Recognition and Pseudonymization of Personal Data in Paper-Based Health Records
Recognition and Pseudonymization of Personal Data in Paper-Based Health Records: E-health requires the sharing of patient-related data when and where necessary. Electronic health records (EHR) allow the structured and expandable collection of medical data needed for clinical research studies and thereby not only enable the…
An Ontology-Based Approach for Constructing Bayesian Networks
Bayesian networks are commonly used for determining the probability of events that are influenced by various variables. Bayesian probabilities encode degrees of belief about certain events, and a dynamic knowledge body is used to strengthen, update, or weaken these assumptions. The creation of Bayesian networks…
Pseudonymization with Metadata Encryption for Privacy-Preserving Searchable Documents
[:en] The average costs of data leakage are steadily on the rise. As a consequence, several data security and access control mechanisms have been introduced, ranging from data encryption to intrusion detection or role-based access control, doing a great work in protecting sensitive information. However,…
Increasing Knowledge Capturing Efficiency by Enterprise Portals
www.emeraldinsight.com/journals.htm Collaborative ontology editing tools enable distributed user groups to build and maintain ontologies. Enterprises that use these tools to simply capture knowledge for a given ontological structure face the following problems: isolated software solution requiring its own user management; the user interface often does…
A Methodology for the Pseudonymization of Medical Data
[:en] A Methodology for the Pseudonymization of Medical Data: E-health enables the sharing of patient-related data whenever and wherever necessary. Electronic health records (EHRs) promise to improve communication between health care providers, thus leading to better quality of patients’ treatment and reduced costs. However, as…
Privacy-Preserving Storage and Access of Medical Data Through Pseudonymization and Encryption
[:en] Privacy-Preserving Storage and Access of Medical Data Through Pseudonymization and Encryption: E-health allows better communication between health care providers and higher availability of medical data. However, the downside of interconnected systems is the increased probability of unauthorized access to highly sensitive records what could…
Information Security Automation: How Far Can We Go?
ieeexplore.ieee.org/xpl/articleDetails.jsp Information security management is a very complex task which involves the implementation and monitoring of more than 130 security controls. To achieve greater efficiency in this process it is necessary to automate as many controls as possible. This paper provides an analysis of how…
A Community Knowledge Base for IT Security
dx.doi.org/10.1109/MITP.2011.35 Corporate IT security managers have a difficult time staying on top of the endless tide of new technologies and security threats sweeping into their organizations and information systems. The effectiveness of security controls must be balanced with a variety of operational issues, including the…
Information Security Risk Management: In which Security Solutions is it worth Investing?
[:en] Information Security Risk Management: In which Security Solutions is it worth Investing?: As companies are increasingly exposed to information security threats, decision makers are permanently forced to pay attention to security issues.Information security risk management provides an approach for measuring the security through risk…
An Ontology- and Bayesian-Based Approach for Determining Threat Probabilities
[:en] Information security risk management is crucial for ensuring long-term business success and thus numerous approaches to implementing an adequate information security risk management strategy have been proposed. The subjective threat probability determination is one of the main reasons for an inadequate information security strategy…
A Hybrid Approach Integrating Encryption and Pseudonymization for Protecting Electronic Health Records
Federated Health Information Systems (FHIS) integrate autonomous information systems of participating health care providers to facilitate the exchange of Electronic Health Records (EHR), which improve the quality and efficiency of patients‘ care. However, the main problem with collecting and maintaining the sensitive data in electronic…
Data Models for the Pseudonymization of DICOM Data
DICOM has become the most widely implemented and supported communications standard for medical imaging. The security of DICOM relies on the encryption of the communication channels. However, for highly sensitive medical data this is often not sufficient. This paper presents a data model for systems…