Strengthening privacy and confidentiality protection for electronic health records

Czapski, M; Steele, RJ

Strengthening privacy and confidentiality protection for electronic health records

Czapski, M Steele, RJ

Permalink

Publisher:: IASTED
Publication Type:: Conference Proceeding
Citation:: 2005 International Conference on Web Technologies Applications and Services, 2005, pp. 1 - 6
Issue Date:: 2005-01

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download full textAdobe PDF (1.08 MB)

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Czapski, M	en_US
dc.contributor.author	Steele, RJ	en_US
dc.contributor.editor	Yun, V	en_US
dc.date	2005-07-04	en_US
dc.date.issued	2005-01	en_US
dc.identifier.citation	2005 International Conference on Web Technologies Applications and Services, 2005, pp. 1 - 6	en_US
dc.identifier.isbn	0-88986-483-7	en_US
dc.identifier.uri	http://hdl.handle.net/10453/7751
dc.description.abstract	Inappropriate disclosure and use of personal health information could have severe adverse consequences for the individual to whom it pertains, but non-disclosure could adversely affect other individuals or the society. In Australia efforts are under way to develop legislation that will address the protection of confidential health information. Development of large-scale health information repositories, intended to facilitate access to health information to many more parties than was previously possible, makes the issue of consent enforcement and access control more urgent than ever. Literature suggests that the majority of security threats arise out of insider activities. It is proposed to develop a confidentiality protection framework that will ensure personal, identifiable health information is only disclosed by consent or under circumstances prescribed by law, and that all access to that information is audited. The framework, based on encryption of health information at the time of collection, and decryption at the time of authorised use, provides a number of advantages over the traditional, enterprise-centric protection model.	en_US
dc.publisher	IASTED	en_US
dc.relation.ispartof	2005 International Conference on Web Technologies Applications and Services	en_US
dc.relation.ispartof	International Conference on Web Technologies, Applications, and Services	en_US
dc.title	Strengthening privacy and confidentiality protection for electronic health records	en_US
dc.type	Conference Proceeding
utslib.location	Calgary, Canada	en_US
utslib.location.activity	Calgary, Canada	en_US
utslib.for	200102 Communication Technology and Digital Media Studies	en_US
dc.location.activity	Calgary, Canada	en_US
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
utslib.copyright.status	open_access
pubs.consider-herdc	true	en_US
pubs.place-of-publication	Calgary, Canada	en_US
pubs.start-date	2005-07-04	en_US

Abstract:

Inappropriate disclosure and use of personal health information could have severe adverse consequences for the individual to whom it pertains, but non-disclosure could adversely affect other individuals or the society. In Australia efforts are under way to develop legislation that will address the protection of confidential health information. Development of large-scale health information repositories, intended to facilitate access to health information to many more parties than was previously possible, makes the issue of consent enforcement and access control more urgent than ever. Literature suggests that the majority of security threats arise out of insider activities. It is proposed to develop a confidentiality protection framework that will ensure personal, identifiable health information is only disclosed by consent or under circumstances prescribed by law, and that all access to that information is audited. The framework, based on encryption of health information at the time of collection, and decryption at the time of authorised use, provides a number of advantages over the traditional, enterprise-centric protection model.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/7751