Enhancing Privacy and Data Protection in Electronic Medical Environments

Raising awareness and providing guidance to on-line data protection is by all means a crucial issue worldwide. Equally important is the issue of applying privacy-related legislation in a coherent and coordinated way. Both these topics become even more critical when referring to medical environments and thus to the protection of patients' privacy and medical data. Electronic medical transactions require the transmission of personal and medical information over insecure communication channels like the Internet. It is therefore a rather straightforward task to construct “patient profiles” that capture the electronic medical behavior of a patient, or even reveal sensitive information in regard with her/his medical history. Clearly, the consequence from maintaining such profiles is the violation of the patient's privacy. This paper studies medical environments that can support electronic medical transactions or/and the provision of medical information through the Web. Specifically it focuses on the countermeasures that the various actor categories can employ for protecting the privacy of personal and medical data transmitted during electronic medical transactions.