Healthcare Data Security: Historical Development and Contemporary Perspectives
VerifiedAdded on 2023/04/22
|48
|16074
|276
AI Summary
This chapter discusses the historical development, contemporary perspectives, and implications of healthcare data security. It covers the evolution of technology, the pressures to healthcare data security and consistency of the medical devices, and the development of electronic health records (EHRs).
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: HEALTHCARE DATA SECURITY
Chapter 2
Name of the Student
Name of the University
Author Note
Chapter 2
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 1
Chapter 2: Literature Review
Beginning from insurance forms to medical records, and prescription based healthcare
services the business of healthcare can be stated as a largely networked environment that allows
sharing of patient information. It is also managed by a plethora of parties and each of them have
discrete levels of security for the protection and safeguard of pertinent information (Walker et
al., 2014). Several characteristics that impart uniqueness to healthcare data include the fact that
all the data are stored in multiple places such as, HR software, EMR and departments like
pharmacy and radiology. Furthermore, aggregation of the data into a central and single system
like an enterprise data warehouse (EDW), increases its accessibility and usefulness. This chapter
discusses the historical development, contemporary perspectives, and implications of healthcare
data security.
Historical Development of the Topic
With the evolution of technology, the pressures to healthcare data security and
consistency of the medical devices also increase. The most basic forms of medical archives were
descriptions transcribed by ancient Greeks, with the aim of documenting effective cures, sharing
essential medical observations about indications and outcomes, and teaching others who were
directly or indirectly involved in delivering medical advice, by conducting a thorough analysis of
the case studies. Although the written reports that contained a detailed description of the
patients’ complaints and analyses precede the chronicles of astrologers, Richard Napier and
Simon Forman, their accounts from 1596-1634 have been identified as the most primitive
comprehensive collection of medicinal records in actuality (Kassell, 2014).
The beginning of the health information management industry can be mapped back to the
1920s. It was during this time that healthcare professionals were able to realize the importance of
Chapter 2: Literature Review
Beginning from insurance forms to medical records, and prescription based healthcare
services the business of healthcare can be stated as a largely networked environment that allows
sharing of patient information. It is also managed by a plethora of parties and each of them have
discrete levels of security for the protection and safeguard of pertinent information (Walker et
al., 2014). Several characteristics that impart uniqueness to healthcare data include the fact that
all the data are stored in multiple places such as, HR software, EMR and departments like
pharmacy and radiology. Furthermore, aggregation of the data into a central and single system
like an enterprise data warehouse (EDW), increases its accessibility and usefulness. This chapter
discusses the historical development, contemporary perspectives, and implications of healthcare
data security.
Historical Development of the Topic
With the evolution of technology, the pressures to healthcare data security and
consistency of the medical devices also increase. The most basic forms of medical archives were
descriptions transcribed by ancient Greeks, with the aim of documenting effective cures, sharing
essential medical observations about indications and outcomes, and teaching others who were
directly or indirectly involved in delivering medical advice, by conducting a thorough analysis of
the case studies. Although the written reports that contained a detailed description of the
patients’ complaints and analyses precede the chronicles of astrologers, Richard Napier and
Simon Forman, their accounts from 1596-1634 have been identified as the most primitive
comprehensive collection of medicinal records in actuality (Kassell, 2014).
The beginning of the health information management industry can be mapped back to the
1920s. It was during this time that healthcare professionals were able to realize the importance of
HEALTHCARE DATA SECURITY 2
documenting care services provided to the patients, with the aim of giving benefits to both the
service users and the providers. Furthermore, a close association was also established between
the formulation of patient records, with the details, outcomes and complications related to patient
care. In other words, during the early 20s, healthcare professionals gained a sound understanding
of the potential advantages of obtaining, analyzing, and guarding digital and outmoded medical
evidence, vital to delivering high quality patient care. It has been stated by Fiorito and Edens
(2016) that physicians were initially involved in offering necessary medical advice on the
different ways of presenting pertinent information, in clinical records. During 1928 steps were
taken by the American College of Surgeons (ACOS) for standardizing the ever-increasing
number of clinical records by the establishment of the American Association of Record
Librarians (AARL), popularly referred to as the American Health Information Management
Association (AHIMA). Hence, although the healthcare record-keeping process continued, all the
data were paper-based.
This was followed by major changes during 1960 when the development and widespread
use of computers provided healthcare professionals with the opportunity of maintaining all health
records of patients in an electronic format. Nonetheless, the expenditure of acquiring and
sustaining a mainframe and the disbursement linked with storage of healthcare data, intended
that simply a handful of the largest healthcare organizations had the provision of putting
technology into use, for handling relevant medical records of their service users (Jacucci et al.,
2014). The same has been affirmed by Hammond et al. (2014) who elaborated on the fact that
the realm of health informatics, as commonly known today, developed with a sophistication in
the use of computer technology that increased its potential of managing huge volumes of
healthcare figures. One of the first labors took place below the dominion of the American
documenting care services provided to the patients, with the aim of giving benefits to both the
service users and the providers. Furthermore, a close association was also established between
the formulation of patient records, with the details, outcomes and complications related to patient
care. In other words, during the early 20s, healthcare professionals gained a sound understanding
of the potential advantages of obtaining, analyzing, and guarding digital and outmoded medical
evidence, vital to delivering high quality patient care. It has been stated by Fiorito and Edens
(2016) that physicians were initially involved in offering necessary medical advice on the
different ways of presenting pertinent information, in clinical records. During 1928 steps were
taken by the American College of Surgeons (ACOS) for standardizing the ever-increasing
number of clinical records by the establishment of the American Association of Record
Librarians (AARL), popularly referred to as the American Health Information Management
Association (AHIMA). Hence, although the healthcare record-keeping process continued, all the
data were paper-based.
This was followed by major changes during 1960 when the development and widespread
use of computers provided healthcare professionals with the opportunity of maintaining all health
records of patients in an electronic format. Nonetheless, the expenditure of acquiring and
sustaining a mainframe and the disbursement linked with storage of healthcare data, intended
that simply a handful of the largest healthcare organizations had the provision of putting
technology into use, for handling relevant medical records of their service users (Jacucci et al.,
2014). The same has been affirmed by Hammond et al. (2014) who elaborated on the fact that
the realm of health informatics, as commonly known today, developed with a sophistication in
the use of computer technology that increased its potential of managing huge volumes of
healthcare figures. One of the first labors took place below the dominion of the American
HEALTHCARE DATA SECURITY 3
Society for Testing and Materials (ASTM). The initial standards were formulated with the aim of
addressing exchange of laboratorymessages, data content, assets for electronic health record
schemes, and subsequent health information system security. El Camino Hospital in Mountain
View, CA formed a collaboration with the Lockheed Corporation in 1964, for developing a
hospital information system that comprised of medical archives, but mostly computer
manufacturers failed to understand the needs of the healthcare industry (Bouidi, Idrissi & Rais,
2017). This resulted in the foundation of the Eclipsys Corporation that provided all hospitals and
different healthcare organizations with computerized physician order entries, electronic medical
records, and revenue cycle administration software. However, several organizations did select for
a computer based healthcare system that effectively controlled medical records, while offering
restricted access to the archives. These systems provided access only at the location where it was
produced. These records most often contained material about the stay of patients at the hospitals,
different diagnostic tests and/or treatments delivered within the hospital premises (Cimino et al.,
2014).
This was followed by introduction of the Medicare and Medicaid in 1965 that required all
nursing professionals to participate in the collection and assortment of necessary healthcare data
for documenting patient care, in relation to their reimbursement (Bauchner, 2015). While the
time was marked by increased use of computers for billing and accounting based functions, the
usage of computers for the collection and management of patient medical records was still not
that prevalent (Shaw et al., 2014).Despite a reduction in the implementation of technology, the
necessity to homogenize electronic health records was documented by several establishments.
This eventually resulted in the formation of the Systematized Nomenclature of Medicine
(SNOMED) to schematize the pathology language. This in turn was succeeded by the formation
Society for Testing and Materials (ASTM). The initial standards were formulated with the aim of
addressing exchange of laboratorymessages, data content, assets for electronic health record
schemes, and subsequent health information system security. El Camino Hospital in Mountain
View, CA formed a collaboration with the Lockheed Corporation in 1964, for developing a
hospital information system that comprised of medical archives, but mostly computer
manufacturers failed to understand the needs of the healthcare industry (Bouidi, Idrissi & Rais,
2017). This resulted in the foundation of the Eclipsys Corporation that provided all hospitals and
different healthcare organizations with computerized physician order entries, electronic medical
records, and revenue cycle administration software. However, several organizations did select for
a computer based healthcare system that effectively controlled medical records, while offering
restricted access to the archives. These systems provided access only at the location where it was
produced. These records most often contained material about the stay of patients at the hospitals,
different diagnostic tests and/or treatments delivered within the hospital premises (Cimino et al.,
2014).
This was followed by introduction of the Medicare and Medicaid in 1965 that required all
nursing professionals to participate in the collection and assortment of necessary healthcare data
for documenting patient care, in relation to their reimbursement (Bauchner, 2015). While the
time was marked by increased use of computers for billing and accounting based functions, the
usage of computers for the collection and management of patient medical records was still not
that prevalent (Shaw et al., 2014).Despite a reduction in the implementation of technology, the
necessity to homogenize electronic health records was documented by several establishments.
This eventually resulted in the formation of the Systematized Nomenclature of Medicine
(SNOMED) to schematize the pathology language. This in turn was succeeded by the formation
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 4
of the Uniform Minimum Health Data Set (UMHDS) in order to progress the guidelines and
standards on national health data (Ivanović & Budimac, 2014).
There is mounting evidence for the fact that with increased development in IT, several
software were designed with the aim of providing support to clinical functions for clinical
laboratories, pharmacies, billing and patient registration. However, one potential disadvantage
was associated with lack of access of department-specific functions, by other hospital
departments (Wager, Lee & Glaser, 2017). One of the first attempts at establishment of
integrated healthcare records dates back to 1971 when the gynecology unit at University Medical
Center, Burlington, implemented a patient oriented system that encompassed all health
disciplines in order to provide a detailed overview of the delivered care. This helped in
establishing association between the treatments, costs, conditions, and outcomes. According to
Duke et al. (2014) this was followed by the development of the Regenstrief Medical Record
System (RMRS) in 1972 where data was collected from 35 diabetic patients who had been
admitted to the County General Hospital. The hard coded program involved entry of patient data,
its storage in the form of a detailed structure, and print of flow sheet reports.
Further chronological events comprise of the development of diagnosis related
groups (DRGs), concomitant with data that was required for repayment. This in turn augmented
the necessity for hospitals to procure comprehensive information from medical systems, besides
financial systems, with the aim of ensuring claims imbursement. Owing to the widespread
popularity of health associated software applications and personal computers, the staff working
with hospital information technology (IT) were gradually provided the responsibility of
integrating several disparate systems, with the development of network solutions (Vest et al.,
2014). In the words of Hodgson and Coiera (2015) the year 1982 marked the advent of the
of the Uniform Minimum Health Data Set (UMHDS) in order to progress the guidelines and
standards on national health data (Ivanović & Budimac, 2014).
There is mounting evidence for the fact that with increased development in IT, several
software were designed with the aim of providing support to clinical functions for clinical
laboratories, pharmacies, billing and patient registration. However, one potential disadvantage
was associated with lack of access of department-specific functions, by other hospital
departments (Wager, Lee & Glaser, 2017). One of the first attempts at establishment of
integrated healthcare records dates back to 1971 when the gynecology unit at University Medical
Center, Burlington, implemented a patient oriented system that encompassed all health
disciplines in order to provide a detailed overview of the delivered care. This helped in
establishing association between the treatments, costs, conditions, and outcomes. According to
Duke et al. (2014) this was followed by the development of the Regenstrief Medical Record
System (RMRS) in 1972 where data was collected from 35 diabetic patients who had been
admitted to the County General Hospital. The hard coded program involved entry of patient data,
its storage in the form of a detailed structure, and print of flow sheet reports.
Further chronological events comprise of the development of diagnosis related
groups (DRGs), concomitant with data that was required for repayment. This in turn augmented
the necessity for hospitals to procure comprehensive information from medical systems, besides
financial systems, with the aim of ensuring claims imbursement. Owing to the widespread
popularity of health associated software applications and personal computers, the staff working
with hospital information technology (IT) were gradually provided the responsibility of
integrating several disparate systems, with the development of network solutions (Vest et al.,
2014). In the words of Hodgson and Coiera (2015) the year 1982 marked the advent of the
HEALTHCARE DATA SECURITY 5
Dragon Naturally Speaking speech recognition software that later on collaborated with the
Lernout & Hauspie Speech Products, thus forming a milestone in healthcare data. This
eventually developed into a reliable tool for entering and storing patient related information into
healthcare data systems, thus easing the process of delivery of care, and its subsequent utilization
in future. With further advancement in technology, most departments of hospitals failed to
appropriately access healthcare information, outside their own storage, thus averting sharing of
healthcare from incongruent system.
According to research evidences published during the early 1990s, some of the major
barriers or issues related to healthcare data security that were faced by the hospital personnel
could be accredited to absence of proper standards, and high installation costs. These prevented
majority of hospitals from adequately adopting the use of electronic health records (Archenaa &
Anita, 2015). Development and enforcement of the master patient index (MPI) formed a
significant event in this field. This database contained detailed patient information and gradually
began to be used across all healthcare organizations, which in turn laid the foundation of
different initiatives like the Indiana Network for Patient Care (INPC). The year 1994 was marked
by the revision of the ICD-10 code version by the World Health Organization that contained
comprehensive codes for all symptoms, diseases, complaints, abnormal findings, external injury
causes and social circumstances (Subotin & Davis, 2014).
Time and again it has been proved that competition in healthcare resulted in the
consolidation of discrete hospitals in order to develop health systems, thereby recognizing the
need of integration. Technological advances also led to the increased access of hospitals to
different computing systems, which were responsible for sharing information across contrasting
healthcare systems (Youssef, 2014). In appreciation of the long-drawn-out opportunity of the
Dragon Naturally Speaking speech recognition software that later on collaborated with the
Lernout & Hauspie Speech Products, thus forming a milestone in healthcare data. This
eventually developed into a reliable tool for entering and storing patient related information into
healthcare data systems, thus easing the process of delivery of care, and its subsequent utilization
in future. With further advancement in technology, most departments of hospitals failed to
appropriately access healthcare information, outside their own storage, thus averting sharing of
healthcare from incongruent system.
According to research evidences published during the early 1990s, some of the major
barriers or issues related to healthcare data security that were faced by the hospital personnel
could be accredited to absence of proper standards, and high installation costs. These prevented
majority of hospitals from adequately adopting the use of electronic health records (Archenaa &
Anita, 2015). Development and enforcement of the master patient index (MPI) formed a
significant event in this field. This database contained detailed patient information and gradually
began to be used across all healthcare organizations, which in turn laid the foundation of
different initiatives like the Indiana Network for Patient Care (INPC). The year 1994 was marked
by the revision of the ICD-10 code version by the World Health Organization that contained
comprehensive codes for all symptoms, diseases, complaints, abnormal findings, external injury
causes and social circumstances (Subotin & Davis, 2014).
Time and again it has been proved that competition in healthcare resulted in the
consolidation of discrete hospitals in order to develop health systems, thereby recognizing the
need of integration. Technological advances also led to the increased access of hospitals to
different computing systems, which were responsible for sharing information across contrasting
healthcare systems (Youssef, 2014). In appreciation of the long-drawn-out opportunity of the
HEALTHCARE DATA SECURITY 6
role of members in data management and health informatics, the AARL organization that was
founded in 1928, endured its fourth name alteration to American Health Information
Management Association (AHIMA) (Gellert, Ramirez & Webster, 2015). This expanded the role
of professionals working in health information system beyond the data encompassed in a solitary
hospital medicinal data, to health information encompassing the complete range of care (Neame,
2014). Further advancements took in relation to the formulation and enforcement of the HIPPA
(Health Insurance Portability and Accountability Act) in 1996 for providing data security and
privacy provisions, with the aim of safeguarding essential medical information. In recent years
the law has also increased its prominence with its proliferation into the domain of healthcare data
breach due to ransomware attack or cyber-attack on providers and health insurers (Fuller, 2018).
With an advancement of the hospitals into wider healthcare systems for acquiring
individual practices of the physicians, healthcare organizations also identified the need of
implementing interoperability, where different IT systems help in communicating and
exchanging pertinent clinical data. The 2000s were marked by the incorporation of electronic
health records (EHRs) in order to enable all healthcare providers for making better healthcare
decisions. Implementation of EHR by an increased number of physicians and hospitals resulted
in a significant decrease in the incidence rates of preventable medical errors, by enhancing the
clarity and accuracy of the medical records. This was concomitant with the emphasis made by
the then President George Bush on the importance of combining information technology in
healthcare settings, and the usage of computerized health records, in the State of the Union
Address, 2004 (Smith et al., 2014).
According to Carley, Nicholson‐Crotty and Fisher (2015) acceptance of completely
purposeful EHRs developed more suggestively with the enforcement of American Recovery and
role of members in data management and health informatics, the AARL organization that was
founded in 1928, endured its fourth name alteration to American Health Information
Management Association (AHIMA) (Gellert, Ramirez & Webster, 2015). This expanded the role
of professionals working in health information system beyond the data encompassed in a solitary
hospital medicinal data, to health information encompassing the complete range of care (Neame,
2014). Further advancements took in relation to the formulation and enforcement of the HIPPA
(Health Insurance Portability and Accountability Act) in 1996 for providing data security and
privacy provisions, with the aim of safeguarding essential medical information. In recent years
the law has also increased its prominence with its proliferation into the domain of healthcare data
breach due to ransomware attack or cyber-attack on providers and health insurers (Fuller, 2018).
With an advancement of the hospitals into wider healthcare systems for acquiring
individual practices of the physicians, healthcare organizations also identified the need of
implementing interoperability, where different IT systems help in communicating and
exchanging pertinent clinical data. The 2000s were marked by the incorporation of electronic
health records (EHRs) in order to enable all healthcare providers for making better healthcare
decisions. Implementation of EHR by an increased number of physicians and hospitals resulted
in a significant decrease in the incidence rates of preventable medical errors, by enhancing the
clarity and accuracy of the medical records. This was concomitant with the emphasis made by
the then President George Bush on the importance of combining information technology in
healthcare settings, and the usage of computerized health records, in the State of the Union
Address, 2004 (Smith et al., 2014).
According to Carley, Nicholson‐Crotty and Fisher (2015) acceptance of completely
purposeful EHRs developed more suggestively with the enforcement of American Recovery and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
HEALTHCARE DATA SECURITY 7
Reinvestment Act (ARRA), in the year 2009. One primary measure that was involved in ARRA
was namelythe, Health Information Technology for Economic and Clinical Health (HITECH)
Act. The major objective of the HITECH act is uphold the perception regarding usage of EHRs,
besides promoting fiscal incentives for reassuring the application of EHRs. The subtitle D of the
HITECH Act was important owing to its role in addressing the confidentiality and security
worries related with the electronic distribution of essential health information (Beaty & Quirk,
2015).
Data from reports indicate that another major step in the field of healthcare data security
was the establishment of the Office of the National Coordinator for Health Information
Technology (ONC) that had the responsibility of formulating a private, secure and intraoperable
nationwide healthcare information system, that aimed to improve end user implementation of
EHR, and establishment of different standards by 2014. In other words, the ‘Triple Aim’ focused
on namely, (i) improvement of patient familiarity of care, (ii) enhancement the overall health of
the population, and (iii) reduction of per capita charges of healthcare (Sheikh, Sood & Bates,
2015). This was followed by a gradual doubling in the use of EHRs across all hospitals, in
comparison to the data of 2008. An estimated 96% hospitals and 87% office based physicians
were found to utilize EHRs in 2015, thus demonstrating the widespread recognition of healthcare
data security. In addition, the implementation of cloud computing services for an extensive
variety of industry, counting in healthcare, reinforced expanded networks that reached areas
beyond definite sites and settings to assemble different units together in a healthcare system or
HIE, lacking any noteworthy investment in novel technologies (Henry et al., 2016).
Research evidences also suggest that the augmented bulk of data, easiness of entree to
data and the necessity for health information authorities to direct the administration of healthcare
Reinvestment Act (ARRA), in the year 2009. One primary measure that was involved in ARRA
was namelythe, Health Information Technology for Economic and Clinical Health (HITECH)
Act. The major objective of the HITECH act is uphold the perception regarding usage of EHRs,
besides promoting fiscal incentives for reassuring the application of EHRs. The subtitle D of the
HITECH Act was important owing to its role in addressing the confidentiality and security
worries related with the electronic distribution of essential health information (Beaty & Quirk,
2015).
Data from reports indicate that another major step in the field of healthcare data security
was the establishment of the Office of the National Coordinator for Health Information
Technology (ONC) that had the responsibility of formulating a private, secure and intraoperable
nationwide healthcare information system, that aimed to improve end user implementation of
EHR, and establishment of different standards by 2014. In other words, the ‘Triple Aim’ focused
on namely, (i) improvement of patient familiarity of care, (ii) enhancement the overall health of
the population, and (iii) reduction of per capita charges of healthcare (Sheikh, Sood & Bates,
2015). This was followed by a gradual doubling in the use of EHRs across all hospitals, in
comparison to the data of 2008. An estimated 96% hospitals and 87% office based physicians
were found to utilize EHRs in 2015, thus demonstrating the widespread recognition of healthcare
data security. In addition, the implementation of cloud computing services for an extensive
variety of industry, counting in healthcare, reinforced expanded networks that reached areas
beyond definite sites and settings to assemble different units together in a healthcare system or
HIE, lacking any noteworthy investment in novel technologies (Henry et al., 2016).
Research evidences also suggest that the augmented bulk of data, easiness of entree to
data and the necessity for health information authorities to direct the administration of healthcare
HEALTHCARE DATA SECURITY 8
data has resulted in a snowballing dependence on healthcare informatics (Valdez et al., 2014).
This has been defined by American Medical Informatics Association (AMIA) as an arena of
information science allied with the supervision of all facets of health data and material through
the implementation and utilization of computer technology. With the advent of the 2010s, the
focus on delivery of value based care services started increasing in contrast to care that was
based on fees. The year also demonstrated an improved interest in improving patient outcomes
by averting avoidable medical errors, while propelling the accumulation of healthcare data for
supporting essential clinical decision making. Showing consistency with clinicians who agreed
upon the prominence of preceding health archives as knowledge tools that would advance health
outcomes, the contemporary healthcare professionals started using digitalized healthcare data for
enhancing patient care on a superior scale, with the use of health information tools that evaluated
population health data.
Further advancements were observed with the implementation of accountable care
organizations (ACOs), with the aim of improving healthcare of patients, and promoting
collaboration between the providers (McWilliams et al., 2016). Although the HIEs and ACOs
utilized EHRs for collection of patient data and their storage, there remains a significant gap in
the aggregation and harmonization of relevant information from different system for producing
data that can easily be examined. Data-sharing, intraoperability, and better access to healthcare
information continue to be an important prerequisite for improvement of health information
process, enablement of ACO, exchange of information, and formulation of care that is
population-specific.
Summary
data has resulted in a snowballing dependence on healthcare informatics (Valdez et al., 2014).
This has been defined by American Medical Informatics Association (AMIA) as an arena of
information science allied with the supervision of all facets of health data and material through
the implementation and utilization of computer technology. With the advent of the 2010s, the
focus on delivery of value based care services started increasing in contrast to care that was
based on fees. The year also demonstrated an improved interest in improving patient outcomes
by averting avoidable medical errors, while propelling the accumulation of healthcare data for
supporting essential clinical decision making. Showing consistency with clinicians who agreed
upon the prominence of preceding health archives as knowledge tools that would advance health
outcomes, the contemporary healthcare professionals started using digitalized healthcare data for
enhancing patient care on a superior scale, with the use of health information tools that evaluated
population health data.
Further advancements were observed with the implementation of accountable care
organizations (ACOs), with the aim of improving healthcare of patients, and promoting
collaboration between the providers (McWilliams et al., 2016). Although the HIEs and ACOs
utilized EHRs for collection of patient data and their storage, there remains a significant gap in
the aggregation and harmonization of relevant information from different system for producing
data that can easily be examined. Data-sharing, intraoperability, and better access to healthcare
information continue to be an important prerequisite for improvement of health information
process, enablement of ACO, exchange of information, and formulation of care that is
population-specific.
Summary
HEALTHCARE DATA SECURITY 9
Healthcare data security and management plays a crucial role in contemporary
healthcare. Patient records help in capturing essential patient information from different
laboratories, clinics, physicians, and treatment locations that not only deliver a holistic view of
the health history of the patient, but also provide vast information that can be utilized for
enhancing patient care and outcomes.
Contemporary Perspectives
The increasing use of electronic health record system (EHR) has flickered the necessity
for implementing regulatory guidelines on health information that are digitally stored, owing to
the elevated rates of cybercrime. During initial days, healthcare data security was associated with
simple steps such as, securing a file cabinet that contained a huge amount of patient records.
However, these days, the procedure of defending the confidentiality of health information is
much more multifaceted. Different kinds of data breaches are being discovered almost regularly,
which in turn pose extreme risks to the finances of all patients and healthcare providers (Kamoun
& Nicho, 2014). Security breaches have also been found responsible for causing damage beyond
financial loss. Targets of cybercrime also suffer mutilation to their statuses, while
administrations use appreciated time and flair exploring breaches, which prevents them from
monitoring and extenuating future attacks.
In the words of Patil and Seshadri (2014) with the ever-increasing charges for healthcare
services and augmented health insurance payments, there is a necessity for hands-on wellness
and healthcare. Besides, the trend of digitizing medicinal records has recently undergone a
paradigm transferal in the healthcare business. Thus, the healthcare industry is perceiving an
upsurge in absolute volume of data, in relation to difficulty, assortment, and timeliness. Big data
has emerged as a plausible resolution for lowering costs, while improving the caregiving delivery
Healthcare data security and management plays a crucial role in contemporary
healthcare. Patient records help in capturing essential patient information from different
laboratories, clinics, physicians, and treatment locations that not only deliver a holistic view of
the health history of the patient, but also provide vast information that can be utilized for
enhancing patient care and outcomes.
Contemporary Perspectives
The increasing use of electronic health record system (EHR) has flickered the necessity
for implementing regulatory guidelines on health information that are digitally stored, owing to
the elevated rates of cybercrime. During initial days, healthcare data security was associated with
simple steps such as, securing a file cabinet that contained a huge amount of patient records.
However, these days, the procedure of defending the confidentiality of health information is
much more multifaceted. Different kinds of data breaches are being discovered almost regularly,
which in turn pose extreme risks to the finances of all patients and healthcare providers (Kamoun
& Nicho, 2014). Security breaches have also been found responsible for causing damage beyond
financial loss. Targets of cybercrime also suffer mutilation to their statuses, while
administrations use appreciated time and flair exploring breaches, which prevents them from
monitoring and extenuating future attacks.
In the words of Patil and Seshadri (2014) with the ever-increasing charges for healthcare
services and augmented health insurance payments, there is a necessity for hands-on wellness
and healthcare. Besides, the trend of digitizing medicinal records has recently undergone a
paradigm transferal in the healthcare business. Thus, the healthcare industry is perceiving an
upsurge in absolute volume of data, in relation to difficulty, assortment, and timeliness. Big data
has emerged as a plausible resolution for lowering costs, while improving the caregiving delivery
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 10
and management, with the potential of altering the healthcare industry. Implementation of big
data in healthcare suggestively upsurges security and client privacy apprehensions. Big data
involves the storage of patient information in data centers, having changeable levels of security.
However, invasion of huge data sets from assorted sources creates a load on storing, dispensation
and communication. The same has been confirmed by Anagnostopoulos, Zeadally and Exposito
(2016) who elaborated on the usage of big data in capturing, storing, aggregating and analyzing
the huge amount of patient information, in a systematic manner, without losing the “4Vs”
namely, velocity, variety, volume, and veracity. It has also been stated that taking into account
the technical viewpoint, the heterogeneity and the large amount of healthcare data, often
represent information technology (IT) encounters for data mining and subsequent processing,
specifically for IoT that remains mostly amorphous. Traditional healthcare data security systems
are grounded on Relational Databases Management Systems (RDBMS) that fail to support
unstructured health data.
Nonetheless, implementation of big data in healthcare, helped medical experts and
computer scientists generate algorithms based on data produced from sensors for treating
Parkinson’s disease. Hence, in addition to storing pertinent medical information, healthcare
information technology is increasing treatment efficiency. According to Cunningham and
Ainsworth (2018) facilitating direct involvement of the patients in the governing the usage of
medical data, and conducting the activities in the open, in a secure fashion, is imperative in
enhancing acceptance and uptake of health informatics platforms. Development of a core
Application Programming Interface (API) enabled a permission system that assisted patients in
specifying the people, who were eligible for accessing their records, besides reviewing the usage
to which all healthcare data have been put.
and management, with the potential of altering the healthcare industry. Implementation of big
data in healthcare suggestively upsurges security and client privacy apprehensions. Big data
involves the storage of patient information in data centers, having changeable levels of security.
However, invasion of huge data sets from assorted sources creates a load on storing, dispensation
and communication. The same has been confirmed by Anagnostopoulos, Zeadally and Exposito
(2016) who elaborated on the usage of big data in capturing, storing, aggregating and analyzing
the huge amount of patient information, in a systematic manner, without losing the “4Vs”
namely, velocity, variety, volume, and veracity. It has also been stated that taking into account
the technical viewpoint, the heterogeneity and the large amount of healthcare data, often
represent information technology (IT) encounters for data mining and subsequent processing,
specifically for IoT that remains mostly amorphous. Traditional healthcare data security systems
are grounded on Relational Databases Management Systems (RDBMS) that fail to support
unstructured health data.
Nonetheless, implementation of big data in healthcare, helped medical experts and
computer scientists generate algorithms based on data produced from sensors for treating
Parkinson’s disease. Hence, in addition to storing pertinent medical information, healthcare
information technology is increasing treatment efficiency. According to Cunningham and
Ainsworth (2018) facilitating direct involvement of the patients in the governing the usage of
medical data, and conducting the activities in the open, in a secure fashion, is imperative in
enhancing acceptance and uptake of health informatics platforms. Development of a core
Application Programming Interface (API) enabled a permission system that assisted patients in
specifying the people, who were eligible for accessing their records, besides reviewing the usage
to which all healthcare data have been put.
HEALTHCARE DATA SECURITY 11
Although the improvements in IT have observed great expansion, in relation to healthcare
technologies they have also increased the complexity of healthcare data, thus increasing the
difficulty in handling and processing them. Adoption of a cyber-physical system, with the aim of
implementing patient-centric healthcare services and applications, called Health-CPS, have been
found to enhance the optimal performance of different healthcare systems, thus allowing both
providers and patients to completely utilize the healthcare applications. These CPS systems are
based on big data analytics and cloud computing technologies and focus on dispersed storage and
equivalent computing, thus enhancing the security of essential medical information (Zhang et al.,
2017). Khan et al. (2014) elaborated on the fact that HIT has resulted in the development of a
uniform platform that allows easy sharing of medical information, in a completely automated and
ubiquitous manner. It has been stated that implementation of a HIT framework that comprises of
a personal server (PS), sensors attached to patients, a remote base station (RMS), client
data/interface reader, and hospital community cloud facilitates patient privacy and data security,
with a special focus on inter-censor communication. Usage of multiple biometrics has been
found beneficial in maintaining the security of pertinent health information, thus preventing a
breach of privacy.
It has also been proposed by Li, Lee, and Weng (2016) that implementation of cloud-
assisted WBAN provides assistance, at times of emergency and also helps in saving the lives of
patients. The HIT comprises several body sensors that are attached to the patient, with the aim of
collecting and transmitting essential health information to medical clouds, with the help of public
and wireless communication channels. Owing to the sensitivity and privacy of patient’s data,
there is a need to deliver sturdy security and defense of the medical data over insecure
communication channels. The researchers elaborated on the fact that designing key agreement
Although the improvements in IT have observed great expansion, in relation to healthcare
technologies they have also increased the complexity of healthcare data, thus increasing the
difficulty in handling and processing them. Adoption of a cyber-physical system, with the aim of
implementing patient-centric healthcare services and applications, called Health-CPS, have been
found to enhance the optimal performance of different healthcare systems, thus allowing both
providers and patients to completely utilize the healthcare applications. These CPS systems are
based on big data analytics and cloud computing technologies and focus on dispersed storage and
equivalent computing, thus enhancing the security of essential medical information (Zhang et al.,
2017). Khan et al. (2014) elaborated on the fact that HIT has resulted in the development of a
uniform platform that allows easy sharing of medical information, in a completely automated and
ubiquitous manner. It has been stated that implementation of a HIT framework that comprises of
a personal server (PS), sensors attached to patients, a remote base station (RMS), client
data/interface reader, and hospital community cloud facilitates patient privacy and data security,
with a special focus on inter-censor communication. Usage of multiple biometrics has been
found beneficial in maintaining the security of pertinent health information, thus preventing a
breach of privacy.
It has also been proposed by Li, Lee, and Weng (2016) that implementation of cloud-
assisted WBAN provides assistance, at times of emergency and also helps in saving the lives of
patients. The HIT comprises several body sensors that are attached to the patient, with the aim of
collecting and transmitting essential health information to medical clouds, with the help of public
and wireless communication channels. Owing to the sensitivity and privacy of patient’s data,
there is a need to deliver sturdy security and defense of the medical data over insecure
communication channels. The researchers elaborated on the fact that designing key agreement
HEALTHCARE DATA SECURITY 12
instruments, and chaotic maps based verification, based on the concepts of Diffie-Hellman key
exchange that are widely dependent on CMBDHP and CMBDLP problems, facilitate ensuring
excellent levels of healthcare data security. This, in turn, guarantees patient privacy and helps in
maintaining the confidentiality of sensitive clinical data, while conserving the low computation
of remote medical vigilance, and medical treatment. Tewari and Verma (2016) also illustrated
the features of WBAN that increase its implementation for healthcare data security. They
elaborated on the fact that WBAN is human-centric, has mobility, scalability, properties of data,
network topology, and reliability that allow its implementation for remote health surveillance.
However, the researchers also elaborated on the fact that there is a need for better security of
WBAN under the circumstances namely, hiding current health status of pregnant women, who
are considered to be vulnerable, non-tech savvy and the elderly patients, modification to the
insurance policies, entering wrong information through insecure channels, and project
development. Hence, cloud computing was recognized as a prerequisite or making patient data
safe and confidential.
According to Aslam et al. (2017), e-healthcare is a major form of HIT where endangered
health information that is pertinent to the patients, are stored in remote servers (Telecare Medical
Information System), concomitant with their accessibility by the users at any point of time. The
researchers shed light on the fact that authentication protocols have been particularly designed
for providing several properties such as availability, untraceability, privacy, anonymity,
unlinkability, confidentiality, and integrity. The HIT tools have also been identified to provide
security to patient clinical data against, password guessing, identity larceny, disavowal of
service, pretense and insider attacks. Sajid and Abbas (2016) opined that extensive deployment
and function of Wireless Body Area Networks (WBAN) in clinical settings require several
instruments, and chaotic maps based verification, based on the concepts of Diffie-Hellman key
exchange that are widely dependent on CMBDHP and CMBDLP problems, facilitate ensuring
excellent levels of healthcare data security. This, in turn, guarantees patient privacy and helps in
maintaining the confidentiality of sensitive clinical data, while conserving the low computation
of remote medical vigilance, and medical treatment. Tewari and Verma (2016) also illustrated
the features of WBAN that increase its implementation for healthcare data security. They
elaborated on the fact that WBAN is human-centric, has mobility, scalability, properties of data,
network topology, and reliability that allow its implementation for remote health surveillance.
However, the researchers also elaborated on the fact that there is a need for better security of
WBAN under the circumstances namely, hiding current health status of pregnant women, who
are considered to be vulnerable, non-tech savvy and the elderly patients, modification to the
insurance policies, entering wrong information through insecure channels, and project
development. Hence, cloud computing was recognized as a prerequisite or making patient data
safe and confidential.
According to Aslam et al. (2017), e-healthcare is a major form of HIT where endangered
health information that is pertinent to the patients, are stored in remote servers (Telecare Medical
Information System), concomitant with their accessibility by the users at any point of time. The
researchers shed light on the fact that authentication protocols have been particularly designed
for providing several properties such as availability, untraceability, privacy, anonymity,
unlinkability, confidentiality, and integrity. The HIT tools have also been identified to provide
security to patient clinical data against, password guessing, identity larceny, disavowal of
service, pretense and insider attacks. Sajid and Abbas (2016) opined that extensive deployment
and function of Wireless Body Area Networks (WBAN) in clinical settings require several
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
HEALTHCARE DATA SECURITY 13
technologies such as, Internet of Things (IoT) that have resulted in serious concerns regarding
the privacy of profound healthcare data. The researchers stated that most of the IoT fail to
adequately address data privacy techniques, thus requiring more efforts. Maintenance of data
confidentiality ensures certainty about disclosing healthcare content to authorized parties in a
way that unauthorized and unintended personals are incapable of gaining access to the matters,
during data communication and storage. The researchers also recognized the need of following
and encryption primitives and cryptography concepts, with the aim of effectively ensuring
patient data confidentiality. Zhang, Xue, and Huang (2016) identified the fact that contemporary
technologies related to wireless sensing and mobile computing hasten the perception of pervasive
social network (PSN) associated healthcare. Hence, they tried to identify ways by which PSN
node can prove imperative in securely sharing medical data with varied nodes, prevalent in the
healthcare network, which in turn resulted in the formulation of two protocols namely, IEEE
802.15.6 and blockchain technique. The findings suggested that the blockchain protocol
facilitates the establishment of a link between the HIT devices and the health condition of the
patients, thus lowering the computational burden. The protocol was also found to avoid leakage
of essential patient data, caused due to the illegal performance by untrustworthy third parties. It
was further stated that modeling the devices based on NSB channels makes it difficult for the
attackers to block or spoof messages, thus ensuring the security of the stored information.
According to Chen et al. (2016), one major challenge encountered in relation to the
implementation of big healthcare data is associated with personalization of precise healthcare
data for a plethora of users in a convenient manner. The researchers proposed a cloudlet-based
healthcare system that utilized the model of client data encryption and took advantage of NTRU,
with the aim of safeguarding physiological data of patients from being leaked. The researchers
technologies such as, Internet of Things (IoT) that have resulted in serious concerns regarding
the privacy of profound healthcare data. The researchers stated that most of the IoT fail to
adequately address data privacy techniques, thus requiring more efforts. Maintenance of data
confidentiality ensures certainty about disclosing healthcare content to authorized parties in a
way that unauthorized and unintended personals are incapable of gaining access to the matters,
during data communication and storage. The researchers also recognized the need of following
and encryption primitives and cryptography concepts, with the aim of effectively ensuring
patient data confidentiality. Zhang, Xue, and Huang (2016) identified the fact that contemporary
technologies related to wireless sensing and mobile computing hasten the perception of pervasive
social network (PSN) associated healthcare. Hence, they tried to identify ways by which PSN
node can prove imperative in securely sharing medical data with varied nodes, prevalent in the
healthcare network, which in turn resulted in the formulation of two protocols namely, IEEE
802.15.6 and blockchain technique. The findings suggested that the blockchain protocol
facilitates the establishment of a link between the HIT devices and the health condition of the
patients, thus lowering the computational burden. The protocol was also found to avoid leakage
of essential patient data, caused due to the illegal performance by untrustworthy third parties. It
was further stated that modeling the devices based on NSB channels makes it difficult for the
attackers to block or spoof messages, thus ensuring the security of the stored information.
According to Chen et al. (2016), one major challenge encountered in relation to the
implementation of big healthcare data is associated with personalization of precise healthcare
data for a plethora of users in a convenient manner. The researchers proposed a cloudlet-based
healthcare system that utilized the model of client data encryption and took advantage of NTRU,
with the aim of safeguarding physiological data of patients from being leaked. The researchers
HEALTHCARE DATA SECURITY 14
also divided EMRs into different categories namely, quasi-identifier (QID), the explicit identifier
(EID), and medical information (MI). It was further stated that the use of an encryption method
helped in better sharing of pertinent healthcare data, under the semi-trusted cloud environment.
The researchers also elaborated on the fact that generating remote cloud data from patients,
undergoing treatment in hospitals, helps in saving diagnosis and payment-related information in
the cloud, subsequently reducing costs and facilitating disease analysis. Sahi et al. (2018) also
stated that trust is entwined with several healthcare problems such as integrity, confidentiality,
identity, authenticity, accountability, and data management. Of these healthcare data, privacy is
one of the major concerns in ensuring feat of e-Healthcare solutions in captivating patient trust.
Accomplishing discretion from in wireless sensor networks, IoT incorporation, and data storing
and access, are compounded by the fact that mismanagement of such relevant information might
hurt both the providers and the patients, thus impeding the process of care delivery. Thus, the
researchers recognized the need of associating e-Healthcare enterprise controls with the patients,
in place of organizations, thus providing the former greater authority and power over the clinical
decision-making process, taking into account access control mechanisms, data anonymization,
and pseudonymization. The findings helped in establishing the fact that the use of single E-
healthcare technique fails to address all privacy concerns. This calls for the need of
compartmentalization, where patients’ PHI/EHR are categorized into constituents, based on
access and privacy requirements.
The same has been confirmed by ul Amin et al. (2017) who elaborated on the fact that
cloud computing is a pervasive way of data and information transfer. Despite the benefits
provided by cloud computing in day-to-day healthcare operations, the resistance towards its
usage was accredited to the lack of resources, IT exposure, infrastructure, security, and patient
also divided EMRs into different categories namely, quasi-identifier (QID), the explicit identifier
(EID), and medical information (MI). It was further stated that the use of an encryption method
helped in better sharing of pertinent healthcare data, under the semi-trusted cloud environment.
The researchers also elaborated on the fact that generating remote cloud data from patients,
undergoing treatment in hospitals, helps in saving diagnosis and payment-related information in
the cloud, subsequently reducing costs and facilitating disease analysis. Sahi et al. (2018) also
stated that trust is entwined with several healthcare problems such as integrity, confidentiality,
identity, authenticity, accountability, and data management. Of these healthcare data, privacy is
one of the major concerns in ensuring feat of e-Healthcare solutions in captivating patient trust.
Accomplishing discretion from in wireless sensor networks, IoT incorporation, and data storing
and access, are compounded by the fact that mismanagement of such relevant information might
hurt both the providers and the patients, thus impeding the process of care delivery. Thus, the
researchers recognized the need of associating e-Healthcare enterprise controls with the patients,
in place of organizations, thus providing the former greater authority and power over the clinical
decision-making process, taking into account access control mechanisms, data anonymization,
and pseudonymization. The findings helped in establishing the fact that the use of single E-
healthcare technique fails to address all privacy concerns. This calls for the need of
compartmentalization, where patients’ PHI/EHR are categorized into constituents, based on
access and privacy requirements.
The same has been confirmed by ul Amin et al. (2017) who elaborated on the fact that
cloud computing is a pervasive way of data and information transfer. Despite the benefits
provided by cloud computing in day-to-day healthcare operations, the resistance towards its
usage was accredited to the lack of resources, IT exposure, infrastructure, security, and patient
HEALTHCARE DATA SECURITY 15
data privacy issues. Upon using the unified theory of acceptance and use of technology
(UTAUT), it was found that social influence was the slightest manipulating analyst in defining
the dependent variable. Furthermore, experience years were also found to positively influence
behavioral intentions of the users, towards implementation of cloud-based services for healthcare
data protection and transmission. Masood et al. (2018) also identified the need of adopting cloud
computing technology with the help of wireless body area networks (WBANs) systems, to
overcome confines in digitalizing healthcare information such as storage, power, management,
scalability, and computing. Some of the common security requirements, related to healthcare
data security were namely, data confidentiality, collusion resistance, access control, message
integrity, patient-centered access control, prevention of ciphertext-only attack, and denial of
service (DoS) attack. This was followed by proposition of a six-step generic framework for
maintaining confidentiality of patient information that encompassed several steps namely, (1)
preliminary selection; (2) system entities selection; (3) technique selection; (4) PPPs access; (5)
security analysis; and (6) performance estimation, that was cited in maintaining security of
healthcare data.
In the words of Nepal, Ranjan, and Choo (2015) the data processing technologies have
failed to maintain pace with noteworthy upsurge in use of digital healthcare data. Hence, the
researchers proposed the implementation of a trustworthy and integrated healthcare analytics
solution, with the aim of facilitating better decision making and risk management, which in turn
would enhance the quality of patient life, and optimize service performance. It was also
suggested that implementation of proxy re-encryption (PRE) allows data encrypted with the
public key of one user, to get converted in a way that allows its decryption with the private key
of another user.
data privacy issues. Upon using the unified theory of acceptance and use of technology
(UTAUT), it was found that social influence was the slightest manipulating analyst in defining
the dependent variable. Furthermore, experience years were also found to positively influence
behavioral intentions of the users, towards implementation of cloud-based services for healthcare
data protection and transmission. Masood et al. (2018) also identified the need of adopting cloud
computing technology with the help of wireless body area networks (WBANs) systems, to
overcome confines in digitalizing healthcare information such as storage, power, management,
scalability, and computing. Some of the common security requirements, related to healthcare
data security were namely, data confidentiality, collusion resistance, access control, message
integrity, patient-centered access control, prevention of ciphertext-only attack, and denial of
service (DoS) attack. This was followed by proposition of a six-step generic framework for
maintaining confidentiality of patient information that encompassed several steps namely, (1)
preliminary selection; (2) system entities selection; (3) technique selection; (4) PPPs access; (5)
security analysis; and (6) performance estimation, that was cited in maintaining security of
healthcare data.
In the words of Nepal, Ranjan, and Choo (2015) the data processing technologies have
failed to maintain pace with noteworthy upsurge in use of digital healthcare data. Hence, the
researchers proposed the implementation of a trustworthy and integrated healthcare analytics
solution, with the aim of facilitating better decision making and risk management, which in turn
would enhance the quality of patient life, and optimize service performance. It was also
suggested that implementation of proxy re-encryption (PRE) allows data encrypted with the
public key of one user, to get converted in a way that allows its decryption with the private key
of another user.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 16
One potential use of HIT, about healthcare data security, is cloud-based adaptive
compression that is suited for 3D medical images and provides a range of SaaS services that are
based on on-demand and elastic peer to peer overlay infrastructure. These cloud-based services
were recognized useful in creating the provision for secure, effective and flexible access to
necessary healthcare resources that require management by clinical applications. Furthermore,
the services were also found to permit interaction between heterogeneous software and hardware
characteristics (Castiglione et al., 2015). Boric-Lubecke et al. (2014) also stated that uniform
access of EMRs imposes a noteworthy challenge for a safe e-healthcare system. Besides, not all
data of the patients must be visible for different collaborators. The records comprise of private
patient information, epidemic data for public study and investigation, and billing and usage
information. Furthermore, utilization of wireless communication channels also proliferates the
susceptibility of healthcare data due to shared and open features of wireless networks.
Summary
Thus, it can be suggested that cloud computing has transformed into a healthcare business
necessity in recent years and allows the hospital authorities to protect their digital medical data
while allowing the staff to work more on their central competencies. Although several
organizations are implementing cloud computing techniques, data security should be taken into
consideration as a major priority. Several frameworks have been proposed in recent years for
adding security capabilities to the HIT tools, with the aim of preventing the breach of data
confidentiality.
Historical Development of the Theory
The term privacy of information is often difficult to accurately define because it is
associated with a range of other terms such as secrecy, solitude, autonomy, and liberty. Privacy
One potential use of HIT, about healthcare data security, is cloud-based adaptive
compression that is suited for 3D medical images and provides a range of SaaS services that are
based on on-demand and elastic peer to peer overlay infrastructure. These cloud-based services
were recognized useful in creating the provision for secure, effective and flexible access to
necessary healthcare resources that require management by clinical applications. Furthermore,
the services were also found to permit interaction between heterogeneous software and hardware
characteristics (Castiglione et al., 2015). Boric-Lubecke et al. (2014) also stated that uniform
access of EMRs imposes a noteworthy challenge for a safe e-healthcare system. Besides, not all
data of the patients must be visible for different collaborators. The records comprise of private
patient information, epidemic data for public study and investigation, and billing and usage
information. Furthermore, utilization of wireless communication channels also proliferates the
susceptibility of healthcare data due to shared and open features of wireless networks.
Summary
Thus, it can be suggested that cloud computing has transformed into a healthcare business
necessity in recent years and allows the hospital authorities to protect their digital medical data
while allowing the staff to work more on their central competencies. Although several
organizations are implementing cloud computing techniques, data security should be taken into
consideration as a major priority. Several frameworks have been proposed in recent years for
adding security capabilities to the HIT tools, with the aim of preventing the breach of data
confidentiality.
Historical Development of the Theory
The term privacy of information is often difficult to accurately define because it is
associated with a range of other terms such as secrecy, solitude, autonomy, and liberty. Privacy
HEALTHCARE DATA SECURITY 17
has often been described in the form of a thing that is typically intruded upon, violated, invaded,
lost, diminished, or breached (Solove & Schwartz, 2014). In other words, each of the metaphor
mentioned above indicates the fact that privacy should be typically viewed in the form of
interests of individuals, rather than some right. In 1890, in a definitive article that is now
considered by several scholars as a substantial effort on privacy, Louis Brandeis and Samuel
Warren labeled privacy about being let unaccompanied or being allowed to remain free from any
interference. This typically refers to the deliberate act of seizing, entering or holding possession
of somebody else’s confidential information or property (Warren & Brandeis, 2013). Explaining
privacy in the form of non-intrusion is also evident from the kinds of the literature of two U.S.
Supreme Court honesties namely, William Brennan in Eisenstadt v. Baird (1972) and Louis
Brandeis in Olmstead v. U.S. (1928). According to Appleton (2016), the former was a case in the
United States Supreme Court that played an essential role in the establishment of rights of
unmarried individuals to hold possession of contraception, based on similar grounds as
unmarried couples. Although differing from the context of healthcare data security, the Non-
Intrusion theory is primarily based on this case owing to the fact that the court recognized the
fundamental right of all individuals to remain free from any unwarranted governmental
imposition into matters that were documented to create a significant impact on the concerned
person (Brandeis & Warren, 2018).
On the other hand, the latter case was another decision made by the Supreme Court of the
US that involved conducting a review of the impact of private telephone conversations being
wiretapped, on violating the rights of the defendants. This formed an essential aspect of the non-
intrusion theory, which in turn can be accredited to the fact that before this case, unjustified
seizure and search were characteristically considered to violate the Fourth Amendment (Clancy,
has often been described in the form of a thing that is typically intruded upon, violated, invaded,
lost, diminished, or breached (Solove & Schwartz, 2014). In other words, each of the metaphor
mentioned above indicates the fact that privacy should be typically viewed in the form of
interests of individuals, rather than some right. In 1890, in a definitive article that is now
considered by several scholars as a substantial effort on privacy, Louis Brandeis and Samuel
Warren labeled privacy about being let unaccompanied or being allowed to remain free from any
interference. This typically refers to the deliberate act of seizing, entering or holding possession
of somebody else’s confidential information or property (Warren & Brandeis, 2013). Explaining
privacy in the form of non-intrusion is also evident from the kinds of the literature of two U.S.
Supreme Court honesties namely, William Brennan in Eisenstadt v. Baird (1972) and Louis
Brandeis in Olmstead v. U.S. (1928). According to Appleton (2016), the former was a case in the
United States Supreme Court that played an essential role in the establishment of rights of
unmarried individuals to hold possession of contraception, based on similar grounds as
unmarried couples. Although differing from the context of healthcare data security, the Non-
Intrusion theory is primarily based on this case owing to the fact that the court recognized the
fundamental right of all individuals to remain free from any unwarranted governmental
imposition into matters that were documented to create a significant impact on the concerned
person (Brandeis & Warren, 2018).
On the other hand, the latter case was another decision made by the Supreme Court of the
US that involved conducting a review of the impact of private telephone conversations being
wiretapped, on violating the rights of the defendants. This formed an essential aspect of the non-
intrusion theory, which in turn can be accredited to the fact that before this case, unjustified
seizure and search were characteristically considered to violate the Fourth Amendment (Clancy,
HEALTHCARE DATA SECURITY 18
2012). Nonetheless, this case helped in elaborating on the necessity of privacy by stating that all
citizens hold the authority to be left alone. Therefore, to protect the fundamental right of privacy,
all unjustifiable invasion by the government on the confidentiality and discretion of individuals,
regardless of the methods employed, are required to be deemed a defilement of Fourth
Amendment.
Nonetheless, it should be noted that there are several versions of the non-intrusion theory
that often confuse the content or condition of privacy, with the right to privacy. This
misperception is particularly apparent in the script of Non-Intrusion theorists, namely, Brandeis.
He defined privacy in the form of right to be left alone. This was in contrast to the meaning
proposed by Brennan who described as the fundamental right of being free from any unjustified
government intrusion (Parker, 2017). Another potential problem with the Non-Intrusion theory
can be associated with the fact that while describing privacy, about remaining free from
interruption, it often confuses discretion with liberty. Though the two philosophies are
meticulously associated, they can be differentiated from each other. Taking into consideration
the fact that privacy is indispensable for freedom, confidentiality often facilitates the exercise of
liberty.
On the other hand, liberty plays an essential role in allowing individuals for holding ideas
and notions that might be diplomatically detested. Therefore, privacy enables such individuals to
disclose their notions and philosophies to certain people, while hiding from others the
circumstance that they are in possession of detested ideas (Catallo et al., 2013). This calls for the
need of developing a clear demarcation between privacy and liberty. Nonetheless, the Non-
Intrusion theory of privacy fails to distinguish between them. This was soon followed by the
formulation of the Seclusion theory of privacy. There is mounting evidence for the fact that the
2012). Nonetheless, this case helped in elaborating on the necessity of privacy by stating that all
citizens hold the authority to be left alone. Therefore, to protect the fundamental right of privacy,
all unjustifiable invasion by the government on the confidentiality and discretion of individuals,
regardless of the methods employed, are required to be deemed a defilement of Fourth
Amendment.
Nonetheless, it should be noted that there are several versions of the non-intrusion theory
that often confuse the content or condition of privacy, with the right to privacy. This
misperception is particularly apparent in the script of Non-Intrusion theorists, namely, Brandeis.
He defined privacy in the form of right to be left alone. This was in contrast to the meaning
proposed by Brennan who described as the fundamental right of being free from any unjustified
government intrusion (Parker, 2017). Another potential problem with the Non-Intrusion theory
can be associated with the fact that while describing privacy, about remaining free from
interruption, it often confuses discretion with liberty. Though the two philosophies are
meticulously associated, they can be differentiated from each other. Taking into consideration
the fact that privacy is indispensable for freedom, confidentiality often facilitates the exercise of
liberty.
On the other hand, liberty plays an essential role in allowing individuals for holding ideas
and notions that might be diplomatically detested. Therefore, privacy enables such individuals to
disclose their notions and philosophies to certain people, while hiding from others the
circumstance that they are in possession of detested ideas (Catallo et al., 2013). This calls for the
need of developing a clear demarcation between privacy and liberty. Nonetheless, the Non-
Intrusion theory of privacy fails to distinguish between them. This was soon followed by the
formulation of the Seclusion theory of privacy. There is mounting evidence for the fact that the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
HEALTHCARE DATA SECURITY 19
Seclusion theory identifies privacy with being alone (Baghai, 2012). One common variation of
the approach has also been found in statements made by Ruth Gavison. Privacy had been
described as a condition that allows an individual to remain entirely inaccessible to other people.
In other words, the Seclusion theory elaborates on the fact that confidentiality and privacy are
maintained under circumstances where no organization or person has any form of physical
access to the concerned individual and his personal information. Another major variant of the
Seclusion theory has been found in the descriptions put forth by Alan F. Westin (Parent, 2017).
Privacy has rightly been described in the form of voluntary and provisional extraction of an
individual from the ordinary society, through physical means, thereby establishing a state of
complete solitude.
There is another variation of the Seclusion theory as well, where Warren and Brandeis
have described privacy and confidentiality about solitude and have identified the need for all
people to retreat themselves from the world, under necessary circumstances. Unlike the Non-
intrusion theory, the Seclusion theory tries to avoid the establishment of any kind of
misperception between privacy and liberty (Cohen, 2012). Because the Seclusion theory delivers
an explanation of confidentiality that is fundamentally descriptive, it evades puzzling the
condition or content of privacy, with rights to privacy. However, while providing a clear account
of privacy regarding secluding a person from others, the Seclusion theory tends to obscure the
boundary between privacy and solitude. It often suggests that the more unaided a person is, the
greater privacy one has.
Additionally, both the Non-Intrusion and Seclusion theories talk about privacy
apprehensions that refer to physical access to persons. According to Meltz (2014), this form of
physical access typically occurs in the kind of direct observation, as in seclusion theory, or
Seclusion theory identifies privacy with being alone (Baghai, 2012). One common variation of
the approach has also been found in statements made by Ruth Gavison. Privacy had been
described as a condition that allows an individual to remain entirely inaccessible to other people.
In other words, the Seclusion theory elaborates on the fact that confidentiality and privacy are
maintained under circumstances where no organization or person has any form of physical
access to the concerned individual and his personal information. Another major variant of the
Seclusion theory has been found in the descriptions put forth by Alan F. Westin (Parent, 2017).
Privacy has rightly been described in the form of voluntary and provisional extraction of an
individual from the ordinary society, through physical means, thereby establishing a state of
complete solitude.
There is another variation of the Seclusion theory as well, where Warren and Brandeis
have described privacy and confidentiality about solitude and have identified the need for all
people to retreat themselves from the world, under necessary circumstances. Unlike the Non-
intrusion theory, the Seclusion theory tries to avoid the establishment of any kind of
misperception between privacy and liberty (Cohen, 2012). Because the Seclusion theory delivers
an explanation of confidentiality that is fundamentally descriptive, it evades puzzling the
condition or content of privacy, with rights to privacy. However, while providing a clear account
of privacy regarding secluding a person from others, the Seclusion theory tends to obscure the
boundary between privacy and solitude. It often suggests that the more unaided a person is, the
greater privacy one has.
Additionally, both the Non-Intrusion and Seclusion theories talk about privacy
apprehensions that refer to physical access to persons. According to Meltz (2014), this form of
physical access typically occurs in the kind of direct observation, as in seclusion theory, or
HEALTHCARE DATA SECURITY 20
mediated via unwarranted interference into the personal space of an individual, through
materially accessing home, or personal papers, as in non-intrusion method. It has been recently
noted by privacy analysts in the US that the concept of privacy has progressed, which in turn can
be accredited to the fact that although initially the term was related to physical access/intrusion,
it was later on associated with apprehensions about interference in decision making, and
recently, with worries about disclosure of personal information (Post, 2017). Hence, it can be
suggested that the recent theories have placed due emphasis on the concepts of privacy, about
circumstances that are associated with gaining access and control over several personal
information. While defining information associated privacy apprehensions, besides access to
personal information that is stored in several computer databases, the term informational privacy
has gained considerable attention.
Showing discrepancy with the Seclusion and the Non-intrusion theories, the Control
theory of privacy plays a vital role in sorting out privacy from both solitude and liberty. This can
be accredited to the fact that the Control theory is imperative in identifying the impact of
selection that a person had privacy, considerably enjoys. The method takes into consideration the
effect that people were having adequate privacy hold the capability of granting, as well as
denying others, accurate access to confidential information about herself or himself (Heath,
2014). Nonetheless, the Control theory is indistinct, concerning two significant opinions namely,
elaborating on the types of personal information that a person can expect to gain control over,
and illustrating the extent of control that a person can presume to learn, over their personal
information. The type of personal information over which a person can expect to have power is
typically limited to non-public personal data, which in turn comprise of information about
mediated via unwarranted interference into the personal space of an individual, through
materially accessing home, or personal papers, as in non-intrusion method. It has been recently
noted by privacy analysts in the US that the concept of privacy has progressed, which in turn can
be accredited to the fact that although initially the term was related to physical access/intrusion,
it was later on associated with apprehensions about interference in decision making, and
recently, with worries about disclosure of personal information (Post, 2017). Hence, it can be
suggested that the recent theories have placed due emphasis on the concepts of privacy, about
circumstances that are associated with gaining access and control over several personal
information. While defining information associated privacy apprehensions, besides access to
personal information that is stored in several computer databases, the term informational privacy
has gained considerable attention.
Showing discrepancy with the Seclusion and the Non-intrusion theories, the Control
theory of privacy plays a vital role in sorting out privacy from both solitude and liberty. This can
be accredited to the fact that the Control theory is imperative in identifying the impact of
selection that a person had privacy, considerably enjoys. The method takes into consideration the
effect that people were having adequate privacy hold the capability of granting, as well as
denying others, accurate access to confidential information about herself or himself (Heath,
2014). Nonetheless, the Control theory is indistinct, concerning two significant opinions namely,
elaborating on the types of personal information that a person can expect to gain control over,
and illustrating the extent of control that a person can presume to learn, over their personal
information. The type of personal information over which a person can expect to have power is
typically limited to non-public personal data, which in turn comprise of information about
HEALTHCARE DATA SECURITY 21
matters that are confidential and sensitive such as, medical and financial records (Norris &
Moran, 2016). However, the Control theory often tends to confuse privacy with autonomy.
The Limitation Theory of Privacy was another significant landmark in the context of privacy and
confidentiality theories and elaborates on the fact that a person has privacy under circumstances
when the secure access to information and data about oneself, is exclusively restricted or limited.
A variation of this theory was proposed by Gavison who illustrated that privacy is a constraint of
others entrée to specific facts. This, in turn, was endorsed by Parent who proposed another
version of the theory, by defining privacy as the circumstance of not being in possession of
undocumented individual information about one controlled by others (Parent, 2017).
The critical characteristic of the Limitation Theory of Privacy can be accredited to the
fact that it was accurate in identifying the prominence of developing zones or contexts of
privacy, with the aim of limiting or controlling other individuals from gaining access to the
personal information of another entity (Dienlin & Trepte, 2015). Another primary forte of this
theory is that it evades baffling autonomy with privacy, as well as with solitude and liberty.
However, this Limitation theory has also been found to undervalue the impact of choice or
control that is obligatory in a person having privacy. Furthermore, the method fails to take into
account the fact that a person having adequate privacy can decide on to granting others
admittance to relevant information, as well as to limiting or denying others the right of entry to
that data. Therefore, it can be suggested that those above four traditional theories related to
privacy of information are almost inadequate since each of them confuse the notion of
confidentiality with solitude, liberty, secrecy, and autonomy.
This was followed by the formulation of other theories based on influential factors,
behavioral consequences, and origin of privacy concerns. Of these, the Agency Theory and the
matters that are confidential and sensitive such as, medical and financial records (Norris &
Moran, 2016). However, the Control theory often tends to confuse privacy with autonomy.
The Limitation Theory of Privacy was another significant landmark in the context of privacy and
confidentiality theories and elaborates on the fact that a person has privacy under circumstances
when the secure access to information and data about oneself, is exclusively restricted or limited.
A variation of this theory was proposed by Gavison who illustrated that privacy is a constraint of
others entrée to specific facts. This, in turn, was endorsed by Parent who proposed another
version of the theory, by defining privacy as the circumstance of not being in possession of
undocumented individual information about one controlled by others (Parent, 2017).
The critical characteristic of the Limitation Theory of Privacy can be accredited to the
fact that it was accurate in identifying the prominence of developing zones or contexts of
privacy, with the aim of limiting or controlling other individuals from gaining access to the
personal information of another entity (Dienlin & Trepte, 2015). Another primary forte of this
theory is that it evades baffling autonomy with privacy, as well as with solitude and liberty.
However, this Limitation theory has also been found to undervalue the impact of choice or
control that is obligatory in a person having privacy. Furthermore, the method fails to take into
account the fact that a person having adequate privacy can decide on to granting others
admittance to relevant information, as well as to limiting or denying others the right of entry to
that data. Therefore, it can be suggested that those above four traditional theories related to
privacy of information are almost inadequate since each of them confuse the notion of
confidentiality with solitude, liberty, secrecy, and autonomy.
This was followed by the formulation of other theories based on influential factors,
behavioral consequences, and origin of privacy concerns. Of these, the Agency Theory and the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 22
Social Contract Theory are most essential. The Agency Theory plays a vital role in outlining the
transactional association, commonly referred to an agency relationship between an agent and a
principal, both of whom are self-interested parties (Foss & Stea, 2014). The theory illustrates that
any information related to the behavior manifested by the agent is most often asymmetric and
incomplete, thus making it difficult for the principal to thoroughly monitor it, before and after a
transaction. This, in turn, provides the opportunity to the agent to address self-interests, rather
than the securities of the principal. According to Cuevas‐Rodríguez, Gomez‐Mejia, and
Wiseman (2012), any online transaction such as medical insurance requires the
consumer/principal provide personal data to the agent/merchant, for service, thus establishing the
agency relationship. This leads to the development of uncertainties namely, privacy risk that
requires the agents to implement interventions for alleviating the privacy concerns of the patient.
The Social Contract Theory is also imperative in explaining the generation of privacy concerns
among customers (healthcare users). According to the method, the facility of sharing personal
information to online merchant encompasses both an economic exchange and a social exchange.
Therefore, social contract, more commonly defined as the assumed obligations or social
standards for the involved parties becomes essential for preventing opportunistic behavior of the
merchants to ill use customer information (medical records) (Schouten, 2013).
Another potential advantage of the theory can be accredited to the fact that implies that in
addition to being in possession of social contract. The assortment of customer information by a
firm is typically perceived justifiable or fair, only under circumstances when the customer gains
a control such as, right of exit or informed consent, over the data, besides being knowledgeable
and well-versed about the envisioned usage of the information. In the words of Wiseman,
Cuevas‐Rodríguez, and Gomez‐Mejia (2012) the same holds for healthcare data security as well,
Social Contract Theory are most essential. The Agency Theory plays a vital role in outlining the
transactional association, commonly referred to an agency relationship between an agent and a
principal, both of whom are self-interested parties (Foss & Stea, 2014). The theory illustrates that
any information related to the behavior manifested by the agent is most often asymmetric and
incomplete, thus making it difficult for the principal to thoroughly monitor it, before and after a
transaction. This, in turn, provides the opportunity to the agent to address self-interests, rather
than the securities of the principal. According to Cuevas‐Rodríguez, Gomez‐Mejia, and
Wiseman (2012), any online transaction such as medical insurance requires the
consumer/principal provide personal data to the agent/merchant, for service, thus establishing the
agency relationship. This leads to the development of uncertainties namely, privacy risk that
requires the agents to implement interventions for alleviating the privacy concerns of the patient.
The Social Contract Theory is also imperative in explaining the generation of privacy concerns
among customers (healthcare users). According to the method, the facility of sharing personal
information to online merchant encompasses both an economic exchange and a social exchange.
Therefore, social contract, more commonly defined as the assumed obligations or social
standards for the involved parties becomes essential for preventing opportunistic behavior of the
merchants to ill use customer information (medical records) (Schouten, 2013).
Another potential advantage of the theory can be accredited to the fact that implies that in
addition to being in possession of social contract. The assortment of customer information by a
firm is typically perceived justifiable or fair, only under circumstances when the customer gains
a control such as, right of exit or informed consent, over the data, besides being knowledgeable
and well-versed about the envisioned usage of the information. In the words of Wiseman,
Cuevas‐Rodríguez, and Gomez‐Mejia (2012) the same holds for healthcare data security as well,
HEALTHCARE DATA SECURITY 23
where the patients and family members are allowed to gain an awareness of the need of storing
their medical and other essential information in a computer interface.
The Privacy Calculus Theory is another dominant approach that helps in explaining the
collective impact of a range of opposing forces on the behavior and perception regarding the
privacy of a person. The theory suggests that the intention of a person to disclose pertinent
personal information is entirely based on privacy calculus, commonly referred to as calculus of
behavior. The potentially competing factors are often weighed about the expected outcomes
(Keith et al., 2013). Furthermore, the Privacy Calculus acts in the form of a multifaceted
psychological procedure that involves a range of considerations, thereby elaborating on the need
of gaining a sound understanding of the influencing factors. Another essential theory that
governs healthcare data security is the Expectancy Theory of Motivation. According to this
theory, behavioral motivation is considered to be a direct function of three dissimilar perceptions
namely, instrumentality, expectancy, and valence, of the association that exists between three
discrete events such as, performance, effort, and outcomes. The theory considers likelihood as a
probability assessment that imitates the person's belief that an assumed level of determination
will result in an agreed amount of performance (Parijat & Bagga, 2014). Instrumentality
generally refers to a subjective calculation that a return will result in pre-determined outcomes.
Also, valence comprises of the value that is placed by a person on a given consequence. In other
words, the theory states that behavioral intention is primarily driven by three essential
perceptions, related to the procedure and result of the behavior. Thus, it can be noted that this
theory governs the intention of health service consumers to register their data at websites or
hospital portals.
where the patients and family members are allowed to gain an awareness of the need of storing
their medical and other essential information in a computer interface.
The Privacy Calculus Theory is another dominant approach that helps in explaining the
collective impact of a range of opposing forces on the behavior and perception regarding the
privacy of a person. The theory suggests that the intention of a person to disclose pertinent
personal information is entirely based on privacy calculus, commonly referred to as calculus of
behavior. The potentially competing factors are often weighed about the expected outcomes
(Keith et al., 2013). Furthermore, the Privacy Calculus acts in the form of a multifaceted
psychological procedure that involves a range of considerations, thereby elaborating on the need
of gaining a sound understanding of the influencing factors. Another essential theory that
governs healthcare data security is the Expectancy Theory of Motivation. According to this
theory, behavioral motivation is considered to be a direct function of three dissimilar perceptions
namely, instrumentality, expectancy, and valence, of the association that exists between three
discrete events such as, performance, effort, and outcomes. The theory considers likelihood as a
probability assessment that imitates the person's belief that an assumed level of determination
will result in an agreed amount of performance (Parijat & Bagga, 2014). Instrumentality
generally refers to a subjective calculation that a return will result in pre-determined outcomes.
Also, valence comprises of the value that is placed by a person on a given consequence. In other
words, the theory states that behavioral intention is primarily driven by three essential
perceptions, related to the procedure and result of the behavior. Thus, it can be noted that this
theory governs the intention of health service consumers to register their data at websites or
hospital portals.
HEALTHCARE DATA SECURITY 24
The Procedural Fairness Theory was also proposed in this regards and postulates that
customers most often display a willingness to unveil personal data and have that material
consequently used by a firm, under circumstances when there exist appropriate measures in for
protecting the individual privacy of a person. Van Dijke et al. (2012) stated that fair procedures
commonly comprise of organizational activities that accomplish the philosophies of FIP, such as,
confidentiality statements that update customers how their data is to be used by the organization.
Additionally, even under circumstances where the possible consequences are not constructive to
the consumers, they are unlikely to feel displeased, upon believing that the fundamental
measures are fair. This calls for the need for all healthcare organizations to enforce procedural
fairness through the enforcement and implementation of government regulations.
This is in clear contrast to the Information Boundary Theory that elaborates on the fact
that as an individual may grow threat discernments regarding similar personal data, accessed by
different entities or organizations. In other words, each person develops an informational
territory, with well-defined boundaries that determine what data can be pooled. Reliant on the
situational and individual influences, an effort by an external entity to infiltrate these limits may
be believed as a threat (Li, 2012). A plethora of institutional factors such as vendor-customer
associations, privacy policies, and trust-building contrivances have probable influences on data
limit and self-disclosure. The Social Response Theory can also be considered vital in this aspect
since it focuses on suggesting that an individual engages in self-disclosure of private information
in reply to a comparable revelation from another individual or organization. During the entire
process, there occurs a social exchange relationship, commonly referred to as reciprocal
relationship that gradually gets established between the two, based on standards of reciprocity
The Procedural Fairness Theory was also proposed in this regards and postulates that
customers most often display a willingness to unveil personal data and have that material
consequently used by a firm, under circumstances when there exist appropriate measures in for
protecting the individual privacy of a person. Van Dijke et al. (2012) stated that fair procedures
commonly comprise of organizational activities that accomplish the philosophies of FIP, such as,
confidentiality statements that update customers how their data is to be used by the organization.
Additionally, even under circumstances where the possible consequences are not constructive to
the consumers, they are unlikely to feel displeased, upon believing that the fundamental
measures are fair. This calls for the need for all healthcare organizations to enforce procedural
fairness through the enforcement and implementation of government regulations.
This is in clear contrast to the Information Boundary Theory that elaborates on the fact
that as an individual may grow threat discernments regarding similar personal data, accessed by
different entities or organizations. In other words, each person develops an informational
territory, with well-defined boundaries that determine what data can be pooled. Reliant on the
situational and individual influences, an effort by an external entity to infiltrate these limits may
be believed as a threat (Li, 2012). A plethora of institutional factors such as vendor-customer
associations, privacy policies, and trust-building contrivances have probable influences on data
limit and self-disclosure. The Social Response Theory can also be considered vital in this aspect
since it focuses on suggesting that an individual engages in self-disclosure of private information
in reply to a comparable revelation from another individual or organization. During the entire
process, there occurs a social exchange relationship, commonly referred to as reciprocal
relationship that gradually gets established between the two, based on standards of reciprocity
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
HEALTHCARE DATA SECURITY 25
(Peters et al., 2012). This is typically defined in the form of inclination for the consumers to
contest the equal of intimacy disclosed with that received.
Summary
Data protection and privacy are not just discrete terms but encompass several other
considerations that play an essential role in the effective functioning of any healthcare
organization. Because confidentiality of confidential medical information and those related to
health insurance or previous medical history is of extreme importance, all organizations utilizing
health information technology try to avoid circumstances, under which such information can get
breached. The theories as mentioned above explain the historical development of the concept of
privacy of personal information.
Importance of the Study and Implication for Practice
Because computers have become an essential component of commonplace lives, it is
progressively central that computer security is placed at the center of the priority list. In the
domain of health and social care services, the majority of thoughts are most often concentrated in
saving the life of all clients, not essentially on safeguarding access to computer systems and
interfaces, where several private data such as medical records are accumulated. IT and computer
security act in the form of a balance that controls access to pertinent health information while
permitting easy and free access to people requiring the information.
Contribution to the Literature
According to Sultan (2014) making complete use of cloud computing for better
healthcare provision has opened several avenues that did not exist earlier. The emerging HIT
approach offers numerous advantages to possible users of health and social care services such as,
metered usage (pay-as-you-go) that delivers online delivery of virtual hardware services such as,
(Peters et al., 2012). This is typically defined in the form of inclination for the consumers to
contest the equal of intimacy disclosed with that received.
Summary
Data protection and privacy are not just discrete terms but encompass several other
considerations that play an essential role in the effective functioning of any healthcare
organization. Because confidentiality of confidential medical information and those related to
health insurance or previous medical history is of extreme importance, all organizations utilizing
health information technology try to avoid circumstances, under which such information can get
breached. The theories as mentioned above explain the historical development of the concept of
privacy of personal information.
Importance of the Study and Implication for Practice
Because computers have become an essential component of commonplace lives, it is
progressively central that computer security is placed at the center of the priority list. In the
domain of health and social care services, the majority of thoughts are most often concentrated in
saving the life of all clients, not essentially on safeguarding access to computer systems and
interfaces, where several private data such as medical records are accumulated. IT and computer
security act in the form of a balance that controls access to pertinent health information while
permitting easy and free access to people requiring the information.
Contribution to the Literature
According to Sultan (2014) making complete use of cloud computing for better
healthcare provision has opened several avenues that did not exist earlier. The emerging HIT
approach offers numerous advantages to possible users of health and social care services such as,
metered usage (pay-as-you-go) that delivers online delivery of virtual hardware services such as,
HEALTHCARE DATA SECURITY 26
virtual servers, collaboration programs, and virtual storage devices and software, and scalability.
This allows the healthcare organizations to preclude the necessity to be in possession of,
maintain and keep their hardware and software infrastructure up-to-date. Additionally, evidences
elaborate on the fact that healthcare organizations employing cloud computing services display
an increased likelihood of significantly lessening their carbon footprint. The same has been
confirmed by Thota et al. (2018) who illustrated that medical sensor nodes have high risks of
getting abducted or lost due to the tiny size, besides the need of resource-efficiency of healthcare
security solutions, owing to the low bandwidth of medical sensors. This calls for the need of
installing cloud computing services that will create provisions for multi-factor authentication and
robust security.
Li et al. (2015) also provided evidence for the limitations and drivers of SDKs, besides
suggesting that introduction of service security layer (SSL) and analysis oriented decision
support system (AODSS) create the provision for therapists in analyzing a vast amount of patient
data, collected from a range of sensors, thus explaining the security benefits of cloud computing
solutions. The researchers also stated that although several telerehabilitation systems exploit
cloud computing structures and deliver instinctive biofeedback and performance assessment,
there are stresses for complete optimization to empower these systems to function with low
battery intake and small computational authority, with weak or lack of network connections.
According to Liu, Huang and Liu (2015) distribution of Personal Health Records (PHR) via the
utilization of cloud computing is a favorable platform for the exchange of health information.
Nevertheless, storage of private clinical and other health-related information is typically
outsourced to a range of third parties, which in turn is responsible for the exposure of patients’
confidentiality to unlawful individuals or organizations. With the aim of addressing the loophole
virtual servers, collaboration programs, and virtual storage devices and software, and scalability.
This allows the healthcare organizations to preclude the necessity to be in possession of,
maintain and keep their hardware and software infrastructure up-to-date. Additionally, evidences
elaborate on the fact that healthcare organizations employing cloud computing services display
an increased likelihood of significantly lessening their carbon footprint. The same has been
confirmed by Thota et al. (2018) who illustrated that medical sensor nodes have high risks of
getting abducted or lost due to the tiny size, besides the need of resource-efficiency of healthcare
security solutions, owing to the low bandwidth of medical sensors. This calls for the need of
installing cloud computing services that will create provisions for multi-factor authentication and
robust security.
Li et al. (2015) also provided evidence for the limitations and drivers of SDKs, besides
suggesting that introduction of service security layer (SSL) and analysis oriented decision
support system (AODSS) create the provision for therapists in analyzing a vast amount of patient
data, collected from a range of sensors, thus explaining the security benefits of cloud computing
solutions. The researchers also stated that although several telerehabilitation systems exploit
cloud computing structures and deliver instinctive biofeedback and performance assessment,
there are stresses for complete optimization to empower these systems to function with low
battery intake and small computational authority, with weak or lack of network connections.
According to Liu, Huang and Liu (2015) distribution of Personal Health Records (PHR) via the
utilization of cloud computing is a favorable platform for the exchange of health information.
Nevertheless, storage of private clinical and other health-related information is typically
outsourced to a range of third parties, which in turn is responsible for the exposure of patients’
confidentiality to unlawful individuals or organizations. With the aim of addressing the loophole
HEALTHCARE DATA SECURITY 27
in security, novel cloud computing approaches have been proposed for the secured distribution of
signcrypted data. Singh, Jeong, and Park (2016) also surveyed on security issues related to cloud
computing and suggested that the HIT solution has a remarkable potential for providing on-
demand health and social care services to different consumers, with increased flexibility, in a
cost-efficient fashion. While approaching the conception of on-demand healthcare service,
resource assembling, security has been recognized as a major problem for the visualization of
computing capability.
Cloud service providers have also been found to assume good security procedures and
shield the security attributes, based on the demands of multitenant users. Another major
contribution to literature is the fact that cloud computing offers huge scalable calculating and
storage, data allocation, on-demand anywhere and anytime access to applications and resources,
thereby supporting powerful and easy disseminated computing models. Nonetheless, it is
essential to address certain security issues while taking into consideration the privacy of patient
data (Calabrese & Cannataro, 2015).
Contribution to the Practice
The significance of healthcare data security can be accredited to the fact that the
healthcare industry has recently been informed by the FBI about the fact that it is continually
besieged by several hackers. Time and again the FBI has cautioned the healthcare industry
regarding the presence of IT systems that were a slacker when compared to IT tools employed in
different sectors. Incidents that involve a breach of relevant healthcare data have been found to
affect an estimated 30 million patients, with an ever-increasing trend in the proportions (Koch,
2016). Although wide-ranging digitization of patient statistics in the sector of health and social
care has upgraded the delivery of healthcare services, thereby making them efficient and fast,
in security, novel cloud computing approaches have been proposed for the secured distribution of
signcrypted data. Singh, Jeong, and Park (2016) also surveyed on security issues related to cloud
computing and suggested that the HIT solution has a remarkable potential for providing on-
demand health and social care services to different consumers, with increased flexibility, in a
cost-efficient fashion. While approaching the conception of on-demand healthcare service,
resource assembling, security has been recognized as a major problem for the visualization of
computing capability.
Cloud service providers have also been found to assume good security procedures and
shield the security attributes, based on the demands of multitenant users. Another major
contribution to literature is the fact that cloud computing offers huge scalable calculating and
storage, data allocation, on-demand anywhere and anytime access to applications and resources,
thereby supporting powerful and easy disseminated computing models. Nonetheless, it is
essential to address certain security issues while taking into consideration the privacy of patient
data (Calabrese & Cannataro, 2015).
Contribution to the Practice
The significance of healthcare data security can be accredited to the fact that the
healthcare industry has recently been informed by the FBI about the fact that it is continually
besieged by several hackers. Time and again the FBI has cautioned the healthcare industry
regarding the presence of IT systems that were a slacker when compared to IT tools employed in
different sectors. Incidents that involve a breach of relevant healthcare data have been found to
affect an estimated 30 million patients, with an ever-increasing trend in the proportions (Koch,
2016). Although wide-ranging digitization of patient statistics in the sector of health and social
care has upgraded the delivery of healthcare services, thereby making them efficient and fast,
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 28
threats to information security are alarming (Lian, Yen & Wang, 2014). Reports suggest that
information security breaches in the year 2016 were responsible for creating a negative impact
on as much as 27 million patients, in the healthcare industry (Kotz et al., 2016). Taking into
consideration the complex nature of healthcare data, it is imperative for all healthcare providers
to create provisions for the implementation of reliable and robust information security services,
in real-time settings. The strategies aimed at safeguarding relevant health information should not
only protect vital clinical information from third party sources but also forecast and avert any
possible assaults that are launched by cybercriminals, in the databases. In recent years, data
suggests growing interest of the cybercriminals in hacking electronic medical records (EMRs),
which in turn can be attributed to the fact that the rate of such information in the black market is
considerably more significant, in comparison to bank account passwords or credit card numbers
(Alanazi et al., 2015).
Although surprising, the trends of hacking records stored in different health information
technology (HIT) equipment are quite understandable. In all, relevant clinical data stored in
EHRs or EMRs comprise of the names of patients, date of birth, phone numbers, and addresses,
places of occupation, job positions, card numbers, IDs, social and medical insurance (Tsai et al.,
2014). Therefore, theft of such vital clinical information has the potential of resulting in
complete theft of identity, rather than some kind of bank hack. Another matter of concern is the
weak defense of data related to patient health, medical history, and insurance coverage, in
healthcare institutions. Monetary organizations such as, banks have long been found to engage in
the installation of a strong system for protecting the confidential information of their clients.
According to Wang et al. (2015), the system primarily comprises of two-factor
authentication has become a mainstay for protecting the credentials of the users and the resources
threats to information security are alarming (Lian, Yen & Wang, 2014). Reports suggest that
information security breaches in the year 2016 were responsible for creating a negative impact
on as much as 27 million patients, in the healthcare industry (Kotz et al., 2016). Taking into
consideration the complex nature of healthcare data, it is imperative for all healthcare providers
to create provisions for the implementation of reliable and robust information security services,
in real-time settings. The strategies aimed at safeguarding relevant health information should not
only protect vital clinical information from third party sources but also forecast and avert any
possible assaults that are launched by cybercriminals, in the databases. In recent years, data
suggests growing interest of the cybercriminals in hacking electronic medical records (EMRs),
which in turn can be attributed to the fact that the rate of such information in the black market is
considerably more significant, in comparison to bank account passwords or credit card numbers
(Alanazi et al., 2015).
Although surprising, the trends of hacking records stored in different health information
technology (HIT) equipment are quite understandable. In all, relevant clinical data stored in
EHRs or EMRs comprise of the names of patients, date of birth, phone numbers, and addresses,
places of occupation, job positions, card numbers, IDs, social and medical insurance (Tsai et al.,
2014). Therefore, theft of such vital clinical information has the potential of resulting in
complete theft of identity, rather than some kind of bank hack. Another matter of concern is the
weak defense of data related to patient health, medical history, and insurance coverage, in
healthcare institutions. Monetary organizations such as, banks have long been found to engage in
the installation of a strong system for protecting the confidential information of their clients.
According to Wang et al. (2015), the system primarily comprises of two-factor
authentication has become a mainstay for protecting the credentials of the users and the resources
HEALTHCARE DATA SECURITY 29
that can be accessed by them. On the contrary, public health associations do not have provisions
for the implementation of such a verification system, thereby fall prey to cyber criminals. With
increased dependence of companies on technology for their administrative, financial, and clinical
functions, their expenditures and IT departments have had to scale rapidly to retain pace. This
swift progression has resulted in the formation of a blurred line, with healthcare organizations
adorning the role of both healthcare provider and technology companies. However, with the
ever-increasing demands for technology, options for consistent structure for data storage and IT-
based applications have also amplified (Singh & Sittig, 2016). Hence, in recent years, the one
system that has been widely recognized is the notion of cloud computing.
According to evidence, cloud security comprises of a broad set of technologies, policies,
controls, and applications that are utilized, with the aim of protecting virtual data, services and
applications (Tyagi, Agarwal & Maheshwari, 2016). Use of HIT in the form of cloud computing
security creates the provision where the health and social care providers have the capability of
storing and processing data of their clients, in third-party data based centers. This greatly
contributes to practice because the healthcare organizations use the system in a vast plethora of
service models such as platform as a service (PaaS), software as a service (SaaS), and
infrastructure as a service (IaaS) (Hashem et al., 2015). Although the responsibility is shared,
use of this system helps the healthcare providers in ensuring that the existing infrastructure of the
organization is protected and that all applications and data related to the patients are safe, while
measures are adopted for stimulating the application and verification measures.
One major contribution to practice can be associated with the fact that cloud computing
security has the capability of addressing both logical and physical security issues, prevalent
across a range of software service models, infrastructure, and platform. This healthcare data
that can be accessed by them. On the contrary, public health associations do not have provisions
for the implementation of such a verification system, thereby fall prey to cyber criminals. With
increased dependence of companies on technology for their administrative, financial, and clinical
functions, their expenditures and IT departments have had to scale rapidly to retain pace. This
swift progression has resulted in the formation of a blurred line, with healthcare organizations
adorning the role of both healthcare provider and technology companies. However, with the
ever-increasing demands for technology, options for consistent structure for data storage and IT-
based applications have also amplified (Singh & Sittig, 2016). Hence, in recent years, the one
system that has been widely recognized is the notion of cloud computing.
According to evidence, cloud security comprises of a broad set of technologies, policies,
controls, and applications that are utilized, with the aim of protecting virtual data, services and
applications (Tyagi, Agarwal & Maheshwari, 2016). Use of HIT in the form of cloud computing
security creates the provision where the health and social care providers have the capability of
storing and processing data of their clients, in third-party data based centers. This greatly
contributes to practice because the healthcare organizations use the system in a vast plethora of
service models such as platform as a service (PaaS), software as a service (SaaS), and
infrastructure as a service (IaaS) (Hashem et al., 2015). Although the responsibility is shared,
use of this system helps the healthcare providers in ensuring that the existing infrastructure of the
organization is protected and that all applications and data related to the patients are safe, while
measures are adopted for stimulating the application and verification measures.
One major contribution to practice can be associated with the fact that cloud computing
security has the capability of addressing both logical and physical security issues, prevalent
across a range of software service models, infrastructure, and platform. This healthcare data
HEALTHCARE DATA SECURITY 30
security tool also holds the potential of addressing the delivery of healthcare services (private,
public, or hybrid delivery models) (Hiremath, Yang & Mankodiya, 2014). The setting in which
the healthcare organizations deliver care services to the patients is ever-changing. The strongest
features of cloud computing services are reliability and security that prevent unauthorized access
to any form of healthcare data. With increased migration of infrastructure and patient data from
hospitals to the cloud, the query for the security of cloud computing becomes supreme. Cloud
computing security has been found to provide several levels of control in the healthcare
infrastructure that affords protection and continuity.
Taking into consideration, the increasing trends of distributed denial of service attacks
(DDoS), cloud computing securities prove beneficial in preventing huge traffic, by entailing
surveillance, absorption, and dispersal of attacks, thereby minimizing all forms of risks (Latif,
Abbas & Assar, 2014). With the rapidly increasing rates of healthcare data breaches, cloud
computing security based HIT solutions also play a central role in safeguarding sensitive transfer
of information, thus preventing third parties from tampering or eavesdropping the information
being conveyed. According to Kocabas and Soyata (2014), another major contribution to practice
is the fact that major cloud computing solutions regulate compliance to enhanced infrastructure,
thus safeguarding fiscal and personal data. Live monitoring also offers constant support to the
companies and help in ensuring high availability of services.
Summary
Thus, it can be summarized that the health and social care industry is one of the most
challenging sectors to transform, owing to the large proportion of legacy system, concomitant
with the huge amount of personalized and sensitive client information. The challenges faced by
the industry in securing patient information can be adequately addressed by implementation of
security tool also holds the potential of addressing the delivery of healthcare services (private,
public, or hybrid delivery models) (Hiremath, Yang & Mankodiya, 2014). The setting in which
the healthcare organizations deliver care services to the patients is ever-changing. The strongest
features of cloud computing services are reliability and security that prevent unauthorized access
to any form of healthcare data. With increased migration of infrastructure and patient data from
hospitals to the cloud, the query for the security of cloud computing becomes supreme. Cloud
computing security has been found to provide several levels of control in the healthcare
infrastructure that affords protection and continuity.
Taking into consideration, the increasing trends of distributed denial of service attacks
(DDoS), cloud computing securities prove beneficial in preventing huge traffic, by entailing
surveillance, absorption, and dispersal of attacks, thereby minimizing all forms of risks (Latif,
Abbas & Assar, 2014). With the rapidly increasing rates of healthcare data breaches, cloud
computing security based HIT solutions also play a central role in safeguarding sensitive transfer
of information, thus preventing third parties from tampering or eavesdropping the information
being conveyed. According to Kocabas and Soyata (2014), another major contribution to practice
is the fact that major cloud computing solutions regulate compliance to enhanced infrastructure,
thus safeguarding fiscal and personal data. Live monitoring also offers constant support to the
companies and help in ensuring high availability of services.
Summary
Thus, it can be summarized that the health and social care industry is one of the most
challenging sectors to transform, owing to the large proportion of legacy system, concomitant
with the huge amount of personalized and sensitive client information. The challenges faced by
the industry in securing patient information can be adequately addressed by implementation of
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
HEALTHCARE DATA SECURITY 31
cloud computing that alters the manner nurses, doctors, hospitals, and clinics deliver excellence
and cost-effective facilities to their patients. This changeover is being determined by two powers
namely, the monetary imperative for reducing costs, and for enhancing the quality of patient
care. Thus, cloud computing can transform healthcare, rendering it more well-organized through
a reorganized technique, and enhancing the patient experience by delivering more secured
services at meaningfully lesser costs.
Directions for Future Research
An analysis of the literature review conducted by far helps in identifying the fact that
withseveral advancements made in the field of information technology and data science, patient
confidentiality and security endures to propagate as a foremostapprehension for healthcare
organizations. These tools yield prodigiouspotential, besides increasing ethical issues related to
serious privacy and security, which when remain unaddressed, grow in the form of critical
barriers. Subsequently the expected opportunities are not adequately fulfilled and there is an
impediment to the long-term success of the organizations (Gellert et al., 2015). Recently, data
analysts working in different healthcare organizations have been found to display an interest in
gathering and learningnovelcategories and causes of underleveraged information, such as, sensor
networks, mobile health, emails and social media, besides electronic health record (EHR). In the
past decades much efforts have been taken by the healthcare organizations in addressing
noteworthy privacy issues that arise from the extensive usage of paper-based medical records
(Beaty & Quirk, 2015). With the primary objective of averting such critical situations, three
momentous privacy and security goals that should be listed on the priority list of all healthcare
organizations are integrity, confidentiality, and availability of patient data. The safety and
defense of personal data is significant in the healthcare business, and henceforth protecting the
cloud computing that alters the manner nurses, doctors, hospitals, and clinics deliver excellence
and cost-effective facilities to their patients. This changeover is being determined by two powers
namely, the monetary imperative for reducing costs, and for enhancing the quality of patient
care. Thus, cloud computing can transform healthcare, rendering it more well-organized through
a reorganized technique, and enhancing the patient experience by delivering more secured
services at meaningfully lesser costs.
Directions for Future Research
An analysis of the literature review conducted by far helps in identifying the fact that
withseveral advancements made in the field of information technology and data science, patient
confidentiality and security endures to propagate as a foremostapprehension for healthcare
organizations. These tools yield prodigiouspotential, besides increasing ethical issues related to
serious privacy and security, which when remain unaddressed, grow in the form of critical
barriers. Subsequently the expected opportunities are not adequately fulfilled and there is an
impediment to the long-term success of the organizations (Gellert et al., 2015). Recently, data
analysts working in different healthcare organizations have been found to display an interest in
gathering and learningnovelcategories and causes of underleveraged information, such as, sensor
networks, mobile health, emails and social media, besides electronic health record (EHR). In the
past decades much efforts have been taken by the healthcare organizations in addressing
noteworthy privacy issues that arise from the extensive usage of paper-based medical records
(Beaty & Quirk, 2015). With the primary objective of averting such critical situations, three
momentous privacy and security goals that should be listed on the priority list of all healthcare
organizations are integrity, confidentiality, and availability of patient data. The safety and
defense of personal data is significant in the healthcare business, and henceforth protecting the
HEALTHCARE DATA SECURITY 32
integrity, availability, and confidentiality of the health facts is a main chore. Healthcare data is
commonly measured most profound and intimate of all personal human data. Therefore, the
major objective of organizations that are involved in maintaining healthcare data security should
focus on making such personal information reachable and available to only authorized personnel,
and not any third parties who might misuse such valuable information.
Efforts have already begun to be taken by the organizations, in relation to the formulation
and enforcement of a plethora of authentication procedures that are capable of uniquely
identifying the users and limiting access to the essential resources by unwanted people, thereby
strengthening the purpose of confidentiality (Cimino et al., 2014). On the other hand, integrity
encompasses the fact that no kind of personal information or data will be altered or demolished,
in an unlawful method. A dynamic constituent of integrity is safeguarding that the healthcare
information is completely sheltered against any kind of reasonably expected security fears or
dangers and that the complete life cycle is entirely auditable. Integrity also comprises of the
notion of source integrity and data integrity. Availability, also referred to as obtainability
guarantees that all information systems of the healthcare organizations are accessible and
reachable to sanctioned workers under all circumstances. Even during times of natural disasters,
system failures, and denial-of-service (DoS) attacks, there is a need for all organization to ensure
that the clinical informatics systems are kept operative (Tan et al., 2014). Of late, it has been
found that several institutions have resorted to the use of redundant disk systems and backups, in
order to safeguard availability of healthcare personal data.
Time and again it has been proved that the healthcare business is predominantly
susceptible to data deception and health identity robbery due to the content and type of data it
generates, gathers, and stores. Complex data such as insurance identification numbers, medical
integrity, availability, and confidentiality of the health facts is a main chore. Healthcare data is
commonly measured most profound and intimate of all personal human data. Therefore, the
major objective of organizations that are involved in maintaining healthcare data security should
focus on making such personal information reachable and available to only authorized personnel,
and not any third parties who might misuse such valuable information.
Efforts have already begun to be taken by the organizations, in relation to the formulation
and enforcement of a plethora of authentication procedures that are capable of uniquely
identifying the users and limiting access to the essential resources by unwanted people, thereby
strengthening the purpose of confidentiality (Cimino et al., 2014). On the other hand, integrity
encompasses the fact that no kind of personal information or data will be altered or demolished,
in an unlawful method. A dynamic constituent of integrity is safeguarding that the healthcare
information is completely sheltered against any kind of reasonably expected security fears or
dangers and that the complete life cycle is entirely auditable. Integrity also comprises of the
notion of source integrity and data integrity. Availability, also referred to as obtainability
guarantees that all information systems of the healthcare organizations are accessible and
reachable to sanctioned workers under all circumstances. Even during times of natural disasters,
system failures, and denial-of-service (DoS) attacks, there is a need for all organization to ensure
that the clinical informatics systems are kept operative (Tan et al., 2014). Of late, it has been
found that several institutions have resorted to the use of redundant disk systems and backups, in
order to safeguard availability of healthcare personal data.
Time and again it has been proved that the healthcare business is predominantly
susceptible to data deception and health identity robbery due to the content and type of data it
generates, gathers, and stores. Complex data such as insurance identification numbers, medical
HEALTHCARE DATA SECURITY 33
provider identification numbers, SSNs, and payment information often create the scope for
offenders to file deceitful claims that remain unnoticed for long periods of time. Additionally,
there is a universal consensus, at least from the time of the Hippocratic Oath that the distinct
association between a patient and the healthcare professional is highly subject to privacy and
discretion (Hubaux & Juels, 2016). In other words, showing adherence to the constitutional
rights is essential, in order to guard the professional discretion existing in the healthcare sector
and informational self-determination. Under circumstances when the rights are not found to exist
in health institutions and governing bodies of certain states and republics, the immediate call of
the hour is to put then into force, based on urgency of healthcare data security. The discretion of
medical data must be recognized by all countries in the form of an indispensable claim for all
types of information handling and data processing in health and social care. New evidence and
communication technologies have been found to play an important role in enhancing the efficacy
and quality of the delivered healthcare facilities. Nonetheless, they generate new hitches
(Kvedar, Coye & Everett, 2014). Therefore, all organizations must take necessary steps for
recognizing personal healthcare data protection, privacy and processer security are the
elementary requirements for suitable introduction and usage of communication and information
technologies in healthcare sector.
However, future research must also focus on addressing the glitches associated with data
protection that are of a legal, administrative, political, and/or technical nature. The elementary
legal and political problem is associated with governing the equilibrium between incompatible
goals such as, efficacy of healthcare versus privacy of clinical data. Some of the most
rudimentary directorial problems are related with classification of errands, measures and access
rights, and the fitting apportionment of human and fiscal resources (Liu, Musen&Chou, 2015).
provider identification numbers, SSNs, and payment information often create the scope for
offenders to file deceitful claims that remain unnoticed for long periods of time. Additionally,
there is a universal consensus, at least from the time of the Hippocratic Oath that the distinct
association between a patient and the healthcare professional is highly subject to privacy and
discretion (Hubaux & Juels, 2016). In other words, showing adherence to the constitutional
rights is essential, in order to guard the professional discretion existing in the healthcare sector
and informational self-determination. Under circumstances when the rights are not found to exist
in health institutions and governing bodies of certain states and republics, the immediate call of
the hour is to put then into force, based on urgency of healthcare data security. The discretion of
medical data must be recognized by all countries in the form of an indispensable claim for all
types of information handling and data processing in health and social care. New evidence and
communication technologies have been found to play an important role in enhancing the efficacy
and quality of the delivered healthcare facilities. Nonetheless, they generate new hitches
(Kvedar, Coye & Everett, 2014). Therefore, all organizations must take necessary steps for
recognizing personal healthcare data protection, privacy and processer security are the
elementary requirements for suitable introduction and usage of communication and information
technologies in healthcare sector.
However, future research must also focus on addressing the glitches associated with data
protection that are of a legal, administrative, political, and/or technical nature. The elementary
legal and political problem is associated with governing the equilibrium between incompatible
goals such as, efficacy of healthcare versus privacy of clinical data. Some of the most
rudimentary directorial problems are related with classification of errands, measures and access
rights, and the fitting apportionment of human and fiscal resources (Liu, Musen&Chou, 2015).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 34
The commonly encountered technical challenge is the directness of contemporary
communication and data processing systems. Therefore, all institutions associated with the
healthcare sector must take account of the fact that storage of personal clinical data on disks, and
their subsequent transfer via internet results in exposure of the data to forgery and inspection.
Future research must also take note of the fact that implementation of currentcommunication and
open information systems into healthcare results in revelation of most subtle and profound
information of an individual (Gordon, Fairhall & Landman, 2017). Furthermore, the processing
of clinical data scarcely ever fits in the regulations imposed by data protection rules, at least in
the nations where these decrees are existent.
Electronic health records (EHRs), wearable medical devices, cloud-based data storage,
and mobile health (mHealth) applications have been found to play an important role in changing
diagnosis, illness management and health monitoring. Thus, it can be stated that health data now
flows yonder the network edge. Regrettably, these technological advances have extended the
occasions for cyber-crime, such as, theft of patient data, misusing clinical device vulnerabilities,
tapping off institutional data, holding records for ransom. At the same time, healthcare sector has
become the most definitely targeted domains (Hingle, 2016). Therefore, future research must
focus on investigating ways by which hospitals can be prevented from falling prey to cyber-
attacks such as, business email compromise (BEC) and ransomware. Research must also be
conducted to unravel the factors that increase susceptibility of the institutions to such attach,
besides determining the efficacy ofadopting a people-centered approach for noticing, blocking,
and retorting to them.
Summary
The commonly encountered technical challenge is the directness of contemporary
communication and data processing systems. Therefore, all institutions associated with the
healthcare sector must take account of the fact that storage of personal clinical data on disks, and
their subsequent transfer via internet results in exposure of the data to forgery and inspection.
Future research must also take note of the fact that implementation of currentcommunication and
open information systems into healthcare results in revelation of most subtle and profound
information of an individual (Gordon, Fairhall & Landman, 2017). Furthermore, the processing
of clinical data scarcely ever fits in the regulations imposed by data protection rules, at least in
the nations where these decrees are existent.
Electronic health records (EHRs), wearable medical devices, cloud-based data storage,
and mobile health (mHealth) applications have been found to play an important role in changing
diagnosis, illness management and health monitoring. Thus, it can be stated that health data now
flows yonder the network edge. Regrettably, these technological advances have extended the
occasions for cyber-crime, such as, theft of patient data, misusing clinical device vulnerabilities,
tapping off institutional data, holding records for ransom. At the same time, healthcare sector has
become the most definitely targeted domains (Hingle, 2016). Therefore, future research must
focus on investigating ways by which hospitals can be prevented from falling prey to cyber-
attacks such as, business email compromise (BEC) and ransomware. Research must also be
conducted to unravel the factors that increase susceptibility of the institutions to such attach,
besides determining the efficacy ofadopting a people-centered approach for noticing, blocking,
and retorting to them.
Summary
HEALTHCARE DATA SECURITY 35
Prior to the digital revolution, the healthcare sector typically followed a path from the
healthcare providers to their clients that allowed delivery of optimal healthcare services, thereby
enhancing health and wellbeing. The major objective of health information technology (HIT) is
to provide excellent care for all patients, besides attaining health equity. HIT provides support
for recording personal patient information, in order to improve information analysis for the
practitioners and healthcare agencies (Baghai, 2012). Some of the potential advantages of HIT
are related with increase in patient safety, reduction in medical errors, and strengthening
interaction between providers and patients. In middle- and low-income countries, the necessity
for affordable and reliable clinical record software is paramount. Presence of an all-inclusive
patient history, in the form of EMR or EHR,authorizesthe practitioners to treat the ailments in a
more effective manner, thereby stopping over-prescribing medicines that can prove fatal. The
implementation of HIT has also created provisions for interoperability, thus ensuring simpler
communication between the providers (Castiglione et al., 2015). Healthcare data technologies
have also facilitated the process of medical billing, besides increasing ease-of access of patient
information.
Although adoption of information technology in the sector has facilitated efficient
functioning of the organizations, besides reducing medical errors, and improving the health
condition of patients, breach of information privacy is a major concern.The rise in data breaches
has been accredited to existing gaps in the federal privacy principles, absence of implementation
of prevailing legislation, increased computerization, curiosity, rifeness of social media, and the
impending extensive monetization of private health information by unlawful operators (Fiorito &
Edens, 2016). The administrative significances of data breaches are typically momentous, of
which fiscal forfeits, destruction to reputation, and misplaced incomes are most prominent. In
Prior to the digital revolution, the healthcare sector typically followed a path from the
healthcare providers to their clients that allowed delivery of optimal healthcare services, thereby
enhancing health and wellbeing. The major objective of health information technology (HIT) is
to provide excellent care for all patients, besides attaining health equity. HIT provides support
for recording personal patient information, in order to improve information analysis for the
practitioners and healthcare agencies (Baghai, 2012). Some of the potential advantages of HIT
are related with increase in patient safety, reduction in medical errors, and strengthening
interaction between providers and patients. In middle- and low-income countries, the necessity
for affordable and reliable clinical record software is paramount. Presence of an all-inclusive
patient history, in the form of EMR or EHR,authorizesthe practitioners to treat the ailments in a
more effective manner, thereby stopping over-prescribing medicines that can prove fatal. The
implementation of HIT has also created provisions for interoperability, thus ensuring simpler
communication between the providers (Castiglione et al., 2015). Healthcare data technologies
have also facilitated the process of medical billing, besides increasing ease-of access of patient
information.
Although adoption of information technology in the sector has facilitated efficient
functioning of the organizations, besides reducing medical errors, and improving the health
condition of patients, breach of information privacy is a major concern.The rise in data breaches
has been accredited to existing gaps in the federal privacy principles, absence of implementation
of prevailing legislation, increased computerization, curiosity, rifeness of social media, and the
impending extensive monetization of private health information by unlawful operators (Fiorito &
Edens, 2016). The administrative significances of data breaches are typically momentous, of
which fiscal forfeits, destruction to reputation, and misplaced incomes are most prominent. In
HEALTHCARE DATA SECURITY 36
other words, healthcare remains one profitable target for the hackers, with misconfigured cloud
storage scores, ransomware, and phishing correspondences. The over-all twelve-monthly
economic influence of information breaches have been found to result in loss of millions.
Nonetheless, negligible protection measures are taken by the healthcare organizations for
averting, monitoring, or generating a remedy for such data breaches. Medical data breach has
become an issue of global concern where the personal health information of patients are stolen
from medical billing, health insurance, or EHRs (Heath, 2014). Unauthorized account access to
such data, hacking and theft are the most common forms of such breaches. Although cloud-
computing has been widely implemented for digitalizing pertinent clinical information, there is a
need for all institutions to create the provision for adequate capital. This in turn will facilitate the
implementation of security and privacy safeguards, in effective budgets. Nonetheless, future
research must focus on addressing the major gaps and identifying novel strategies to encounter
the drawbacks of such HIT.
other words, healthcare remains one profitable target for the hackers, with misconfigured cloud
storage scores, ransomware, and phishing correspondences. The over-all twelve-monthly
economic influence of information breaches have been found to result in loss of millions.
Nonetheless, negligible protection measures are taken by the healthcare organizations for
averting, monitoring, or generating a remedy for such data breaches. Medical data breach has
become an issue of global concern where the personal health information of patients are stolen
from medical billing, health insurance, or EHRs (Heath, 2014). Unauthorized account access to
such data, hacking and theft are the most common forms of such breaches. Although cloud-
computing has been widely implemented for digitalizing pertinent clinical information, there is a
need for all institutions to create the provision for adequate capital. This in turn will facilitate the
implementation of security and privacy safeguards, in effective budgets. Nonetheless, future
research must focus on addressing the major gaps and identifying novel strategies to encounter
the drawbacks of such HIT.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
HEALTHCARE DATA SECURITY 37
References
Alanazi, H. O., Zaidan, A. A., Zaidan, B. B., Kiah, M. M., & Al-Bakri, S. H. (2015). Meeting the
security requirements of electronic medical records in the ERA of high-speed
computing. Journal of medical systems, 39(1), 165.
Anagnostopoulos, I., Zeadally, S., & Exposito, E. (2016). Handling big data: research challenges
and future directions. The Journal of Supercomputing, 72(4), 1494-1516.
Appleton, S. F. (2016). The Forgotten Family Law of Eisenstadt v. Baird. Yale JL &
Feminism, 28, 1.
Archenaa, J., & Anita, E. M. (2015). A survey of big data analytics in healthcare and
government. Procedia Computer Science, 50, 408-413.
Aslam, M. U., Derhab, A., Saleem, K., Abbas, H., Orgun, M., Iqbal, W., & Aslam, B. (2017). A
survey of authentication schemes in telecare medicine information systems. Journal of
medical systems, 41(1), 14.
Baghai, K. (2012). Privacy as a human right: a sociological theory. Sociology, 46(5), 951-965.
Bauchner, H. (2015). Medicare and Medicaid, the Affordable Care Act, and US Health
Policy. Jama, 314(4), 353-354.
Beaty, D. L., & Quirk, D. (2015). The digital revolution. ASHRAE Journal, 57(5), 80-85.
Boric-Lubecke, O., Gao, X., Yavari, E., Baboli, M., Singh, A., & Lubecke, V. M. (2014, June).
E-healthcare: Remote monitoring, privacy, and security. In Microwave Symposium
(IMS), 2014 IEEE MTT-S International (pp. 1-3). IEEE.
Bouidi, Y., Idrissi, M. A., & Rais, N. (2017). Adopting an Open Source Hospital Information
System to Manage Healthcare Institutions. LIFE: International Journal of Health and
Life-Sciences, 3(3).
References
Alanazi, H. O., Zaidan, A. A., Zaidan, B. B., Kiah, M. M., & Al-Bakri, S. H. (2015). Meeting the
security requirements of electronic medical records in the ERA of high-speed
computing. Journal of medical systems, 39(1), 165.
Anagnostopoulos, I., Zeadally, S., & Exposito, E. (2016). Handling big data: research challenges
and future directions. The Journal of Supercomputing, 72(4), 1494-1516.
Appleton, S. F. (2016). The Forgotten Family Law of Eisenstadt v. Baird. Yale JL &
Feminism, 28, 1.
Archenaa, J., & Anita, E. M. (2015). A survey of big data analytics in healthcare and
government. Procedia Computer Science, 50, 408-413.
Aslam, M. U., Derhab, A., Saleem, K., Abbas, H., Orgun, M., Iqbal, W., & Aslam, B. (2017). A
survey of authentication schemes in telecare medicine information systems. Journal of
medical systems, 41(1), 14.
Baghai, K. (2012). Privacy as a human right: a sociological theory. Sociology, 46(5), 951-965.
Bauchner, H. (2015). Medicare and Medicaid, the Affordable Care Act, and US Health
Policy. Jama, 314(4), 353-354.
Beaty, D. L., & Quirk, D. (2015). The digital revolution. ASHRAE Journal, 57(5), 80-85.
Boric-Lubecke, O., Gao, X., Yavari, E., Baboli, M., Singh, A., & Lubecke, V. M. (2014, June).
E-healthcare: Remote monitoring, privacy, and security. In Microwave Symposium
(IMS), 2014 IEEE MTT-S International (pp. 1-3). IEEE.
Bouidi, Y., Idrissi, M. A., & Rais, N. (2017). Adopting an Open Source Hospital Information
System to Manage Healthcare Institutions. LIFE: International Journal of Health and
Life-Sciences, 3(3).
HEALTHCARE DATA SECURITY 38
Brandeis, S. D., & Warren, L. D. (2018). The right to Privacy. BoD–Books on Demand.
Calabrese, B., & Cannataro, M. (2015). Cloud computing in healthcare and
biomedicine. Scalable Computing: Practice and Experience, 16(1), 1-18.
Carley, S., Nicholson‐Crotty, S., & Fisher, E. J. (2015). Capacity, guidance, and the
implementation of the American Recovery and Reinvestment Act. Public Administration
Review, 75(1), 113-125.
Castiglione, A., Pizzolante, R., De Santis, A., Carpentieri, B., Castiglione, A., & Palmieri, F.
(2015). Cloud-based adaptive compression and secure management services for 3D
healthcare data. Future Generation Computer Systems, 43, 120-134.
Catallo, C., Jack, S. M., Ciliska, D., & MacMillan, H. L. (2013). Minimizing the risk of
intrusion: a grounded theory of intimate partner violence disclosure in emergency
departments. Journal of Advanced Nursing, 69(6), 1366-1376.
Chen, M., Qian, Y., Chen, J., Hwang, K., Mao, S., & Hu, L. (2016). Privacy protection and
intrusion avoidance for cloudlet-based medical data sharing. IEEE Transactions on
Cloud Computing.
Cimino, J. J., Ayres, E. J., Remennik, L., Rath, S., Freedman, R., Beri, A., ... & Huser, V. (2014).
The National Institutes of Health’s Biomedical Translational Research Information
System (BTRIS): design, contents, functionality and experience to date. Journal of
biomedical informatics, 52, 11-27.
Clancy, T. K. (2012). United States v. Jones: Fourth amendment applicability in the 21st
century. Ohio St. J. Crim. L., 10, 303.
Cohen, J. E. (2012). What privacy is for. Harv. L. Rev., 126, 1904.
Brandeis, S. D., & Warren, L. D. (2018). The right to Privacy. BoD–Books on Demand.
Calabrese, B., & Cannataro, M. (2015). Cloud computing in healthcare and
biomedicine. Scalable Computing: Practice and Experience, 16(1), 1-18.
Carley, S., Nicholson‐Crotty, S., & Fisher, E. J. (2015). Capacity, guidance, and the
implementation of the American Recovery and Reinvestment Act. Public Administration
Review, 75(1), 113-125.
Castiglione, A., Pizzolante, R., De Santis, A., Carpentieri, B., Castiglione, A., & Palmieri, F.
(2015). Cloud-based adaptive compression and secure management services for 3D
healthcare data. Future Generation Computer Systems, 43, 120-134.
Catallo, C., Jack, S. M., Ciliska, D., & MacMillan, H. L. (2013). Minimizing the risk of
intrusion: a grounded theory of intimate partner violence disclosure in emergency
departments. Journal of Advanced Nursing, 69(6), 1366-1376.
Chen, M., Qian, Y., Chen, J., Hwang, K., Mao, S., & Hu, L. (2016). Privacy protection and
intrusion avoidance for cloudlet-based medical data sharing. IEEE Transactions on
Cloud Computing.
Cimino, J. J., Ayres, E. J., Remennik, L., Rath, S., Freedman, R., Beri, A., ... & Huser, V. (2014).
The National Institutes of Health’s Biomedical Translational Research Information
System (BTRIS): design, contents, functionality and experience to date. Journal of
biomedical informatics, 52, 11-27.
Clancy, T. K. (2012). United States v. Jones: Fourth amendment applicability in the 21st
century. Ohio St. J. Crim. L., 10, 303.
Cohen, J. E. (2012). What privacy is for. Harv. L. Rev., 126, 1904.
HEALTHCARE DATA SECURITY 39
Cuevas‐Rodríguez, G., Gomez‐Mejia, L. R., & Wiseman, R. M. (2012). Has agency theory run
its course?: Making the theory more flexible to inform the management of reward
systems. Corporate Governance: An International Review, 20(6), 526-546.
Cunningham, J., & Ainsworth, J. (2018, January). Enabling patient control of personal electronic
health records through distributed ledger technology. In MEDINFO 2017: Precision
Healthcare Through Informatics: Proceedings of the 16th World Congress on Medical
and Health Informatics (Vol. 245, p. 45). IOS Press.
Dienlin, T., & Trepte, S. (2015). Is the privacy paradox a relic of the past? An in‐depth analysis
of privacy attitudes and privacy behaviors. European Journal of Social
Psychology, 45(3), 285-297.
Duke, J. D., Morea, J., Mamlin, B., Martin, D. K., Simonaitis, L., Takesue, B. Y., ... & Dexter, P.
R. (2014). Regenstrief Institute's medical gopher: A next-generation homegrown
electronic medical record system. International journal of medical informatics, 83(3),
170-179.
Fiorito, M., & Edens, T. (2016). Health Information Management (HIM) White Paper.
Foss, N., & Stea, D. (2014). Putting a realistic theory of mind into agency theory: Implications
for reward design and management in principal‐agent relations. European Management
Review, 11(1), 101-116.
Fuller, M. B. (2018). Health Insurance Portability and Accountability Act. Retrieved from
https://www.azpremierderm.com/assets/azpd_hipaa_form_2018_a.pdf
Gellert, G. A., Ramirez, R., & Webster, S. L. (2015). The rise of the medical scribe industry:
implications for the advancement of electronic health records. Jama, 313(13), 1315-1316.
Cuevas‐Rodríguez, G., Gomez‐Mejia, L. R., & Wiseman, R. M. (2012). Has agency theory run
its course?: Making the theory more flexible to inform the management of reward
systems. Corporate Governance: An International Review, 20(6), 526-546.
Cunningham, J., & Ainsworth, J. (2018, January). Enabling patient control of personal electronic
health records through distributed ledger technology. In MEDINFO 2017: Precision
Healthcare Through Informatics: Proceedings of the 16th World Congress on Medical
and Health Informatics (Vol. 245, p. 45). IOS Press.
Dienlin, T., & Trepte, S. (2015). Is the privacy paradox a relic of the past? An in‐depth analysis
of privacy attitudes and privacy behaviors. European Journal of Social
Psychology, 45(3), 285-297.
Duke, J. D., Morea, J., Mamlin, B., Martin, D. K., Simonaitis, L., Takesue, B. Y., ... & Dexter, P.
R. (2014). Regenstrief Institute's medical gopher: A next-generation homegrown
electronic medical record system. International journal of medical informatics, 83(3),
170-179.
Fiorito, M., & Edens, T. (2016). Health Information Management (HIM) White Paper.
Foss, N., & Stea, D. (2014). Putting a realistic theory of mind into agency theory: Implications
for reward design and management in principal‐agent relations. European Management
Review, 11(1), 101-116.
Fuller, M. B. (2018). Health Insurance Portability and Accountability Act. Retrieved from
https://www.azpremierderm.com/assets/azpd_hipaa_form_2018_a.pdf
Gellert, G. A., Ramirez, R., & Webster, S. L. (2015). The rise of the medical scribe industry:
implications for the advancement of electronic health records. Jama, 313(13), 1315-1316.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 40
Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to Information Security—Public
Health Implications. New England Journal of Medicine, 377(8), 707-709.
Hammond, W. E., Jaffe, C., Cimino, J. J., & Huff, S. M. (2014). Standards in biomedical
informatics. In Biomedical informatics (pp. 211-253). Springer, London.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
systems, 47, 98-115.
Heath, J. (2014). Contemporary privacy theory contributions to learning analytics. Journal of
Learning Analytics, 1(1), 140-149.
Henry, J., Pylypchuk, Y., Searcy, T., & Patel, V. (2016). Adoption of electronic health record
systems among US non-federal acute care hospitals: 2008-2015. ONC Data Brief, 35, 1-
9.
Hingle, S. (2016). Electronic health records: an unfulfilled promise and a call to action. Annals
of internal medicine, 165(11), 818-819.
Hiremath, S., Yang, G., & Mankodiya, K. (2014, November). Wearable Internet of Things:
Concept, architectural components and promises for person-centered healthcare.
In Wireless Mobile Communication and Healthcare (Mobihealth), 2014 EAI 4th
International Conference on (pp. 304-307). IEEE.
Hodgson, T., & Coiera, E. (2015). Risks and benefits of speech recognition for clinical
documentation: a systematic review. Journal of the american medical informatics
association, 23(e1), e169-e179.
Hubaux, J. P., & Juels, A. (2016). Privacy is dead, long live privacy. Communications of the
ACM, 59(6), 39-41.
Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to Information Security—Public
Health Implications. New England Journal of Medicine, 377(8), 707-709.
Hammond, W. E., Jaffe, C., Cimino, J. J., & Huff, S. M. (2014). Standards in biomedical
informatics. In Biomedical informatics (pp. 211-253). Springer, London.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
systems, 47, 98-115.
Heath, J. (2014). Contemporary privacy theory contributions to learning analytics. Journal of
Learning Analytics, 1(1), 140-149.
Henry, J., Pylypchuk, Y., Searcy, T., & Patel, V. (2016). Adoption of electronic health record
systems among US non-federal acute care hospitals: 2008-2015. ONC Data Brief, 35, 1-
9.
Hingle, S. (2016). Electronic health records: an unfulfilled promise and a call to action. Annals
of internal medicine, 165(11), 818-819.
Hiremath, S., Yang, G., & Mankodiya, K. (2014, November). Wearable Internet of Things:
Concept, architectural components and promises for person-centered healthcare.
In Wireless Mobile Communication and Healthcare (Mobihealth), 2014 EAI 4th
International Conference on (pp. 304-307). IEEE.
Hodgson, T., & Coiera, E. (2015). Risks and benefits of speech recognition for clinical
documentation: a systematic review. Journal of the american medical informatics
association, 23(e1), e169-e179.
Hubaux, J. P., & Juels, A. (2016). Privacy is dead, long live privacy. Communications of the
ACM, 59(6), 39-41.
HEALTHCARE DATA SECURITY 41
Ivanović, M., & Budimac, Z. (2014). An overview of ontologies and data resources in medical
domains. Expert Systems with Applications, 41(11), 5158-5166.
Jacucci, G., Spagnolli, A., Freeman, J., & Gamberini, L. (2014, October). Symbiotic interaction:
a critical definition and comparison to other human-computer paradigms.
In International Workshop on Symbiotic Interaction (pp. 3-20). Springer, Cham.
Kamoun, F., & Nicho, M. (2014). Human and organizational factors of healthcare data breaches:
The swiss cheese model of data breach causation and prevention. International Journal
of Healthcare Information Systems and Informatics (IJHISI), 9(1), 42-60.
Kassell, L. (2014). Casebooks in Early Modern England:: Medicine, Astrology, and Written
Records. Bulletin of the History of Medicine, 88(4), 595.
Keith, M. J., Thompson, S. C., Hale, J., Lowry, P. B., & Greer, C. (2013). Information disclosure
on mobile devices: Re-examining privacy calculus with actual user
behavior. International journal of human-computer studies, 71(12), 1163-1173.
Khan, F. A., Ali, A., Abbas, H., & Haldar, N. A. H. (2014). A cloud-based healthcare framework
for security and patients’ data privacy using wireless body area networks. Procedia
Computer Science, 34, 511-517.
Kocabaş, Ö., & Soyata, T. (2014). Medical data analytics in the cloud using homomorphic
encryption. In Handbook of Research on Cloud Infrastructures for Big Data
Analytics(pp. 471-488). IGI Global.
Kvedar, J., Coye, M. J., & Everett, W. (2014). Connected health: a review of technologies and
strategies to improve patient care with telemedicine and telehealth. Health Affairs, 33(2),
194-199.
Ivanović, M., & Budimac, Z. (2014). An overview of ontologies and data resources in medical
domains. Expert Systems with Applications, 41(11), 5158-5166.
Jacucci, G., Spagnolli, A., Freeman, J., & Gamberini, L. (2014, October). Symbiotic interaction:
a critical definition and comparison to other human-computer paradigms.
In International Workshop on Symbiotic Interaction (pp. 3-20). Springer, Cham.
Kamoun, F., & Nicho, M. (2014). Human and organizational factors of healthcare data breaches:
The swiss cheese model of data breach causation and prevention. International Journal
of Healthcare Information Systems and Informatics (IJHISI), 9(1), 42-60.
Kassell, L. (2014). Casebooks in Early Modern England:: Medicine, Astrology, and Written
Records. Bulletin of the History of Medicine, 88(4), 595.
Keith, M. J., Thompson, S. C., Hale, J., Lowry, P. B., & Greer, C. (2013). Information disclosure
on mobile devices: Re-examining privacy calculus with actual user
behavior. International journal of human-computer studies, 71(12), 1163-1173.
Khan, F. A., Ali, A., Abbas, H., & Haldar, N. A. H. (2014). A cloud-based healthcare framework
for security and patients’ data privacy using wireless body area networks. Procedia
Computer Science, 34, 511-517.
Kocabaş, Ö., & Soyata, T. (2014). Medical data analytics in the cloud using homomorphic
encryption. In Handbook of Research on Cloud Infrastructures for Big Data
Analytics(pp. 471-488). IGI Global.
Kvedar, J., Coye, M. J., & Everett, W. (2014). Connected health: a review of technologies and
strategies to improve patient care with telemedicine and telehealth. Health Affairs, 33(2),
194-199.
HEALTHCARE DATA SECURITY 42
Latif, R., Abbas, H., & Assar, S. (2014). Distributed denial of service (DDoS) attack in cloud-
assisted wireless body area networks: a systematic literature review. Journal of medical
systems, 38(11), 128.
Li, C. T., Lee, C. C., & Weng, C. Y. (2016). A secure cloud-assisted wireless body area network
in mobile emergency medical care system. Journal of medical systems, 40(5), 117.
Li, S., Pham, H. T., Karunarathne, M. S., Lee, Y. S., Ekanayake, S. W., & Pathirana, P. N.
(2015). A mobile cloud computing framework integrating multilevel encoding for
performance monitoring in telerehabilitation. Mathematical Problems in
Engineering, 2015.
Li, Y. (2012). Theories in online information privacy research: A critical review and an
integrated framework. Decision Support Systems, 54(1), 471-481.
Lian, J. W., Yen, D. C., & Wang, Y. T. (2014). An exploratory study to understand the critical
factors affecting the decision to adopt cloud computing in Taiwan hospital. International
Journal of Information Management, 34(1), 28-36.
Liu, J., Huang, X., & Liu, J. K. (2015). Secure sharing of personal health records in cloud
computing: ciphertext-policy attribute-based signcryption. Future Generation Computer
Systems, 52, 67-76.
Liu, V., Musen, M. A., & Chou, T. (2015). Data breaches of protected health information in the
United States. Jama, 313(14), 1471-1473.
Masood, I., Wang, Y., Daud, A., Aljohani, N. R., & Dawood, H. (2018). Towards Smart
Healthcare: Patient Data Privacy and Security in Sensor-Cloud Infrastructure. Wireless
Communications and Mobile Computing, 2018.
Latif, R., Abbas, H., & Assar, S. (2014). Distributed denial of service (DDoS) attack in cloud-
assisted wireless body area networks: a systematic literature review. Journal of medical
systems, 38(11), 128.
Li, C. T., Lee, C. C., & Weng, C. Y. (2016). A secure cloud-assisted wireless body area network
in mobile emergency medical care system. Journal of medical systems, 40(5), 117.
Li, S., Pham, H. T., Karunarathne, M. S., Lee, Y. S., Ekanayake, S. W., & Pathirana, P. N.
(2015). A mobile cloud computing framework integrating multilevel encoding for
performance monitoring in telerehabilitation. Mathematical Problems in
Engineering, 2015.
Li, Y. (2012). Theories in online information privacy research: A critical review and an
integrated framework. Decision Support Systems, 54(1), 471-481.
Lian, J. W., Yen, D. C., & Wang, Y. T. (2014). An exploratory study to understand the critical
factors affecting the decision to adopt cloud computing in Taiwan hospital. International
Journal of Information Management, 34(1), 28-36.
Liu, J., Huang, X., & Liu, J. K. (2015). Secure sharing of personal health records in cloud
computing: ciphertext-policy attribute-based signcryption. Future Generation Computer
Systems, 52, 67-76.
Liu, V., Musen, M. A., & Chou, T. (2015). Data breaches of protected health information in the
United States. Jama, 313(14), 1471-1473.
Masood, I., Wang, Y., Daud, A., Aljohani, N. R., & Dawood, H. (2018). Towards Smart
Healthcare: Patient Data Privacy and Security in Sensor-Cloud Infrastructure. Wireless
Communications and Mobile Computing, 2018.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
HEALTHCARE DATA SECURITY 43
McWilliams, J. M., Hatfield, L. A., Chernew, M. E., Landon, B. E., & Schwartz, A. L. (2016).
Early performance of accountable care organizations in Medicare. New England Journal
of Medicine, 374(24), 2357-2366.
Meltz, E. A. (2014). No Harm, No Foul: Attempted Invasion of Privacy and the Tort of Intrusion
upon Seclusion. Fordham L. Rev., 83, 3431.
Neame, R. L. (2014). Privacy protection in personal health information and shared care
records. Journal of Innovation in Health Informatics, 21(2), 84-91.
Nepal, S., Ranjan, R., & Choo, K. K. R. (2015). Trustworthy processing of healthcare big data in
hybrid clouds. IEEE Cloud Computing, 2(2), 78-84.
Norris, C., & Moran, J. (2016). Surveillance, closed circuit television and social control.
Routledge.
Parent, W. A. (2017). Privacy, morality, and the law. In Privacy (pp. 105-124). Routledge.
Parijat, P., & Bagga, S. (2014). Victor Vroom’s expectancy theory of motivation–An
evaluation. International Research Journal of Business and Management, 7(9), 1-8.
Parker, R. B. (2017). A definition of privacy. In Privacy (pp. 83-104). Routledge.
Patil, H. K., & Seshadri, R. (2014, June). Big data security and privacy issues in healthcare.
In Big Data (BigData Congress), 2014 IEEE International Congress on (pp. 762-765).
IEEE.
Peters, L., Sunderland, M., Andrews, G., Rapee, R. M., & Mattick, R. P. (2012). Development of
a short form Social Interaction Anxiety (SIAS) and Social Phobia Scale (SPS) using
nonparametric item response theory: The SIAS-6 and the SPS-6. Psychological
assessment, 24(1), 66.
McWilliams, J. M., Hatfield, L. A., Chernew, M. E., Landon, B. E., & Schwartz, A. L. (2016).
Early performance of accountable care organizations in Medicare. New England Journal
of Medicine, 374(24), 2357-2366.
Meltz, E. A. (2014). No Harm, No Foul: Attempted Invasion of Privacy and the Tort of Intrusion
upon Seclusion. Fordham L. Rev., 83, 3431.
Neame, R. L. (2014). Privacy protection in personal health information and shared care
records. Journal of Innovation in Health Informatics, 21(2), 84-91.
Nepal, S., Ranjan, R., & Choo, K. K. R. (2015). Trustworthy processing of healthcare big data in
hybrid clouds. IEEE Cloud Computing, 2(2), 78-84.
Norris, C., & Moran, J. (2016). Surveillance, closed circuit television and social control.
Routledge.
Parent, W. A. (2017). Privacy, morality, and the law. In Privacy (pp. 105-124). Routledge.
Parijat, P., & Bagga, S. (2014). Victor Vroom’s expectancy theory of motivation–An
evaluation. International Research Journal of Business and Management, 7(9), 1-8.
Parker, R. B. (2017). A definition of privacy. In Privacy (pp. 83-104). Routledge.
Patil, H. K., & Seshadri, R. (2014, June). Big data security and privacy issues in healthcare.
In Big Data (BigData Congress), 2014 IEEE International Congress on (pp. 762-765).
IEEE.
Peters, L., Sunderland, M., Andrews, G., Rapee, R. M., & Mattick, R. P. (2012). Development of
a short form Social Interaction Anxiety (SIAS) and Social Phobia Scale (SPS) using
nonparametric item response theory: The SIAS-6 and the SPS-6. Psychological
assessment, 24(1), 66.
HEALTHCARE DATA SECURITY 44
Post, R. C. (2017). Rereading Warren and Brandeis: Privacy, property, and appropriation.
In Privacy (pp. 125-158). Routledge.
Sahi, M. A., Abbas, H., Saleem, K., Yang, X., Derhab, A., Orgun, M. A., ... & Yaseen, A.
(2018). Privacy Preservation in e-Healthcare Environments: State of the Art and Future
Directions. Ieee Access, 6, 464-478.
Sajid, A., & Abbas, H. (2016). Data privacy in cloud-assisted healthcare systems: state of the art
and future challenges. Journal of medical systems, 40(6), 155.
Schouten, P. (2013). The materiality of state failure: Social contract theory, infrastructure and
governmental power in Congo. Millennium, 41(3), 553-574.
Shaw, F. E., Asomugha, C. N., Conway, P. H., & Rein, A. S. (2014). The Patient Protection and
Affordable Care Act: opportunities for prevention and public health. The
Lancet, 384(9937), 75-82.
Sheikh, A., Sood, H. S., & Bates, D. W. (2015). Leveraging health information technology to
achieve the “triple aim” of healthcare reform. Journal of the American Medical
Informatics Association, 22(4), 849-856.
Singh, H., & Sittig, D. F. (2016). Measuring and improving patient safety through health
information technology: The Health IT Safety Framework. BMJ Qual Saf, 25(4), 226-
232.
Singh, S., Jeong, Y. S., & Park, J. H. (2016). A survey on cloud computing security: Issues,
threats, and solutions. Journal of Network and Computer Applications, 75, 200-222.
Smith, S. H., Whitehead III, G. I., Melo, A., Correa, A., & Inch, M. (2014). Self-Presentational
Strategies of Modern and Traditional US Presidents in State of the Union and Inaugural
Addresses. North American Journal of Psychology, 16(1).
Post, R. C. (2017). Rereading Warren and Brandeis: Privacy, property, and appropriation.
In Privacy (pp. 125-158). Routledge.
Sahi, M. A., Abbas, H., Saleem, K., Yang, X., Derhab, A., Orgun, M. A., ... & Yaseen, A.
(2018). Privacy Preservation in e-Healthcare Environments: State of the Art and Future
Directions. Ieee Access, 6, 464-478.
Sajid, A., & Abbas, H. (2016). Data privacy in cloud-assisted healthcare systems: state of the art
and future challenges. Journal of medical systems, 40(6), 155.
Schouten, P. (2013). The materiality of state failure: Social contract theory, infrastructure and
governmental power in Congo. Millennium, 41(3), 553-574.
Shaw, F. E., Asomugha, C. N., Conway, P. H., & Rein, A. S. (2014). The Patient Protection and
Affordable Care Act: opportunities for prevention and public health. The
Lancet, 384(9937), 75-82.
Sheikh, A., Sood, H. S., & Bates, D. W. (2015). Leveraging health information technology to
achieve the “triple aim” of healthcare reform. Journal of the American Medical
Informatics Association, 22(4), 849-856.
Singh, H., & Sittig, D. F. (2016). Measuring and improving patient safety through health
information technology: The Health IT Safety Framework. BMJ Qual Saf, 25(4), 226-
232.
Singh, S., Jeong, Y. S., & Park, J. H. (2016). A survey on cloud computing security: Issues,
threats, and solutions. Journal of Network and Computer Applications, 75, 200-222.
Smith, S. H., Whitehead III, G. I., Melo, A., Correa, A., & Inch, M. (2014). Self-Presentational
Strategies of Modern and Traditional US Presidents in State of the Union and Inaugural
Addresses. North American Journal of Psychology, 16(1).
HEALTHCARE DATA SECURITY 45
Solove, D. J., & Schwartz, P. (2014). Information privacy law. Wolters Kluwer Law & Business.
Subotin, M., & Davis, A. (2014). A system for predicting ICD-10-PCS codes from electronic
health records. Proceedings of BioNLP 2014, 59-67.
Sultan, N. (2014). Making use of cloud computing for healthcare provision: Opportunities and
challenges. International Journal of Information Management, 34(2), 177-184.
Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2014). A system for denial-of-service
attack detection based on multivariate correlation analysis. IEEE transactions on parallel
and distributed systems, 25(2), 447-456.
Tewari, A., & Verma, P. (2016). Security and privacy in E-healthcare monitoring with WBAN:
A critical review. International Journal of Computer Applications, 136(11).
Thota, C., Sundarasekar, R., Manogaran, G., Varatharajan, R., & Priyan, M. K. (2018).
Centralized fog computing security platform for IoT and cloud in healthcare system.
In Exploring the convergence of big data and the internet of things (pp. 141-154). IGI
Global.
Tsai, K. L., Leu, F. Y., Wu, T. H., Chiou, S. S., Liu, Y. W., & Liu, H. Y. (2014). A Secure ECC-
based Electronic Medical Record System. J. Internet Serv. Inf. Secur., 4(1), 47-57.
Tyagi, S., Agarwal, A., & Maheshwari, P. (2016, January). A conceptual framework for IoT-
based healthcare system using cloud computing. In Cloud System and Big Data
Engineering (Confluence), 2016 6th International Conference (pp. 503-507). IEEE.
ul Amin, R., Inayat, I., Shahzad, B., Saleem, K., & Aijun, L. (2017). An empirical study on
acceptance of secure healthcare service in Malaysia, Pakistan, and Saudi Arabia: a mobile
cloud computing perspective. Annals of Telecommunications, 72(5-6), 253-264.
Solove, D. J., & Schwartz, P. (2014). Information privacy law. Wolters Kluwer Law & Business.
Subotin, M., & Davis, A. (2014). A system for predicting ICD-10-PCS codes from electronic
health records. Proceedings of BioNLP 2014, 59-67.
Sultan, N. (2014). Making use of cloud computing for healthcare provision: Opportunities and
challenges. International Journal of Information Management, 34(2), 177-184.
Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2014). A system for denial-of-service
attack detection based on multivariate correlation analysis. IEEE transactions on parallel
and distributed systems, 25(2), 447-456.
Tewari, A., & Verma, P. (2016). Security and privacy in E-healthcare monitoring with WBAN:
A critical review. International Journal of Computer Applications, 136(11).
Thota, C., Sundarasekar, R., Manogaran, G., Varatharajan, R., & Priyan, M. K. (2018).
Centralized fog computing security platform for IoT and cloud in healthcare system.
In Exploring the convergence of big data and the internet of things (pp. 141-154). IGI
Global.
Tsai, K. L., Leu, F. Y., Wu, T. H., Chiou, S. S., Liu, Y. W., & Liu, H. Y. (2014). A Secure ECC-
based Electronic Medical Record System. J. Internet Serv. Inf. Secur., 4(1), 47-57.
Tyagi, S., Agarwal, A., & Maheshwari, P. (2016, January). A conceptual framework for IoT-
based healthcare system using cloud computing. In Cloud System and Big Data
Engineering (Confluence), 2016 6th International Conference (pp. 503-507). IEEE.
ul Amin, R., Inayat, I., Shahzad, B., Saleem, K., & Aijun, L. (2017). An empirical study on
acceptance of secure healthcare service in Malaysia, Pakistan, and Saudi Arabia: a mobile
cloud computing perspective. Annals of Telecommunications, 72(5-6), 253-264.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
HEALTHCARE DATA SECURITY 46
Valdez, R. S., Holden, R. J., Novak, L. L., & Veinot, T. C. (2014). Transforming consumer
health informatics through a patient work framework: connecting patients to
context. Journal of the American Medical Informatics Association, 22(1), 2-10.
van Dijke, M., De Cremer, D., Mayer, D. M., & Van Quaquebeke, N. (2012). When does
procedural fairness promote organizational citizenship behavior? Integrating empowering
leadership types in relational justice models. Organizational Behavior and Human
Decision Processes, 117(2), 235-248.
Vest, J. R., Kern, L. M., Campion Jr, T. R., Silver, M. D., & Kaushal, R. (2014). Association
between use of a health information exchange system and hospital admissions. Applied
clinical informatics, 5(01), 219-231.
Wager, K. A., Lee, F. W., & Glaser, J. P. (2017). Health care information systems: a practical
approach for health care management. John Wiley & Sons.
Walker, J., Darer, J. D., Elmore, J. G., & Delbanco, T. (2014). The road toward fully transparent
medical records. New England Journal of Medicine, 370(1), 6-8.
Wang, D., Wang, N., Wang, P., & Qing, S. (2015). Preserving privacy for free: efficient and
provably secure two-factor authentication scheme with user anonymity. Information
Sciences, 321, 162-178.
Warren, S., & Brandeis, L. (2013). The right to privacy. Law of the USA/Pravo SSA.
Wiseman, R. M., Cuevas‐Rodríguez, G., & Gomez‐Mejia, L. R. (2012). Towards a social theory
of agency. Journal of Management Studies, 49(1), 202-222.
Youssef, A. E. (2014). A framework for secure healthcare systems based on big data analytics in
mobile cloud computing environments. Int J Ambient Syst Appl, 2(2), 1-11.
Valdez, R. S., Holden, R. J., Novak, L. L., & Veinot, T. C. (2014). Transforming consumer
health informatics through a patient work framework: connecting patients to
context. Journal of the American Medical Informatics Association, 22(1), 2-10.
van Dijke, M., De Cremer, D., Mayer, D. M., & Van Quaquebeke, N. (2012). When does
procedural fairness promote organizational citizenship behavior? Integrating empowering
leadership types in relational justice models. Organizational Behavior and Human
Decision Processes, 117(2), 235-248.
Vest, J. R., Kern, L. M., Campion Jr, T. R., Silver, M. D., & Kaushal, R. (2014). Association
between use of a health information exchange system and hospital admissions. Applied
clinical informatics, 5(01), 219-231.
Wager, K. A., Lee, F. W., & Glaser, J. P. (2017). Health care information systems: a practical
approach for health care management. John Wiley & Sons.
Walker, J., Darer, J. D., Elmore, J. G., & Delbanco, T. (2014). The road toward fully transparent
medical records. New England Journal of Medicine, 370(1), 6-8.
Wang, D., Wang, N., Wang, P., & Qing, S. (2015). Preserving privacy for free: efficient and
provably secure two-factor authentication scheme with user anonymity. Information
Sciences, 321, 162-178.
Warren, S., & Brandeis, L. (2013). The right to privacy. Law of the USA/Pravo SSA.
Wiseman, R. M., Cuevas‐Rodríguez, G., & Gomez‐Mejia, L. R. (2012). Towards a social theory
of agency. Journal of Management Studies, 49(1), 202-222.
Youssef, A. E. (2014). A framework for secure healthcare systems based on big data analytics in
mobile cloud computing environments. Int J Ambient Syst Appl, 2(2), 1-11.
HEALTHCARE DATA SECURITY 47
Zhang, J., Xue, N., & Huang, X. (2016). A secure system for pervasive social network-based
healthcare. IEEE Access, 4, 9239-9250.
Zhang, Y., Qiu, M., Tsai, C. W., Hassan, M. M., & Alamri, A. (2017). Health-CPS: Healthcare
cyber-physical system assisted by cloud and big data. IEEE Systems Journal, 11(1), 88-
95.
Zhang, J., Xue, N., & Huang, X. (2016). A secure system for pervasive social network-based
healthcare. IEEE Access, 4, 9239-9250.
Zhang, Y., Qiu, M., Tsai, C. W., Hassan, M. M., & Alamri, A. (2017). Health-CPS: Healthcare
cyber-physical system assisted by cloud and big data. IEEE Systems Journal, 11(1), 88-
95.
1 out of 48
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.