Privacy Protection for HealthGrid Applications

 

 Buy Article Permissions and Reprints

Summary

Objectives: This contribution aims at introducing the problem of privacy protection in e-Health and at describing a number of existing privacy enhancing techniques (PETs). The recognition that privacy constitutes a fundamental right is gradually entering public awareness. Because healthcare-related data are susceptible to being abused for many obvious reasons, public apprehension about privacy has focused on medical data. Public authorities have become convinced of the need to enforce privacy protection and make considerable efforts for promoting through privacy protection legislation the deployment of PETs.

Methods: Based on the study of the specific features of Grid technology, ways in which PET services could be integrated in the HealthGrid are being analyzed. Grid technology aims at removing barriers between local and remote resources. The privacy and legal issues raised by the HealthGrid are caused by the transparent interchange and processing of sensitive medical information. PET technology has already proven its usefulness for privacy protection in health-related marketing and research data collection.

Results: While this paper does not describe market-ready solutions for privacy protection in the HealthGrid, it puts forward several cases in which the Grid may benefit from PETs.

Conclusion: Early integration of privacy protection services into the HealthGrid can lead to a synergy that is beneficial for the development of the HealthGrid itself.

• References

• 1 Lydgate C, Budnick N. Rubbish! Portland’s top brass said it was OK to swipe your garbage – so we grabbed theirs. Available at: URL. http://www.wweek.com/flatfiles/News3485.lasso Accessed November 7 2003
  PubMedGoogle Scholar
• 2 Lazarus D. A tough lesson on medical privacy: Pakistani transcriber threatens UCSF over back pay. San Francisco: Chronicle; Wednesday, October 22 2003
  Google Scholar
• 3 Caloyannides M. Society Cannot Function Without Privacy. IEEE Security & Privacy, May-June 2003 (Vol. 1, No. 3).
  PubMedGoogle Scholar
• 4 Directive 95/46/EC of the European Parliament and the Council of October 24, 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
  PubMedGoogle Scholar
• 5 Directive 2002/58/EC of the European Parliament and of the Council of July 12, 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).
  PubMedGoogle Scholar
• 6 De Meyer F, Claerhout B, De Moor GJE. The PRIDEH project: taking up Privacy Protection Services in e-Health. Proceedings MIC 2002 “Health Continuum and Data Exchange”. IOS Press; 2002: 171-7.
  Google Scholar
• 7 CEN/TC 251/WG III N 02–018 (2002–07–17) First draft of AURTAF (Anonymity User Requirements for Trusted Anonymisation Facilities).
  PubMedGoogle Scholar
• 8 Claerhout B, De Moor G. From Grid to Health- Grid: introducing Privacy Protection. Proceedings of the First European Health Grid Conference, Lyon, Jan 16-17 2003; 226-32.
  PubMedGoogle Scholar
• 9 Paindaveine Y. Health Grid – old wine in new bottles?. Proceedings of the First European Health Grid Conference, Lyon, Jan 16-17 2003; 20-9.
  PubMedGoogle Scholar
• 10 De Moor GJE, Claerhout B, De Meyer F. Privacy Enhancing Techniques: the Key to Secure Communication and Management of Clinical and Genomic Data. Methods Inf Med 2003; 42: 148-53.
  Article in Thieme ConnectPubMedGoogle Scholar
• 11 Bagga W. Privacy-enabled Application Scenarios for Web Services, Network Security & Cryptography Group, IBM Zurich Research Laboratory, September 2003. Available from. http://rangiroa. essi.fr/DEA-RSD/2002–03/03-dea-bagga.pdf.
  PubMedGoogle Scholar