Abstract
The primary objective of this chapter is to analyze the existing tools and techniques for medical data security. Typically, medical data includes either medical signals such as electrocardiogram, electroencephalogram, electromyography, or medical imaging like digital imaging and communications in medicine, joint photographic experts group format. The medical data are sensitive, subject to privacy preservation, and data access rights. Security in e-health field is an integrated concept which includes robust combination of confidentiality, integrity, and availability of medical data. Confidentiality ensures the data is inaccessible to unauthorized access. Integrity restricts the alteration in data by the unauthorized user. Whereas availability provides the readiness of the data when needed by the authorized user. Additionally, confidentiality, integrity and availability, accountability parameter records the back action list which answers the why, when, what, and whom data is accessed. The selected tools and techniques used in medical data security in e-health applications is discussed.
TopIntroduction
With the progressions in information and communication technologies (ICT) has unlocked fresher prospects for telemedicine(Ingenerf, 1999; Pattichis et al., 2002) by enabling medical data accessibility across geographical boundaries through Internet, mobile links, and other wireless/wired communication channels and thus covering rural/remote areas, accident sites, ambulance, and hospitals for e-health applications(Silva, Rodrigues, Canelo, Lopes, & Lloret, 2014). The histrionic expansion of contemporary communication technologies, the security of medical information has become an essential topic when it is transferred or deposited over open channels(Society, 1996).
Medical Data Security
Medical data attributes to the health-pertained information in association with the clinical trial program either in form of reports/signal/image(Hossain & Chellappan, 2014; Lu, Wu, Liu, Chen, & Guo, 2013; Yachana, Kaur, & Sood, 2017). Medical data also referred to as personal health information, commonly refers to geographic information, medical antiquities, assessment and laboratory results, mental/physical health situations, insurance information, and other data that a healthcare specialized gathers to classify an individual and govern suitable care. Medical data security is needed in e-health management framework due to essentially i) Medical data is having the capacity to reveal identity information, ii) prevent medical data tempering, which may mislead clinical diagnosis(A. Pandey, Saini, Singh, & Sood, 2017; Anukul Pandey, Saini, Singh, & Sood, 2018; Anukul Pandey, Singh, Saini, & Sood, 2016).
A patient privacy protection scheme for medical information system (Lu et al., 2013) is explored for the construction of the index of privacy data, and translation into a new query over the corresponding index for a query operation over privacy data so that it can be performed at the server side instantly. Prior to database storage at the server side of a medical information system, patient’s privacy data being first encrypted to prevent the leakage of patient’s private information caused internal staff. Based on millions of tuples of privacy fields experimental evaluation validate the effectiveness of patient privacy protection scheme.
FireHost
Texas-based FireHost is a cloud based Compliance as a Service (CaaS). The FireHost supplies CaaS with safeguarding the secret data and guaranteeing the necessities as documented in HIPAA. The multiple security yields are reduced by the FireHost (Chris Paoli, 2014).
FireLayers
FireLayers prevent unauthorized access with its new security access application for apps running in the cloud that offers surplus protection and monitoring. The FireLayers app security includes a dominant console with administrators control over guidelines, authorizations and admittance. FireLayers demonstrations recognized threats and employ rules to kiosk them and reports the precise limitations (Chris Paoli, 2014).
Data security can be enhanced by storing the PHI at the known location. For doing so, NetApp storage tool offers monitoring tools in which PHI can be tracked based on the movement observed in PHI. This storage management tool observes massive amounts of unclassified information and keep it constant with identical security levels extended to confidential enterprise information. Automatic encoding and access management capabilities restrict unauthorized access and information leak. The NetApp Storage incorporates geo-distributed abrasion cryptography, in which information is fragmented and encoded with tautological information items and keep over multiple datacenters, guaranteeing that if there's a rupture, information can keep protected (Chris Paoli, 2014).
Key Terms in this Chapter
Telemedicine: The delivery of healthcare support systems at a distance using communication channels.
Data Security: It is the combination of procedure, processes, and systems used to attain the fulfilment of data confidentiality, accountability, integrity, and availability as needed.
Steganography: The hiding of a secret message within a cover data and the extraction of secret message at its terminus.
Data Integrity: The ability to restrain the data from being altered by unauthorized user.
Cryptography: The transformation of secret data into codes for transmission over a communication network to restrain unauthorized access.
Data Privacy: The control or authority of what information related to data can be disclosed by whom and to whom it can be disclosed.