Principles of data mining
Fast Algorithms for Mining Association Rules in Large Databases
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
A security policy model for clinical information systems
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Policy-based security management for federated healthcare databases (or RHIOs)
HIKM '06 Proceedings of the international workshop on Healthcare information and knowledge management
A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Regulating Exceptions in Healthcare Using Policy Spaces
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Detecting and resolving policy misconfigurations in access-control systems
ACM Transactions on Information and System Security (TISSEC)
Enforcing Minimum Necessary Access in Healthcare Through Integrated Audit and Access Control
Proceedings of the International Conference on Bioinformatics, Computational Biology and Biomedical Informatics
Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits
ACM Transactions on Management Information Systems (TMIS) - Special Issue on Informatics for Smart Health and Wellbeing
| Hi-index | 0.00 |
It is now mandatory for healthcare organizations to specify and publish their privacy policies. This has made privacy management initiatives in the healthcare sector increasingly important. However, several recent reports in the public media and the research community about healthcare privacy [1,2] indicate that the use of privacy policies is not necessarily a strong indication of adequate privacy protection for the patient. These observations highlight the fact that the current state of privacy management in healthcare organizations needs improvement. In this paper, we present PRIMA, a PRIvacy Management Architecture, as a first step in addressing this concern. The fundamental idea behind PRIMA is to exploit policy refinement techniques to gradually and seamlessly embed privacy controls into the clinical workflow based on the actual practices of the organization in order to improve the coverage of the privacy policy. PRIMA effectively enables the transition from the current state of perceived to be privacy-preserving systems to actually privacy-preserving systems.