Rights Management Technologies: A Good Choice for Securing Electronic Health Records?

Petković, Milan; Katzenbeisser, Stefan; Kursawe, Klaus

doi:10.1007/978-3-8348-9418-2_19

Milan Petković¹,
Stefan Katzenbeisser¹ &
Klaus Kursawe¹

816 Accesses
7 Citations

Abstract

Advances in healthcare IT bring new concerns with respect to privacy and security. Security critical patient data no longer resides on mainframes physically isolated within an organization, where physical security measures can be taken to defend the data and the system. Modern solutions are heading towards open, interconnected environments where storage outsourcing and operations on untrusted servers happen frequently. In order to allow secure sharing of health records between different healthcare providers, Rights Management Techniques facilitating a datacentric protection model can be employed: data is cryptographically protected and allowed to be outsourced or even freely float on the network. Rather than relying on different networks to provide confidentiality, integrity and authenticity, data is protected at the end points of the communication. In this paper we compare Enterprise/Digital Rights Management with traditional security techniques and discuss how Rights Management can be applied to secure Electronic Health Records.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

R. Charette, Dying for Data, IEEE Spectrum, October2006, pp. 16–21
Google Scholar
W. Ford, P. Hallam-Baker, B. Fox, B. Dillaway, B. LaMacchia, J. Epstein, J. Lapp, XML Key Management Specification (XKMS), 2001, W3C http://www.w3.org/TR/xkms
Google Scholar
Healthcare Information and Management Systems Society (HIMSS), EHR Definition, Attributes and Essential Requirements; 2003; http://www.himss.org/content/files/EHRAttributes.pdf
Google Scholar
Health Level Seven (HL7), http://www.M7.org
Google Scholar
Security Assertion Markup Language, Version 2.0, OASIS Security Service TC, http://www.oasisopen.org/spec s/index.php#saml2.0
Google Scholar
XML Encryption, http://www.w3.org/Encryption/2001
Google Scholar
XML Signatures, http://www.w3.org/Signature
Google Scholar

Download references

Author information

Authors and Affiliations

Philips Research, Information and System Security Department, USA
Milan Petković, Stefan Katzenbeisser & Klaus Kursawe

Authors

Milan Petković
View author publications
You can also search for this author in PubMed Google Scholar
Stefan Katzenbeisser
View author publications
You can also search for this author in PubMed Google Scholar
Klaus Kursawe
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Petković, M., Katzenbeisser, S., Kursawe, K. (2007). Rights Management Technologies: A Good Choice for Securing Electronic Health Records?. In: ISSE/SECURE 2007 Securing Electronic Business Processes. Vieweg. https://doi.org/10.1007/978-3-8348-9418-2_19

Download citation

DOI: https://doi.org/10.1007/978-3-8348-9418-2_19
Publisher Name: Vieweg
Print ISBN: 978-3-8348-0346-7
Online ISBN: 978-3-8348-9418-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics