№1, 2017

PROBLEMS OF INFORMATION SECURITY IN E-HEALTH
Yadigar N. Imamverdiyev

E-health promises various perspectives in the field of availability of high-quality medical services and information for the whole society. Moreover, it facilitates several threats in terms of violations of private life and information security. This study sheds some light on main development trends in e-health sector, evaluates main threats to information security from the point of view of potential risks and analyzes viable mechanisms of information security assurance. Scientific-empirical problems of information security ensuring are identified in e-health systems, as well as in wireless body sensor networks (pp.20-29).

Keywords:e-health, m-health, personal medical information, information security, privacy, WSBN.
References
  • Della Mea V. What is e-Health (2): The death of telemedicine? // Journal of Medical Internet Research, vol. 3, no.2, 2001 :e22. doi:10.2196/jmir.3.2.e22.
  • Building Foundations for eHealth - Progress of Member States. World Health Organization, 2006. 339 p.
  • George C., Whitehouse D., Duquenoy P. (eds.) eHealth: Legal, Ethical and Governance Challenges. Springer, 2013. 396 p.
  • Mamedova M.G. Information security of personal medical data in electronic envrionment // Information technologies problems, 2015, №2, pp.16–30.
  • Sabnis S., Charles D. Opportunities and challenges: Security in eHealth // Bell Labs Technical Journal, 2012, vol. 17, no. 3, pp. 105–111.
  • Agbele K.K., Nyongesa H.O, & Adesina A.O. ICT and information security perspectives in e-health  systems // Journal of Mobile Communication, 2010, vol. 4, no. 1, pp. 17–22.
  • Mohammad Y.M. Information security strategy in telemedicine and e-health systems: A case study of England’s shared electronic health record system. PhD. Brunel University, 2010, http://www.bura.brunel.ac.uk/handle/2438/4669
  • Atlas of eHealth country profiles. WHO Global Observatory for eHealth. World Health Organization 2016, 392 p.
  • Fridsma D. Electronic Health Records: The HHS Perspective // IEEE Computer, 2012, vol. 45, no.11, 24–26.
  • Fernández-Alemán J.L., Seсor I.C., Lozoya P.Á.O., Toval A. Security and privacy in electronic health records: A systematic literature review // Journal of Biomedical Informatics, 2013, vol. 46, pp. 541–562.
  • Zingerman B.V. Shklovsky-Kordi N.E. Electronic medical record and principles of its organization // Physicin and information technologies, 2013, №2, pp.37-58
  • Atchinson B.K., Fox D.M. The politics of the Health Insurance Portability And Accountability Act // Health Affairs, 1997, vol. 16, no. 3, pp. 46–150.
  • Azarm-Daigle M., Kuziemsky C., Peyton L. A review of cross organizational healthcare data sharing // Procedia Computer Science, 2015, vol. 63, pp. 425-432.
  • Lin S.-P. Determinants of adoption of mobile healthcare service // International Journal of Mobile Communications, 2011, vol. 9, no. 3, pp. 298–315.
  • mHealth: New horizons for health through mobile technologies. Global Observatory for eHealth series - Volume 3. World Health Organization. 2011. 112 p.
  • ITU-T Technology Watch Report: Standards and eHealth. January 2011, 20 p. http://itu.int/en/ITU-T/techwatch/Pages/ehealth-standards.aspx.
  • ITU-T Technology Watch Report: E-health Standards and Interoperability. April 2012, 24 p. http://www.itu.int/oth/T0B15000013/
  • Basu S., Karp A., Li J., Pruyne J., Rolia J., Singhal S., Suermondt J., Swaminathan R. Fusion: Managing healthcare records at cloud scale // IEEE Computer Society, 2012, vol. 45, no. 11, pp. 42–49.
  • Alguliyev R., Imamverdiyev Y. Big Data: Big Promises for Information Security // 8th IEEE International Conference on Application of Information and Communication Technologies (AICT), 2014, pp. 1–4.
  • Weaver “Patients put at risk by computer viruses,” Wall Street Journal, 13 June, 2013, http://www.wsj.com/articles/SB10001424127887324188604578543162744943762
  • The 2014 Bitglass Healthcare Breach Report. http://www.bitglass.com/company/news/press_releases/healthcare-data-breach-report
  • Munro D. Data breaches in healthcare totaled over 112 millionr in 2015. 31 December, 2015.
  • Camp L.J., Johnson M.E., The Economics of Financial and Medical Identity Theft. 2012. Springer. – 180 p.
  • Fifth Annual Study on Medical Identity Theft. Ponemon Institute, February 2015, 38 p.
  • TrapX Security: Anatomy of an attack MEDJACK (Medical Device Hijack). May 2015.
  • Storm D. MEDJACK: hackers hijacking medical devices-to create backdoors in hospital networks // Computerworld, June 8, 2015, http://www.computerworld.com/article/2932371/cybercrime-hacking/medjack-hackers-hijacking-medical-devices-to-create-backdoors-in-hospital-networks.html
  • National Cybersecurity and Communications Integration Center. Attack Surface: Healthcare and Public Health Sector. 2012, 10 p.
  • ISO/TS 22600-1 Health informatics - Privilege management and access control - Part 1: Overview and policy management. ISO 2006. 27 p.
  • ISO/TS 22600-2 Health informatics - Privilege management and access control - Part 2: Formal models. ISO 2006. 26 p.
  • Eze B., Peyton L. Systematic literature review on the anonymization of high dimensional streaming datasets for health data sharing // Procedia Computer Science, vol. 63, pp. 348–355, 2015.
  • Bangash J.I., Abdullah A.H., Anisi M.H., Khan A.W. A survey of routing protocols in wireless body sensor networks // Sensors, 2014, vol. 14, no. 1, pp. 1322–1357.
  • Ameen M., Liu J., Kwak K. Security and privacy issues in wireless sensor networks for healthcare applications // Journal of Medical Systems, 2012, vol. 36, no. 1, pp. 93–101.
  • Rushanan M., Kune D.F., Swanson C.M., Rubin A.D. Sok: Security and privacy in implantable medical devices and body area networks / 35th Annual IEEE Symp. on Security and Privacy, 2014, pp. 524–539.
  • Kwak K.S., Ullah S., Ullah N. An overview of IEEE 802.15.6 standard / Proc. of the 3rd International Symposium on Applied Sciences in Biomedical and Communication Technologies (ISABEL), 2010, pp. 1–6.
  • International Organization for Standardization (ISO). ISO 27799-2008 Health informatics - Information security management in health using ISO/IEC 27002, 2008.
  • Aggarwal C.C., Yu P.S. Privacy-preserving data mining: models and algorithms. New York: Springer, 2008, 514 p.