Affordable Access

Strengthening legal compliance for privacy in electronic health information systems : a review and analysis

Queensland University of Technology
Publication Date
  • Communication
  • Law


Proceedings of the National e-Health Privacy and Security Symposium 2006 (ehPASS'06) - ISBN: 1741071380 © 2006 QUT. Strengthening Legal Compliance for Privacy in Electronic Health Information Systems: A Review and Analysis Vicky Liu, William Caelli, Lauren May School of Software Engineering and Data Communications & Information Security Institute Queensland University of Technology GPO Box 2434 Brisbane Qld 4001, Australia [email protected], [email protected], [email protected] Abstract It is well recognised that adoption of information communication and technology (ICT) in healthcare can transform healthcare services. Numerous countries are seeking to establish national e-health development and implementation. To collect, store and process individual health information in an electronic system, healthcare providers need to comply with the appropriate security and privacy legislation. Deploying ICT systems in healthcare operations can provide advantages in healthcare delivery; however, risks to privacy in such e-health systems must be addressed. Adopting appropriate security technologies can simplify some of the complexity associated with privacy concerns. Evaluation criteria can be useful in providing a benchmark for users to assess the degree of confidence they can place in health information systems for the storage and processing of sensitive health information. This paper provides an overview of the “Common Criteria (CC)” for the assessment of IT products and systems and relates privacy requirements to the relevant CC Protection Profiles. We recommend a certain level of security in healthcare related information systems. Healthcare providers need to deploy strong security platforms to ensure the protection of electronic health information from both internal and external threats including the provision of conformance in health information systems to regulatory and legal requirements. Keywords Se

There are no comments yet on this publication. Be the first to share your thoughts.