Browse > Article

Development of an Information Security Standard for Protecting Health Information in u-Health Environment  

Kim, Dong-Soo (Department of Industrial and Information Systems Engineering, Soongsil University)
Kim, Min-Soo (Department of Systems Management and Engineering, Pukyong National University)
Publication Information
IE interfaces / v.20, no.2, 2007 , pp. 177-185 More about this Journal
Abstract
e-Business in healthcare sector has been called e-Health, which is evolving into u-Health with advances of ubiquitous technologies. Seamless information sharing among health organizations is being discussed in many nations including USA, UK, Australia and Korea. Efforts for establishing the electronic health record (EHR) system and a nation-wide information sharing environment are called NHII (National Health Information Infrastructure) initiatives. With the advent of u-Health and progress of health information systems, information security issues in healthcare sector have become a very significant problem. In this paper, we analyze several issues on health information security occurring in u-Health environment and develop an information security standard for protecting health information. It is expected that the standard proposed in this work could be established as a national standard after sufficient reviews by information security experts, stakeholders in healthcare sector, and health professionals. Health organizations can establish comprehensive information security systems and protect health information more effectively using the standard. The result of this paper also contributes to relieving worries about privacy and security of individually identifiable health information brought by NHII implementation and u-Health systems.
Keywords
u-Health; information security; standard; national health information infrastructure;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Chae, Y-M. (2005), Establishing Laws and Regulations for e-Healtb Promotion, Project Report of MOHW, Seoul, Korea
2 Eng, T. R. (2001), The eHealth Landscape, A terrain map of emerging information and communication technologies in health and health care, Princeton, NJ: The Robert Wood Johnson Foundation
3 Joan, Hash et al. (2005), An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act(HIPAA) Security Rule, NIST Special Publication 800-66
4 Oh, H., Rizo, C., Enkin, M., Jadad, A., Powell, J., and Pagliari, C (2005), What Is eHealth (3): A Systematic Review of Published Definitions, Journal of Medical Internet Research, 7(1)
5 P&AB and Harris Interactive, Available at http://www.pandab.org/healthpr.html
6 Eysenbach, G. (2001), What is e-health?, Journal of Medical Internet Research, 3(2)
7 Jim, Moynihan, The Basics of Healthcare EDI/EC, HIPAA Summit West II, March 14, 2002. Available at www.ehcca.com/presentations/HIPAAWest2/1_01.pdf
8 Kim, T-J. and Kim, I-H. (2005), A Study on Individual Information Security Management System in Ubiquitous Environment, Security News, 10-15
9 Ahern, D. K., Kreslake, J. M., and Phalen, J. M. (2006), What Is eHealth (6): Perspectives on the Evolution of eHealth Research, Journal of Medical Internet Research, 8(1)
10 Efraim Turban and David King (2003), Introduction to e-Commerce, Prentice Hall, New Jersey
11 KHIDI (2004), Privacy and Security Standard for Electronic Medical Record, Research Report, Seoul, Korea
12 MOHW (2006), A Study on Health Information Security Standard; Project Report of MOHW, Seoul, Korea
13 Kim, D. and Kim, M. (2006), Issues on Privacy and Security of Health Information in u-Health IT Service Environment, Proc. 2006 Spring Conf. of Korea Society of IT Services, 282-289
14 United States Department of Health Human Service, Standards for Privacy of Individually Identifiable Health Information, Security Stands for the Protected Health Information, General Administrative Requirements Including, Civil Money Penalties, Regulation Test(45 CPR Parts 160 and 164)
15 Kim, D. and Park, H. (2003), A.Review.of.Hospital Information.Systems and e-Hospiral Strategy Development of Large-sized Hospitals, Informatization Policy, 11(3), 13-29
16 Pagliari, C., Sloan, D., Gregor, P., Sullivan, F., Detmer, D., Kahan, J. P., Oortwijn, W., MacGillivray, S., and Griffiths, F. (2005), What Is eHealth (4): A Scoping Exercise to Map the Field. Medical Internet Research, 7(1)