• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.6
• /
• pp.66-76
• /
• 2017

In this study, we investigated how to protect personal healthcare information when constructing OMOP (Observational Medical Outcomes Partnership) CDM (Common Data Model). There are two proposed methods; to restrict data corresponding to HIPAA (Health Insurance Portability and Accountability Act) PHI (Protected Health Information) to be extracted to CDM or to disable identification of it. While processing sensitive information is restricted by Korean Personal Information Protection Act and medical law, there is no clear regulation about what is regarded as sensitive information. Therefore, it was difficult to select the sensitive information for protecting personal healthcare information. In order to solve this problem, we defined HIPAA PHI as restriction criterion of Article 23 of the Personal Information Protection Act and maps data corresponding to CDM data. Through this study, we expected that it will contribute to the spread of CDM construction in Korea as providing solutions to the problem of protection of personal healthcare information generated during CDM construction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.437-454
• /
• 2020

According to the privacy regulations of the health insurance portability and accountability act (HIPAA), patients' control over electronic health data is one of the major concern issues. Currently, remote access authorization is considered as the best solution to guarantee the patients' control over their health data. In this paper, a new biometric-based key management scheme is proposed to facilitate remote access authorization anytime and anywhere. First, patients and doctors can use their biometric information to verify the authenticity of communication partners through real-time video communication technology. Second, a safety channel is provided in delivering their access authorization and secret data between patient and doctor. In the designed scheme, the user's public key is authenticated by the corresponding biometric information without the help of public key infrastructure (PKI). Therefore, our proposed scheme does not have the costs of certificate storage, certificate delivery, and certificate revocation. In addition, the implementation time of our proposed system can be significantly reduced.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.8
• /
• pp.15-23
• /
• 2016

Recently the interest in secondary use of medical information has emerged. But the domestic legislation or guidelines, such as being able to say that already specialize in healthcare information, can be seen a 'national medical privacy guidelines'. However the guidelines have suggested that only a violation of privacy laws in the medical information, it does not defined clearly with respect to protected health information(PHI) for secondary use. In this paper, we learn the HIPAA(Health Insurance Portability and Accountability Act) Privacy Rule of the US legislation which provides a non-identifiable screen instructions for secondary utilization of medical information, domestic guidelines and other country's guidelines. comparing with the HIPAA, national medical privacy guidelines and the domestic studies, we propose a new domestic target non-identifying information suitable for the domestic field and present future research direction.

• Journal of Korean Library and Information Science Society
• /
• v.47 no.1
• /
• pp.149-173
• /
• 2016

As cloud computing becomes more and more popular and ubiquitous, many organizations are deciding to move their whole information infrastructure to the cloud. The healthcare industry is one of those that is beginning to utilize cloud-based solutions en masse. Cloud based computing and storage offers numerous benefits including scalability, cost efficiency, and accessibility, which in turn have the potential to streamline hospital operations. Despite the potential benefits of acquiring this system, considerations must still be given to the migration of the massive amounts of personal and highly protected data to a cloud-based solution. Health care organizations must consider all matters of security, reliability, and availability, to ensure that patients' data remains compliant to the Health Insurance Portability and Accountability Act (HIPAA) compliant. This paper will examine the benefits and challenges of such operation to determine the best practices for the utilization of Electronic Medical Record (EMR) cloud based networking and storage for small to mid-sized hospitals.