrics.

[29]  Bernd Zwattendorfer,et al.  An Overview of Cloud Identity Management-Models , 2014, WEBIST.

[30]  S. Ennett,et al.  Conceptual models for health education research and practice. , 1991, Health education research.

[31]  Kh Rao,et al.  Informed Consent: An Ethical Obligation or Legal Compulsion? , 2008 .

[32]  Victor I. Chang,et al.  Computational Intelligence for Medical Imaging Simulations , 2017, Journal of Medical Systems.

[33]  Isabel de la Torre,et al.  Análisis de Aspectos de Interés sobre Privacidad y Seguridad en la Historia Clínica Electrónica , 2011 .

[34]  Dean F. Sittig,et al.  Legal, Ethical, and Financial Dilemmas in Electronic Health Record Adoption and Use , 2011, Pediatrics.

[35]  Ton A. M. Spil,et al.  The Success of Google Search, the Failure of Google Health and the Future of Google Plus , 2013, TDIT.

[36]  Seyedmostafa Safavi,et al.  Conceptual Privacy Framework for Health Information on Wearable Device , 2014, PloS one.

[37]  Jan O. Korbel,et al.  Computing patient data in the cloud: practical and legal considerations for genetics and genomics research in Europe and internationally , 2017, Genome Medicine.

[38]  Kim-Kwang Raymond Choo,et al.  Healthcare-Related Data in the Cloud: Challenges and Opportunities , 2016, IEEE Cloud Computing.

[39]  Diana Vega,et al.  A Methodology for Automated Interoperability Testing of Healthcare Information Systems based on an Actor Emulation Approach , 2011 .

[40]  José Luís Oliveira,et al.  A PACS archive architecture supported on cloud services , 2012, International Journal of Computer Assisted Radiology and Surgery.

[41]  Siani Pearson,et al.  Mapping legal requirements to IT controls , 2013, 2013 6th International Workshop on Requirements Engineering and Law (RELAW).

[42]  Asma I. Magaireah,et al.  Factors affecting the adoption of integrated cloudbased e- health record in healthcare organizations: a case study of Jordan , 2014, Proceedings of the 6th International Conference on Information Technology and Multimedia.

[43]  Amit T Kharat,et al.  Cloud Computing for radiologists , 2012, The Indian journal of radiology & imaging.

[44]  Kevin Lee,et al.  An evaluation of hospital information systems integration approaches , 2012, ICACCI '12.

[45]  Harry Fulgencio,et al.  What challenges have to be faced when using the cloud for e-health services? , 2013, 2013 IEEE 15th International Conference on e-Health Networking, Applications and Services (Healthcom 2013).

[46]  Valentina Salapura,et al.  HIPAA Compliant Cloud for Sensitive Health Data , 2017, CLOSER.

[47]  Hans-Ulrich Prokosch,et al.  A scoping review of cloud computing in healthcare , 2015, BMC Medical Informatics and Decision Making.

[48]  Soumya Ray,et al.  Big Data Security in Healthcare: Survey on Frameworks and Algorithms , 2017, 2017 IEEE 7th International Advance Computing Conference (IACC).

[49]  Sai Peck Lee,et al.  A review of interoperability assessment models , 2013, Journal of Zhejiang University SCIENCE C.

[50]  Jameson Mbale,et al.  The Information Systems Interoperability Maturity Model (ISIMM): Towards Standardizing Technical Interoperability and Assessment within Government , 2012 .

[51]  Mauro Conti,et al.  A smart health application and its related privacy issues , 2016, 2016 Smart City Security and Privacy Workshop (SCSP-W).

[52]  C. A. Klein,et al.  Cloudy confidentiality: clinical and legal implications of cloud computing in health care. , 2011, The journal of the American Academy of Psychiatry and the Law.

[53]  Gary Wills,et al.  Using Cloud for Research: A Technical Review , 2010 .

[54]  Nathan Regola,et al.  Storing and Using Health Data in a Virtual Private Cloud , 2013, Journal of medical Internet research.

[55]  Samee Ullah Khan,et al.  > REPLACE THIS LINE WITH YOUR PAPER IDENTIFICATION NUMBER (DOUBLE-CLICK HERE TO EDIT) < 1 , 2008 .

[56]  Sai Peck Lee,et al.  Interoperability evaluation models: A systematic review , 2014, Comput. Ind..

[57]  Roslina Ibrahim,et al.  A Review on Cloud Computing Acceptance Factors , 2017 .

[58]  Mukesh Singhal,et al.  Compliance-Aware Provisioning of Containers on Cloud , 2017, 2017 IEEE 10th International Conference on Cloud Computing (CLOUD).

[59]  K. Wakunuma,et al.  Cloud computing, capabilities and intercultural ethics: Implications for Africa , 2017 .

[60]  Martin Gilje Jaatun,et al.  Healthcare Services in the Cloud -- Obstacles to Adoption, and a Way Forward , 2014, 2014 Ninth International Conference on Availability, Reliability and Security.

[61]  Victor I. Chang,et al.  Privacy-preserving smart IoT-based healthcare big data storage and self-adaptive access control system , 2018, Inf. Sci..

[62]  Hanan El Bakkali,et al.  Towards negotiable privacy policies in mobile healthcare , 2015, Fifth International Conference on the Innovative Computing Technology (INTECH 2015).

[63]  Axelos Managing Successful Projects with PRINCE2 , 2009 .

[64]  Vladimir Stantchev,et al.  Governance of Cloud Computing Services for the Life Sciences , 2014, IT Professional.