Privacy Protection for HealthGrid Applications

B. Claerhout; G. J. E. De Moor

doi:10.1055/s-0038-1633934

Methods of Information in Medicine, Table of Contents

Methods Inf Med 2005; 44(02): 140-143
DOI: 10.1055/s-0038-1633934

Original Article

Schattauer GmbH

Privacy Protection for HealthGrid Applications

Authors

B. Claerhout

¹CUSTODIX nv, Merelbeke, Belgium
G. J. E. De Moor

²Department of Medical Informatics and Statistics, Gent University, Gent, Belgium

Abstract

Summary

Objectives: This contribution aims at introducing the problem of privacy protection in e-Health and at describing a number of existing privacy enhancing techniques (PETs). The recognition that privacy constitutes a fundamental right is gradually entering public awareness. Because healthcare-related data are susceptible to being abused for many obvious reasons, public apprehension about privacy has focused on medical data. Public authorities have become convinced of the need to enforce privacy protection and make considerable efforts for promoting through privacy protection legislation the deployment of PETs.

Methods: Based on the study of the specific features of Grid technology, ways in which PET services could be integrated in the HealthGrid are being analyzed. Grid technology aims at removing barriers between local and remote resources. The privacy and legal issues raised by the HealthGrid are caused by the transparent interchange and processing of sensitive medical information. PET technology has already proven its usefulness for privacy protection in health-related marketing and research data collection.

Results: While this paper does not describe market-ready solutions for privacy protection in the HealthGrid, it puts forward several cases in which the Grid may benefit from PETs.

Conclusion: Early integration of privacy protection services into the HealthGrid can lead to a synergy that is beneficial for the development of the HealthGrid itself.

Keywords

Privacy - privacy enhancing techniques (PETs) - HealthGrid - Grid

Full Text

References

References
1 Lydgate C, Budnick N. Rubbish! Portland’s top brass said it was OK to swipe your garbage – so we grabbed theirs. Available at: URL. http://www.wweek.com/flatfiles/News3485.lasso Accessed November 7 2003
2 Lazarus D. A tough lesson on medical privacy: Pakistani transcriber threatens UCSF over back pay. San Francisco: Chronicle; Wednesday, October 22 2003
3 Caloyannides M. Society Cannot Function Without Privacy. IEEE Security & Privacy, May-June 2003 (Vol. 1, No. 3).
4 Directive 95/46/EC of the European Parliament and the Council of October 24, 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
5 Directive 2002/58/EC of the European Parliament and of the Council of July 12, 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).
6 De Meyer F, Claerhout B, De Moor GJE. The PRIDEH project: taking up Privacy Protection Services in e-Health. Proceedings MIC 2002 “Health Continuum and Data Exchange”. IOS Press; 2002: 171-7.
7 CEN/TC 251/WG III N 02–018 (2002–07–17) First draft of AURTAF (Anonymity User Requirements for Trusted Anonymisation Facilities).
8 Claerhout B, De Moor G. From Grid to Health- Grid: introducing Privacy Protection. Proceedings of the First European Health Grid Conference, Lyon, Jan 16-17 2003; 226-32.
9 Paindaveine Y. Health Grid – old wine in new bottles?. Proceedings of the First European Health Grid Conference, Lyon, Jan 16-17 2003; 20-9.
10 De Moor GJE, Claerhout B, De Meyer F. Privacy Enhancing Techniques: the Key to Secure Communication and Management of Clinical and Genomic Data. Methods Inf Med 2003; 42: 148-53.
11 Bagga W. Privacy-enabled Application Scenarios for Web Services, Network Security & Cryptography Group, IBM Zurich Research Laboratory, September 2003. Available from. http://rangiroa. essi.fr/DEA-RSD/2002–03/03-dea-bagga.pdf.