Report on Ethical Issues of Health Information Security and Privacy

Verified

Added on 2022/11/25

AI Summary

This report delves into the ethical issues surrounding the security and privacy of health information, focusing on the challenges of digitizing patient records and the vulnerabilities introduced by third-party storage. It highlights the need for robust security frameworks, including improved encryption methods, digital signatures, and pseudo-identity patient systems to ensure data confidentiality, availability, and integrity. The report reviews existing literature on cloud security, attribute-based encryption, and access control methods, proposing a new framework for the e-health domain. It discusses the impact of the Internet of Things (IoT) on healthcare, the importance of patient access control, and the implications of regulations like GDPR. Furthermore, the report emphasizes the significance of privacy by design, the need for monitoring and preventing data leakage, and the role of mobile health networks (MHN) in safeguarding sensitive health data. The study underscores the necessity of balancing security requirements with performance and the importance of dynamic access management for user attributes. The report also discusses the importance of QoP (Quality of Protection) in mobile health networks and the need for secure data aggregation methods to protect both data and identity privacy. The aim is to contribute a method for addressing the identified ethical issue(s) in the specific context of a chosen particular Information Technology (IT) or Software Engineering (SE) method or technique targeted for the Health domain, which will be useful as a guideline to the Health IT, Health Informatics or Software Engineering in Healthcare (SEHC) communities.

ETHICAL ISSUES OF SECURITY AND PRIVACY OF HEALTH
INFORMATION
XXX-X-XXXX-XXXX-X/XX/$XX.00 ©20XX IEEE

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Abstract— The following report on privacy of health
information deals with recording patient health which is a
growing model. It is generally outsourced for storage to third
party users. It mainly aims to address the issues in privacy like
hiding some of important data related to health of different
patient which can be accessed easily accessed by any user who
is have. The report aims to provide a new framework in the
domain of health which has been provided. In the provided
structure, all personal data of patient and proper access
control method with an improved method of encryption that is
being used. Both security and privacy of information on
personal health has been taken into consideration by making
use of digital signature along with the pseudo-identity patient.
The paper aims to highlight a better security model which is
needed for better authentication and functional authorization.
It aims to provide new technique which can be used for
providing better output in the e-health care system.
Keywords—e-health framework, security and privacy,
METEOR framework.
I. INTRODUCTION
Digital patient records, records on electronic platform,
managing risk, tool for security and big data requires certain
aspects which are required for enhanced data security. All
the information related to health are completely linked and
managed by some authorized person only. Proper protection
of information is not considered to be an easy job (Puppala et
al., 2016). Most of the healthcare organization are looking
for security issues and vulnerabilities by implementing
digitization of patient record system. Use of the outdated and
clinical application is not considered to be intended for safe
work in the present environment of organization. The main
focus of health care system is all about providing best kind of
health services for any people at instances. Privacy is found
to be as one of major aspect which has many sub-factors like
confidentiality. It is required for preventing any kind of
disclosure of sensitive information of patient. In the
healthcare domain, security of data plays a key role which is
needed for maintaining process access rights to data
(O’Connor, Rowan, Lynch, & Heavin, 2017). Providing
proper security in healthcare is all about maintaining
confidentiality and privacy of patient. This particular step
will help in preventing various kinds of threats related to
theft of patient data. The main notion of health information
system is all about meeting three information fundamental
goals like confidentiality, availability and integrity. It will
merely help in achieving overall security in the healthcare
domain.
In the coming pages of report, an investigation has been
done with respect to ethical issues with respect to security
and proper privacy of information related to healthcare. After
that a literature review has been provided on research
problem which helps in establishing a proper background. A
suitable method has been proposed which is required for
managing different kind of ethical issues in information
system.
II. LITERATURE REVIEW
According to Sankar and Parker (2017), cloud system is
found to be problematic considering the security. The
suggested framework has been designed so that there can be
improved way for sharing electronic. For this, a proper
model has been developed so that it can provide better
growth and integration. There has been large scale
deployment for different kind of e-health services. Cloud
computing based on attribute is mainly needed for storing
and sharing some of the personal health details. For having
this scalability, attribute based encryption is being used in
proper pattern. By using hierarchical identity based
encryption method and CP-ABE is required for achieving
proper control of access in cloud domain. In addition, the
author has proposed a secure patient centric access control
method that helps in permitting data requester. It aims to
provide various kind of access benefit which is completely
based on roles. The author has proposed a proper scheme
which is based on smart card for e-health system. It is based
on proper authentication scheme Ayday, De Cristofaro,
Hubaux, and Tsudik (2015). There is also a layer for the
proposed model in security and privacy for each of the
provided reference layer. It aims to provide proper security
and privacy for achieving proper flexibility and
performance. Vayena, Haeusermann, Adjekum, and
Blasimme (2018), has come up with a security model which
pseudorandom function for preserving privacy for multi-
authority CP-ABE scheme. The model aims to provide
support for proper access control. AboBakr and Azer (2017)
has stated that IoT is being widely used in the domain of
healthcare which results in lack of consequences and its
definition. There is a common denominator for defining IoT
which highlights the use of internet for establishing
interaction with different objects. Introduction of IoT is
from the perspective of health which has brought numerous
benefits in the domain of medical control and equipment’s.
As stated by Hollis et al. (2015), the bad impact of issues
related to secuity is seen in the healthcare system for
complete storage of data and system considering the
environment. It becomes very much hard to have the
provided much secure which ensures its availability in given
time. There has been significant number of development in
the domain of healthcare services. While the major concern
is all about integration of vital medical data which is still
taken into account. It has been seen that cloud storage is
very much vulnerable for storing huge amount of patient
health information. It is due to the fact that most of
information stays outside. Privacy of patient details is found
to be a vital aspect for complete access control in the
domain of cloud storage. This is found to be a fear of e-
health care in the system which requires the support of
human nature. Considering the security of HIT, issues with
respect to lack of patient access control is found. The
privacy of patient is found to be challenging with respect to
security of HIT in all the stages of communication. The
present system cannot have patient privacy along with the
resident for collision and its efficiency. It is the main issue
which makes the security of HIT much unsecured. In the
year 2018, general data protection regulation has come into
picture which effect the present data control and processors
Donahue and Rahman (2015). It merely emphasizes on
security, transparency and accountability considering the
standardization and strength of rights European Citizen.
Both data controllers and processor needs to have privacy
by design. It is a well-known concept for privacy which is
not new one. It merely acquires much more attention with
respect to practice and in academic for the forthcoming
GDPR. Privacy by design aims to promote and demand for
new controller and many processor are actively addressing
the privacy implication.

As per Benton, Coppersmith, and Dredze (2017),
security in healthcare aims to improve the health quality
followed by reduction of cost associated with healthcare.
The author has come up with proposal for a framework
which give security to health care domain. It aims to address
complete privacy in the healthcare system. Complete
security of information technology in the healthcare helps in
addressing the personal health information at the cloud
platform. It is helpful in mitigating the overall involved risk.
There is need for managing firewall and some of the other
important network-based resources. This ultimately helps in
blocking any access which is unauthorized that helps in
providing positive effect for health information system.
Also, it aims in proper monitoring from leakage in data and
proper dealing of some security incidents Gray and Thorpe
(2015). This ultimately helps in having positive impact for
the health information system. The author merely focus on
securing healthcare for any kind of attack by an
unauthorized user. In addition, it aims in securing the
healthcare from any kind of attack by an unauthorized user.
It also aims in analyzing any threat and vulnerabilities in the
domain of healthcare. Data comes up with certain
information like integrity and confidentiality which is
completely persevered for the health information technology
(HIT). Introduction of Internet of things from the
perspective of health has brought huge number of
advantages in the domain of medical aspects and proper
medical control. One of the method which can be used for
safeguarding personal data is analyzing the data
transmission in overhead which is increasing at an
exponential rate. It mainly results in increasingly large
number of health sensitive data from different devices
Berman and Cerf (2017). User aims to upload the different
parameter record for health data centre which is achieved
through social spots that is deployed in the community by
making use of short-range communication technique.
According to Salerno, Knoppers, Lee, Hlaing, and
Goodman (2017), the main reason for user experience and
security is all about understanding the service requirement
where QoP (Quality of protection) is found to be a vital
security aspect for various level of security protection for
users along with diversification in demand. Mobile health
network in QoP can easily have privileges which are shared
by authentication for assuring integrity and confidentiality
by making use of cryptographic techniques. Privacy is
defined as a critical issue in mobile health network can be
defined as sensitive health data that requires collection,
processing, transmission and sharing of provided
information. Without the use of appropriate privacy
protection, most of user are not willing to expose the
provided data to list of persons. It merely aims to hindering
the method and sharing its user experience (Meyer, 2018).
Various general privacy threats in the domain of healthcare
system like privacy and leakage of information at the time
of transmission and understanding privacy. General privacy
threats in the domain of healthcare like identity of privacy
and leakage at the instance of transmission. In addition, it
focus on analyzing location of privacy which is
investigation. Privacy protection is being applied to various
sensor and smartphones, which is required for protecting
against disclosure of sensitive data. There is a need for
investigating the security services for different levels which
is needed for providing balance in between the security
requirements and analysis of performance. Multihop relay is
generally adopted for aggregation of data along with
tolerable delay. Various kind of health data and transmission
delay needs to be much different (Masrom & Rahimly,
2015). In addition, there is privacy protection at the time of
data transmission which is required for mobile health data.
Privacy depended privacy data aggregation method is
mainly proposed for mobile health data which helps in
aggregation different kind of health data in the delay
requirements. On contrary, it helps in protecting both data
and identity privacy at the time of transmission.
As stated by van Staa, Goldacre, Buchan, and Smeeth
(2016), in mobile health network (MHN) is required for
achieving highest level of data and its user profile where
privacy protection needs to be robust and strong. It should
be enough for preventing potential attacks and any kind of
leakage that increases the overall computational overheads.
There is need for QoP which requires to be used in MHN
for analyzing privacy protection at different stages. MHN
takes up full benefit of powerful storage and its
computational capabilities which is outsourced to cloud
servers and security. It is very much associated with the
cloud server which is not trusted and raised in MHN. Policy
for accessing health details needs to be defined clearly and
take into account for authenticating user identity for access
control. The patient daily data of health is completely stored
on cloud server which is accessed by doctor (Fhom, 2015).
The stored data needs to be completely protected from any
access by any insurance organization. The general access
security policy is also examined for ensuring the access with
respect to user attributes. Considering MHN, there is need
for dynamic access management which is needed for
analyzing the issues of user attributes. The overheads for
various access level needs to be balanced for releasing the
computation of burden for users. User aims to select various
forwarding techniques which does not forward data in the
given time delay but also aims to forward within the
provided delay. It aims to consume the different network
resources which is required for reducing delay. Doctor can
request for important health data from patient in case of
emergency which is required for continuous monitoring.
Regular health data is not taken into account for emergency
use so there is delay of requirement (Wachter, 2018). Both
kind of data that is vital and regular is labelled for small and
big data.
According to Kaplan (2016), MHN are vulnerable to
different kind of attacks along with misbehavior from
different mobile users that can damage the disruption the
overall effectiveness of this MHN. It merely aims in
degrading the overall level of performance. Considering the
health related social application like fitness and social
gaming where attackers can forge the social attributes for
snatching each legitimating health information of user. This
ultimately leads to pushing spam recommendation and
violation of user privacy. In addition, the attacker can even
misbehave where the network protocol is launching denial
of service attack (Haluza, Naszay, Stockinger, & Jungwirth,
2016). It aims in assuming a large portion of network-based
resource. Some of the misbehaviour scheme for detection
can even resist some of the individual attacks. This is found
to be bit challenging for adjusting with the security
protection for any powerful attack. Overall cost of
misbehaviour detection can be increased as a result of
attacking capabilities from these kind of attack. Processing
and analysis of healthcare data is considered to be important

for healthcare management for analyzing health condition. It
is very much important for confining the health data for
getting process access in the server. In addition, its focus on
preventing raw data disclosure at the time of processing the
procedure. In general, a normal tree is being adopted for
describing the security architecture attributes. The different
aspects of security system are generally identified like node
of tree (Thota, Sundarasekar, Manogaran, Varatharajan, &
Priyan, 2018). Either by expansion or shrinking of tree, the
system attributes can be easily permitted for model-based
QoP. So, it can be stated that QoP as the extension for the
current QoS model for protecting security. Authentication
can be defined as the very first stage for most of the legal
user. It is mainly seen from the outside for getting access to
data. The raw data is completely encrypted and stored
securely on cloud server so only authorised user can decrypt
it. After that, authorized user can have easy access to the
raw data.
As stated by Kramer, Kinn, and Mishkind (2015), the
provided data is made visible for getting access which is
required for decrypting the keys. It can even resist the cloud
server for providing efforts for processing of data. It merely
aims in hindering the cloud server for data processing which
reduces the flourishing of MHN. For getting the fine-
grained access control, there is evolution of attributed based
encryption that aims in improving the overall flexibility for
data access. User comes up with collection of attributes
which is associated with some secret keys. The ciphertexts
are generally labelled with proper access policy (Laplante &
Laplante, 2016). Only authorized user along with special
attributes aims to satisfy the access policy for decryption of
raw data. Considering processing of health data, the
operation of cloud server aims to impose huge number of
challenges as data is being encrypted without any kind of
access authorization. It merely comes into picture as a result
of untrusted cloud server. Some of the improved
cryptographic schemes which has been adopted for some
specific operation. The current functional encryption aims to
achieve much similar kind of objective like data processing.
These kind of cryptographic scheme helps the cloud server
for carrying out some of basic computational operation for
the encrypted data. In addition, it focus on preserving the
data privacy which is required for developing current
approaches. The diverse operations for MHN are seen from
the perspective of QoP. MHN comes up with range of social
network application like sharing fitness experience,
exchange of health data. Some of the attacker may not find
useful to follow the network protocol and can misbehave for
degrading the MHN performance (Vezyridis & Timmons,
2017). The author highlights the Sybil attack which is
considered to be as one of serious threat for MHN. These
attacker can easily manipulate the number of identities for
cheat with each other.
According to Cunningham and Ainsworth (2018), data
on healthcare domain comprises of various personal and
sensitive information which is found to be attractive for
cyber-criminals. Most of the cybercriminals around the
globe look for financial benefits which results from theft of
data for selling it to third party. In addition, it can carry out
data analysis for identifying various individual which is
found to be uninsurable as a result of genetic disorder and
medical background. This particular kind of data is found to
be interesting for different industries and organization. The
overall security of EMR ecosystem and related system is
found to be challenging at a result of complexity in between
system and related components. Both privacy and integrity
of data in healthcare domain requires to be protected from
any external attack. In addition, it also helps in preventing
unauthorized access from inside the network. The attacks
can be either of two type that is intentional and unintentional
where organization are penalized (Ajunwa, Crawford, &
Ford, 2016). The organization are held liable for incidents
like Health Insurance Act. There are many access control
models which are being used for regulating and limiting
access to data. It is completely depended on certain number
of access policies. This kind of model is found to be
effective for any kind of external attacks. But these are
found to be ineffective against any internal attacks like
unauthorized access to data. There are a range of approaches
for integrating access control with some cryptographic like
attributed encryption. In the recent times, there has been use
of blockchain technology for providing security to the
healthcare data management. Blockchain is a well-known
technology which is required for building open and
distributed online database. It comprises of data structure
which are completely linked with each other. The given
blocks are distributed in different nodes for the
infrastructure and not stored in central way. Each block
comprises of timestamp required for production of previous
block and patient healthcare data.
As per Hajli and Lin (2016), confidentiality in healthcare
referred to obligation of different professionals that have an
easy access to different patient records. Health information
is defined as the most vital information which is completely
associated with an individual. Most of the policies,
guidelines and requirement compliance is needed for
safeguarding some of the health information. Privacy and
security breach is considered to be major problem for
electronic healthcare system. The author has highlighted
problems and provided with security and privacy model
which is adopted by Methodist environment for translational
and outcomes research (METEOR). It merely comprises of
two parts that is enterprise data warehouse and software
intelligence. The model highlights the privacy of patient
which is protected by adoptation a mixture of technologies.
Some of best practices like technical de-identification for
data and restrictive access to data. In addition, there are
many security measures which results in technical
performance (Anwar, Joshi, & Tan, 2015). The main result
is the proposed security model that can compromise for
unauthorized data for patient health information. With the
development in data science and information technology.
The private data of patient tends to be growing for many of
the healthcare organization. This kind of technologies can
easily create critical issues related to privacy. If these
aspects are left unaddressed then it can become the biggest
barrier for expected opportunities. There are large number
of privacy and security framework that is already present.
There is need for analyzing the current process for using the
standard in the domain of healthcare.
According to Mittelstadt (2017), the author have
highlighted the research issue which supports NZ PA 1993
and HIPC 2004. Under the privacy Act of 1993 section 72A,
on receiving complaint on this part, it is the duty of
commissioners to consider all the complaint related to
jurisdiction for health and safety. Data analysts in most of
the healthcare organization are interested in proper
collection and analysis of new kind and source of leverage

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

data. It merely focus on mobile health sensor network and
social media which is seen for data of electronic health
record (Stiles & Boothroyd, 2015). There has been few
development with respect to policy making in raised privacy
issues. This is completely separated from the paper-based
medical record for the unique system which is found in
digital and integrated way. The provided developments have
resulted in a state where patient medical record is
encountered for privacy and security risk. This kind of threat
can be easily avoided for majority of security goals that is
confidentiality, availability and integrity. Proper security
and protecting personal data which is vital in healthcare
industry. In general, health data is considered to be most
sensitive information for all personal data. Confidentiality
helps in ensuring the fact that provided data is easily
available and reachable. Different kind of authentication
steps is being used for understanding user along with
restricting access to different resources. The mere focus is
all about understanding the overall objective of
confidentiality (Hunt et al., 2016). Integrity aims to
highlight the fact that data and information have not been
destroyed by an authorized user. One of the major aspect of
integrity is all assuring the fact that healthcare data is
completely protected from any security threats. Integrity
includes the idea of data and source integrity. On the
contrary, availability is all about ensuring that information
system is made easily accessible and available to most of the
authorised user. In case of failure of system or DoS attack, it
is the duty of clinics to stay informative. There is need for
developing security and privacy policies that requires to be
developed and coordinated accordingly. Considering
privacy and security issues for most of the technologies
which have been implemented in medical field.
III. MAIN CONTRIBUTION
The proposed framework is METEOR which comprises of
two aspect that is enterprise data warehouse and software
intelligence layer. It ultimately helps in providing help for
range of decision support system in clinics. The
fundamental need for protecting privacy and security, which
is applied to clinical decision support system and enterprise
data warehouse (Wahl, Cossy-Gantner, Germann, &
Schwalbe, 2018). The main task is stopping any kind of
unauthorized users for getting access to data. The related
information should not considered for data theft by most of
the hackers. The main task is all about record-keeping for
most of the action that is performed by user. All the data
should be easily accessible by user at the very right time.
For ensuring the authenticity and verification of data all the
privacy, confidentiality and related security policies for
creating development in project. It is mainly achieved by
using some of operating steps. The provided policies are
kind where the information is being completely used for this
support system for clinics (Righetti, Vallati, & Anastasi,
2018). There is need for considering the process of
information sharing and overall cost involved in
development of feasible system. It comes up minimum
amount of privacy and related security risks. All the
provided medical records are protected by the ownership of
controlled encryption that helps in securing the storage and
its transmission. Most of the security breaches in the
healthcare domain has resulted due to unauthorized access
to different application (Madakam & Date, 2016). It
generally ranges in between misusing of data and its
mishandling. There is need for carrying out risk assessment
for analyzing the major vulnerabilities for implementing the
system.
An overview has been provided with respect to security
aspect of METEOR data warehouse and related application.
METEOR application server is needed for analyzing the
HTTP connection which is provided for each of the
application and two method of SSL. This is required for
communicating in between two that is server and client.
Both the client and server aims to represent client and server
for certification required for proving its identity to some of
associated parties. Here the application server is placed just
inside the firewall where all application data is completely
stored in the application database (Haddara & Staaby,
2018). It is completely protected from any other firewall.
Considering the patient EMR, the database application is
required for collecting information from METEOR database
that is there in the third firewall.
There are large number of aspects which should be taken
into account for implementing METEOR framework like
data warehouse security and security for CDS. The
framework aims to provide end to end security. It has the
ability for providing a flexible multi-level security approach
for the security of data warehouse. The complete
environment of enterprise data warehouse completely ranges
in between data extraction in the different sources (Yang et
al., 2015). It focuses on distribution of data with the
analytical server which is distributed in between data and
end users. This particular layer is extended in between
different server and related software products for each
module. Data governance is the main layer which is the
backbone of the given architecture. It merely comprises of
three important aspects that highlights information in
between the firm. The first thing which should be taken into
account is data management that is required for managing
data completeness and data availability. The second thing is
data life cycle management which is the process of complete
management of business data in the lifecycle. It merely
includes maintaining of data warehouse followed by
delivering applications. The third aspect is management of
data security and privacy which has a platform for providing
enterprise based data activities (Peterson, Deeduvanu,
Kanjamala, & Boles, 2016). It is generally seen with respect
to data recovery, active monitoring and compliance
reporting. This merely focus on proper access management
and protecting in transit data. There is need for application
of certain standard and procedure required for sensitive
healthcare data. It can easily result in protecting the private
information and any kind of security breach.

Fig 1: Proposed Framework
IV. STRENGTH AND WEAKNESS FOR PROPOSED
FRAMEWORK
a) Integrated data warehouse is much simple required
for securing any data marts. It is centralized data warehouse
which is not expensive for managing. This aims to provide
the highest level of security. METEOR database resides in
the SQL server. It also aims to protect all the data stored in
the warehouse which is seen as a result of encryption in
database (Al Nuaimi, AlShamsi, Mohamed, & Al-Jaroodi,
2015). The present technology used in METEOR data
server, which is required for encrypting all the contents of
the database that is transparent data encryption. It aims to
protect all the data and file logs by making use of encryption
key. This is mainly stored in the database for recording all
the availability at the time of recovery. It comes up with
asymmetric key which is completely secured by making use
of this database. The main function of TDE is all about
encrypting the data before it is decrypted. It helps in
providing a much higher level of security in the provided
columns and tabular space which is required for proper
protection. Considering the security and controls, the web
based mobile security is required for HIPAA compliance
(Ballantyne & Schaefer, 2018). It is needed to be applied to
all the system for maintaining personal health information.
Data privacy and securities aspects are required for
providing policies and policies in certain domains like
authorization and authentication for managing password.
b) Data risk assessment aims in security audits for the
security architecture. It helps in determining all the threats,
risk and vulnerabilities. The function aims to create an audit
trial which is required for tracking the provided information.
The trials provide the details information with respect to
monitoring of system and its troubleshooting. In most of the
case, it is required for investigating attacks for this
application. METEOR database and application is analyzed
with respect to security and privacy (Taylor, Floridi, & Van
der Sloot, 2016). By making use of data governance
protocol in the provided architecture, METEOR framework
comes up with guidelines which is needed for data
availability. It helps in proper harnessing of data as per
analysis which stored finally. By making use of centralized
data warehouse, the very first principle is applied for patient
identifier which is listed by HIPAA. The main function of
transparent data encryption which is integrated for
preventing any kind of authorized access to this database
system. It merely focuses on reducing the overall cost for
management of user and their privacy (Porsdam Mann,
Savulescu, & Sahakian, 2016). The author has highlighted
that how large biomedical database helps in setting up query
for patient details without exposing their identities. The
main approach is all about de-identifying most of the patient
in this approach which prevents the direct attack.
V. ETHICAL, PROFESSIONALS AND TECHNICAL CHALLENGES
FOR PROPOSED FRAMEWORK
The main focus of this particular research is all about
securing the system in healthcare domain where the major
focus is given to information system of patient health. For
securing health care domain from any kind of attack by
unauthorized user, planning has been done to implement new
framework (Adejo & Connolly, 2017). The proposed
framework is METEOR which has two major components
that is enterprise data warehouse and software intelligence
analytics. This particular technique is helpful in having
complete access control by using METEOR system
sustainability. Also, the outside attack like DoS, man-in
middle can be easily managed by making use of this
framework.
Mobile health has advanced at a much slower rate in
comparing to developing in other domains. One of the major
aspect is all about understanding the problem related to
protection and security. It completely remains for the
ongoing concern for investigation of hospital administration
at the time of conducting studies. Security measure is
inclusive of authentication, encryption and risk assessment
along with system audit. Authentication aims to ensure that
all the collected information are with right individual. Only
the authorized people come up with access control for data
and required tools (Dinev, Albano, Xu, D’Atri, & Hart,
2016). METEOR framework comprises of two-factor
authentication that provides an overview for mobile
authentication techniques. The server aims to generate a
unique kind of 6-digit PIN number which is used by each
patient. There is care provider which is responsible for
distribution of PIN number to many patient required for
enrollment. In this, patient can make use of username and
password for sign-in. After this, the server aims to generate a
unique kind of access token for each of the user session. But
the patient needs to sign in if the access token has expired
anyhow (Schäfer et al., 2017). All the required
communication exists in between application and server
which is required for securing the connection..
VI. CONCLUSION
From the above pages it can be concluded that this is a
research report which focus on security of healthcare so that
improve health care quality. In addition, it also focus on
reducing the cost of healthcare. The main focus on research
is all about securing heath care from any kind of attack by
any unauthorized user. It also aims to identify different kind
of threat and vulnerabilities in the healthcare domain. It
merely aims to highlight the proper method and technique
which is equally in security health IT. In addition, it can even
reflect on any kind of threat related to cyber-security. In this
particular research, an analysis has been done on IT security
which is based on performance, privacy and security. The
suggested research aims in secured the health-care records in
a better way. It is achieved by using multi authority attribute
based encryption which is needed for providing security
patient data. It works with advanced encrypting standard and
analyzes that how contact at one point help in having
benefits in security of health information technology.
Healthcare is defined as a data sensitive domain which
comprises of large data number. In general, data is created
when the patient undergoes for any kind of test. Electronic
medical records comprises of both kind of data that is
medical and clinical which is in relation to patient. For
providing better management of EMR, health information
system comes up with capability for creating new EMR
instance that easily stored data..

VII. REFERENCES
AboBakr, A., & Azer, M. A. (2017). IoT ethics challenges
and legal issues. Paper presented at the 2017
12th International Conference on Computer
Engineering and Systems (ICCES).
Adejo, O., & Connolly, T. (2017). Learning analytics in a
shared-network educational environment: Ethical
issues and countermeasures. Learning, 8(4).
Ajunwa, I., Crawford, K., & Ford, J. S. (2016). Health and
big data: an ethical framework for health
information collection by corporate wellness
programs. The Journal of Law, Medicine &
Ethics, 44(3), 474-480.
Al Nuaimi, N., AlShamsi, A., Mohamed, N., & Al-
Jaroodi, J. (2015). e-Health cloud
implementation issues and efforts. Paper
presented at the 2015 International Conference
on Industrial Engineering and Operations
Management (IEOM).
Anwar, M., Joshi, J., & Tan, J. (2015). Anytime,
anywhere access to secure, privacy-aware
healthcare services: Issues, approaches and
challenges. Health Policy and Technology, 4(4),
299-311.
Ayday, E., De Cristofaro, E., Hubaux, J.-P., & Tsudik, G.
(2015). Whole genome sequencing:
Revolutionary medicine or privacy nightmare?
Computer, 48(2), 58-66.
Ballantyne, A., & Schaefer, G. O. (2018). Consent and the
ethical duty to participate in health data research.
Journal of medical ethics, 44(6), 392-396.
Benton, A., Coppersmith, G., & Dredze, M. (2017).
Ethical research protocols for social media
health research. Paper presented at the
Proceedings of the First ACL Workshop on
Ethics in Natural Language Processing.
Berman, F., & Cerf, V. G. (2017). Social and ethical
behavior in the internet of things.
Communications of the ACM, 60(2), 6-7.
Cunningham, J., & Ainsworth, J. (2018). Enabling patient
control of personal electronic health records
through distributed ledger technology. Stud
Health Technol Inform, 245, 45-48.
Dinev, T., Albano, V., Xu, H., D’Atri, A., & Hart, P.
(2016). Individuals’ attitudes towards electronic
health records: A privacy calculus perspective
Advances in healthcare informatics and analytics
(pp. 19-50): Springer.
Donahue, K., & Rahman, S. (2015). Healthcare IT: Is
your Information at Risk? arXiv preprint
arXiv:1512.01731.
Fhom, H. S. (2015). Big Data: Opportunities and privacy
challenges. arXiv preprint arXiv:1502.00823.
Gray, E. A., & Thorpe, J. H. (2015). Comparative
effectiveness research and big data: balancing
potential with legal and ethical considerations.
Journal of comparative effectiveness research,
4(1), 61-74.
Haddara, M., & Staaby, A. (2018). RFID applications and
adoptions in healthcare: a review on patient
safety. Procedia computer science, 138, 80-88.
Hajli, N., & Lin, X. (2016). Exploring the security of
information sharing on social networking sites:
The role of perceived control of information.
Journal of Business Ethics, 133(1), 111-123.
Haluza, D., Naszay, M., Stockinger, A., & Jungwirth, D.
(2016). Prevailing opinions on connected health
in Austria: results from an online survey.
International journal of environmental research
and public health, 13(8), 813.
Hollis, C., Morriss, R., Martin, J., Amani, S., Cotton, R.,
Denis, M., & Lewis, S. (2015). Technological
innovations in mental healthcare: harnessing the
digital revolution. The British Journal of
Psychiatry, 206(4), 263-265.
Hunt, M., Pringle, J., Christen, M., Eckenwiler, L.,
Schwartz, L., & Davé, A. (2016). Ethics of
emergent information and communication
technology applications in humanitarian medical
assistance. International health, 8(4), 239-245.
Kaplan, B. (2016). How Should Health Data Be Used?:
Privacy, Secondary Use, and Big Data Sales.
Cambridge Quarterly of Healthcare Ethics,
25(2), 312-329.
Kramer, G. M., Kinn, J. T., & Mishkind, M. C. (2015).
Legal, regulatory, and risk management issues in
the use of technology to deliver mental health
care. Cognitive and Behavioral Practice, 22(3),
258-268.
Laplante, P. A., & Laplante, N. (2016). The internet of
things in healthcare: Potential applications and
challenges. It Professional, 18(3), 2-4.
Madakam, S., & Date, H. (2016). Security mechanisms
for connectivity of smart devices in the internet
of things Connectivity Frameworks for Smart
Devices (pp. 23-41): Springer.
Masrom, M., & Rahimly, A. (2015). Overview of data
security issues in hospital information systems.
Pacific Asia Journal of the Association for
Information Systems, 7(4).
Meyer, M. N. (2018). Practical tips for ethical data
sharing. Advances in Methods and Practices in
Psychological Science, 1(1), 131-144.
Mittelstadt, B. (2017). Designing the health-related
internet of things: ethical principles and
guidelines. Information, 8(3), 77.
O’Connor, Y., Rowan, W., Lynch, L., & Heavin, C.
(2017). Privacy by design: informed consent and
internet of things for smart health. Procedia
computer science, 113, 653-658.
Peterson, K., Deeduvanu, R., Kanjamala, P., & Boles, K.
(2016). A blockchain-based approach to health
information exchange networks. Paper presented
at the Proc. NIST Workshop Blockchain
Healthcare.
Porsdam Mann, S., Savulescu, J., & Sahakian, B. J.
(2016). Facilitating the ethical use of health data

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

for the benefit of society: electronic health
records, consent and the duty of easy rescue.
Philosophical Transactions of the Royal Society
A: Mathematical, Physical and Engineering
Sciences, 374(2083), 20160130.
Puppala, M., He, T., Yu, X., Chen, S., Ogunti, R., &
Wong, S. T. (2016). Data security and privacy
management in healthcare applications and
clinical data warehouse environment. Paper
presented at the 2016 IEEE-EMBS International
Conference on Biomedical and Health
Informatics (BHI).
Righetti, F., Vallati, C., & Anastasi, G. (2018). IoT
Applications in Smart Cities: A Perspective Into
Social and Ethical Issues. Paper presented at the
2018 IEEE International Conference on Smart
Computing (SMARTCOMP).
Salerno, J., Knoppers, B. M., Lee, L. M., Hlaing, W. M.,
& Goodman, K. W. (2017). Ethics, big data and
computing in epidemiology and public health.
Annals of epidemiology, 27(5), 297-301.
Sankar, P. L., & Parker, L. S. (2017). The Precision
Medicine Initiative’s All of Us Research
Program: an agenda for research on its ethical,
legal, and social issues. Genetics in Medicine,
19(7), 743.
Schäfer, H., Hors-Fraile, S., Karumur, R. P., Calero
Valdez, A., Said, A., Torkamaan, H., . . .
Trattner, C. (2017). Towards health (aware)
recommender systems. Paper presented at the
Proceedings of the 2017 international conference
on digital health.
Stiles, P. G., & Boothroyd, R. A. (2015). Ethical use of
administrative data for research purposes
Actionable Intelligence (pp. 125-155): Springer.
Taylor, L., Floridi, L., & Van der Sloot, B. (2016). Group
privacy: New challenges of data technologies
(Vol. 126): Springer.
Thota, C., Sundarasekar, R., Manogaran, G., Varatharajan,
R., & Priyan, M. (2018). Centralized fog
computing security platform for IoT and cloud in
healthcare system Fog Computing:
Breakthroughs in Research and Practice (pp.
365-378): IGI global.
van Staa, T.-P., Goldacre, B., Buchan, I., & Smeeth, L.
(2016). Big health data: the need to earn public
trust. Bmj, 354, i3636.
Vayena, E., Haeusermann, T., Adjekum, A., & Blasimme,
A. (2018). Digital health: meeting the ethical and
policy challenges. Swiss medical weekly, 148,
w14571.
Vezyridis, P., & Timmons, S. (2017). Understanding the
care. data conundrum: New information flows
for economic growth. Big Data & Society, 4(1),
2053951716688490.
Wachter, S. (2018). Normative challenges of
identification in the Internet of Things: Privacy,
profiling, discrimination, and the GDPR.
Computer law & security review, 34(3), 436-449.
Wahl, B., Cossy-Gantner, A., Germann, S., & Schwalbe,
N. R. (2018). Artificial intelligence (AI) and
global health: how can AI contribute to health in
resource-poor settings? BMJ global health, 3(4),
e000798.
Yang, J.-J., Li, J., Mulder, J., Wang, Y., Chen, S., Wu, H.,
. . . Pan, H. (2015). Emerging information
technologies for enhanced healthcare. Computers
in industry, 69, 3-11.