JavaScript NENÍ povolen !

Prosím povolte JavaScript.

Článek
Web zdroj
Článek online

FT
Medvik - BMČ

Je něco špatně v tomto záznamu ?

GDPR compliance challenges for interoperable health information exchanges (HIEs) and trustworthy research environments (TREs)

Ed Conley, Matthias Pocs

Conley, Edward C., 1958-
Autor Autorita SHiELD Horizon 2020 and Connected Health Cities Projects, AIMES, Liverpool Innovation Park, L7 9NJ, United Kingdom
Pocs, Matthias
Autor Pocs, Matthias SHiELD Horizon 2020 Project, Stelar Security Technology Law Research, 21035 Hamburg, Germany

European Journal for Biomedical Informatics. 2018 ; 14 (3) : 48-61.

Eur. J. Biomed. Inform. (Praha)
ISSN 1801-5603
Medvik
Zdroj

Jazyk angličtina Země Česko

Perzistentní odkaz https://www.medvik.cz/link/bmc18026530

Online Plný text

NLK ROAD: Directory of Open Access Scholarly Resources od 2005

DOI 10.24105/ejbi.2018.14.3.7
domovská stránka časopisu - plný text volně přístupný
Knihovny.cz E-zdroje

Klíčová slova
GDPR,
MeSH
automatizované zpracování dat normy MeSH
interoperabilita zdravotnických informací normy MeSH
řízení zdravotnických informací * metody MeSH
zabezpečení počítačových systémů normy MeSH
zdravotnické informační systémy normy MeSH

Background: We present our current approaches to improving personal data protection in (i) large (regional/ national/international) scale health information exchanges (HIEs) and (ii) UK NHS IG toolkit and ISO 27001-compliant trustworthy research environments (TREs) for discovery science communities. In particular we examine impacts of the General Data Protection Regulation (GDPR) on these technology designs and developments and the responses we have made to control complexity. Methods: The paper discusses multiple requirements to implement the key GDPR principles of “data protection by design” and “data protection by default”, each requiring new capabilities to embed multiple security tests and data protection tools in common deployable infrastructures. Methods are presented for consistent implementation of diverse data processing use cases. Results: We describe how modular compositions of GDPRcompliant data processing software have been used to implement use case(s) and deliver information governance (IG) requirements transparently. Security surveillance analysis is embedded throughout the application lifecycle, namely at design, implementation and operation (runtime) phases. A solution is described to the challenge of integrating coherent research (analytic) environments for authorized researchers to access data and analytic tools without compromising security or privacy. Conclusion: We recognise the need for wider implementation of rigorous interoperability standards concerning privacy and security management. Standards can be disseminated within low-cost commodity infrastructures that are shared across consortium partners. Comprehensive model-based approaches to information management will be fundamental to guaranteeing security and privacy in challenging areas such as ethical use of artificial intelligence in medicine. The target architecture is still in evolution but needs a number of communitycollaborative API developments to couple advanced specifications fulfilling all IG requirements.

SHiELD Horizon 2020 and Connected Health Cities Projects AIMES Liverpool Innovation Park L7 9NJ United Kingdom

SHiELD Horizon 2020 Project Stelar Security Technology Law Research 21035 Hamburg Germany

Bibliografie atd.

Literatura

000: 00000naa a2200000 a 4500

001: bmc18026530

003: CZ-PrNML

005: 20200416114841.0

007: cr|cn|

008: 180724s2018 xr a fs 000 0|eng||

009: eAR

024 7_: $a 10.24105/ejbi.2018.14.3.7 $2 doi

040 __: $a ABA008 $d ABA008 $e AACR2 $b cze

041 0_: $a eng

044 __: $a xr

100 1_: $a Conley, Edward C., $d 1958- $7 xx0246790 $u SHiELD Horizon 2020 and Connected Health Cities Projects, AIMES, Liverpool Innovation Park, L7 9NJ, United Kingdom

245 10: $a GDPR compliance challenges for interoperable health information exchanges (HIEs) and trustworthy research environments (TREs) / $c Ed Conley, Matthias Pocs

504 __: $a Literatura

520 9_: $a Background: We present our current approaches to improving personal data protection in (i) large (regional/ national/international) scale health information exchanges (HIEs) and (ii) UK NHS IG toolkit and ISO 27001-compliant trustworthy research environments (TREs) for discovery science communities. In particular we examine impacts of the General Data Protection Regulation (GDPR) on these technology designs and developments and the responses we have made to control complexity. Methods: The paper discusses multiple requirements to implement the key GDPR principles of “data protection by design” and “data protection by default”, each requiring new capabilities to embed multiple security tests and data protection tools in common deployable infrastructures. Methods are presented for consistent implementation of diverse data processing use cases. Results: We describe how modular compositions of GDPRcompliant data processing software have been used to implement use case(s) and deliver information governance (IG) requirements transparently. Security surveillance analysis is embedded throughout the application lifecycle, namely at design, implementation and operation (runtime) phases. A solution is described to the challenge of integrating coherent research (analytic) environments for authorized researchers to access data and analytic tools without compromising security or privacy. Conclusion: We recognise the need for wider implementation of rigorous interoperability standards concerning privacy and security management. Standards can be disseminated within low-cost commodity infrastructures that are shared across consortium partners. Comprehensive model-based approaches to information management will be fundamental to guaranteeing security and privacy in challenging areas such as ethical use of artificial intelligence in medicine. The target architecture is still in evolution but needs a number of communitycollaborative API developments to couple advanced specifications fulfilling all IG requirements.

650 _2: $a interoperabilita zdravotnických informací $x normy $7 D000073892

650 _2: $a zdravotnické informační systémy $x normy $7 D063005

650 _2: $a zabezpečení počítačových systémů $x normy $7 D016494

650 _2: $a automatizované zpracování dat $x normy $7 D001330

650 12: $a řízení zdravotnických informací $x metody $7 D063025

653 00: $a GDPR

700 1_: $a Pocs, Matthias $u SHiELD Horizon 2020 Project, Stelar Security Technology Law Research, 21035 Hamburg, Germany

773 0_: $t European journal for biomedical informatics $x 1801-5603 $g Roč. 14, č. 3 (2018), s. 48-61 $w MED00173462

856 41: $u http://www.ejbi.org/ $y domovská stránka časopisu - plný text volně přístupný

910 __: $a ABA008 $b online $y p $z 0

990 __: $a 20180723130211 $b ABA008

991 __: $a 20200416114835 $b ABA008

999 __: $a ok $b bmc $g 1320751 $s 1023460

BAS __: $a 3 $a 4

BMC __: $a 2018 $b 14 $c 3 $d 48-61 $i 1801-5603 $m European Journal for Biomedical Informatics $n Eur. J. Biomed. Inform. (Praha) $x MED00173462

LZP __: $c NLK189 $d 20200331 $a NLK 2018-14/vt

GDPR compliance challenges for interoperable health information exchanges (HIEs) and trustworthy research environments (TREs)

Citační ukazatele

Možnosti archivace