A data protection scheme for a remote vital signs monitoring healthcare service

Medical Informatics and the Internet in Medicine

Volumn 25, Issue 3, 2000, Pages 207-224

  Lambrinoudakis, D Gritzalis, C ^a,b  

^a ATHENS UNIVERSITY OF ECONOMICS AND BUSINESS   (Greece)

^b UNIVERSITY OF THE AEGEAN   (Greece)

Author keywords

Data protection healthcare information systems security patient home monitoring cramm risk analysis risk management security measures

Indexed keywords

ARTICLE; COMPUTER PROGRAM; COMPUTER SECURITY; COST EFFECTIVENESS ANALYSIS; HEALTH MAINTENANCE ORGANIZATION; HEALTH SERVICE; HOME CARE; INFORMATION RETRIEVAL; INFORMATION SERVICE; INFORMATION SYSTEM; METHODOLOGY; PATIENT INFORMATION; PATIENT MONITORING; PRIVACY; RISK BENEFIT ANALYSIS; RISK MANAGEMENT;

COMPUTER SECURITY; HOME CARE SERVICES; RISK MANAGEMENT; TELEMETRY;

EID: 84860395930     PISSN: 14639238     EISSN: 14645246     Source Type: Journal    
DOI: 10.1080/146392300750019208     Document Type: Article

References (22)

1. A theoretical approach to the use of CPGs. The Guideline. Fall 1995, 1-2.
2. ANSI/HISB, Inventory of Healthcare Information Standards, January 1997.
3. BANKS, N., 1996, Constructing algorithm flowcharts for clinical performance management, International Journal on Health Care, 8, 395-400.
4. CCTA Risk Analysis and Management Methodology (CRAMM, ver. 3.0), Central Computer and Telecommunication Agency, United Kingdom, 1997.
5. CEN, TC-251, Secure User Identification for Healthcare: Identification and Authentication by Passwords: Management and Security, prENV 12251, June 1995.
6. CEN, TC-251, Security Categorisation and Protection for Healthcare Information Systems, Draft prENV, October 1996.
7. CEN, TC-251, Standards in Healthcare Informatics and Telematics, Ver. 2.0, April 1996.
8. CEN, TC-251, Vital Signs Information Representation, December 1997.
9. Commission of the European Communities, Glossary of information systems security, INFOSEC Programme, Project S-2001, 1993.
10. Commission of the European Communities, Risk analysis methods database, INFOSEC Programme, Project 82014, 1993.
11. DUBOIS, E., Wu, S., 1996, A framework for dealing with and specifying security requirements in information systems. In Proceedings of the 12th IFIP Information Security Conference, D. Gritzalis and S. Katsikas (eds.), (London: Chapman & Hall) pp. 88-99.
12. ELOFF, J., LABUSCHAGNE, L. and BADENHORST, K., 1993, A comparative framework for risk analysis methods, Computers and Security, 12, 597-603.
13. European Parliament Directive 95/46: 'On the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data', Official Journal of the EC, L281/31-50, November 1995.
14. GRITZALIS D., 1998, Enhancing security and improving interoperability in Healthcare information systems, Medical Informatics, 23, 309-324.
15. GRITZALIS, S., ILIADIS, J., GRITZALIS, D., SPINELLIS, D. and KATSIKAS, S., 1999, Developing secure Web-based medical applications, Medical Informatics, 24, 75-90.
16. ISO/IEC/JTCI Information Technology-Security Techniques-Guidelines for the Management of IT Security, GMITS, ISO/IEC DTR13335, 1996.
17. KOKOLAKIS, S., GRITZALIS, D. and KATSIKAS, S., Draft standard for High Level Security Policies for Healthcare Establishments, European Commission, ISIS/MEDSEC Project, September 1998.
18. LASKE, C., 1996, Legal issues in medical informatics: a bird's eye view. In: B. Barber, et al. (eds.). Towards Security in Medical Telematics. (The Netherlands: IOS Press).
19. PARKER, D., 1995, A new framework for information security to avoid information anarchy. In Proceedings of the 11th IFIP Conference on Information Security, J. Ellof and S. von Solms (eds.), (London: Chapman & Hall) pp. 155-164.
20. REYNOLDS, J., and CHANDRAMOULI, R., Bole-Based Access Control Protection Profile, Ver. 1.0, July 1998.
21. THE SEISMED CONSORTIUM (eds.), 1996, Data Security for Health Care, Volumes I-III. (The Netherlands: IOS Press).
22. SPINELLIS, D., KOKOLAKIS S., and GRITZALIS S., 1999, Security requirements, risks and recommendations for small enterprise and home-office environments, Information Management and Computer Security, 7, 23-34.