Medical Database Security Policies

G. J. Pangalos

doi:10.1055/s-0038-1634952

Methods of Information in Medicine, Inhaltsverzeichnis

Methods Inf Med 1993; 32(05): 349-356
DOI: 10.1055/s-0038-1634952

Original Article

Schattauer GmbH

Medical Database Security Policies

G. J. Pangalos

¹Computer Division, Faculty of Technology, General Department, Aristotelian University, Thessaloniki, Greece

› Institutsangaben

Abstract

Database security plays an important role in the overall security of medical information systems. Security does not only involve fundamental ethical principles such as privacy and confidentiality, but is also an essential prerequisite for effective medical care. The general framework and the requirements for medical database security are presented. The three prominent proposals for medical database security are discussed in some detail, together with specific proposals for medical database security. A number of parameters for a secure medical database development are presented and discussed, and guidelines are given for the development of secure medical database systems.

Key-Words

Medical Database Security - Information System Security - Database Security Policies - Database Security

Volltext

Referenzen

REFERENCES
1 Land T. Security in database systems. Corn-put Security J 1992; 01: 41-6.
2 Biskup J. Medical database security. In: Data Protection and Confidentiality in Health Informatics, . Amsterdam: IOS Press; 1991
3 Campbell J. A research and development program for distributed DBMSs. In: Jajoda S. ed. Database Security TV, . Amsterdam: North-Holland Publ Comp; 1991: 381-94.
4 Pangalos G. Security in Medical Database Systems. SEISMED project report No INT/ S. 3/92. Brussels: EEC; 1992
5 Jajodia S, Landwehr C. eds. Database Security IV. . Amsterdam: North-Holland Publ Comp; 1991
6 EEC/DGXII, ed. Data Protection and Confidentiality in Health Informatics. . Amsterdam: IOS Press; 1991
7 Landwehr C. ed. Database Security II: Status and Prospects. Amsterdam: North-Holland Publ Comp; 1989
8 Fugini M. Secure database development methodologies. In: Landwehr C. ed. Database Security II: Status and Prospect. Amsterdam: North-Holland Publ’ Comp; 1989: 123-9.
9 Biskup J. Medical database security. Proceedings GI-20. . Heidelberg: Springer Ver-lag; 1990: 212-21.
10 Department of Defense Trusted Computer System Evaluation Criteria. . Washington DC: DoD 5200.28-STD; 1985
11 Information Technology Evaluation Criteria . (ITSEC) (version 1.2). EEC Document, Brussels. June 1991
12 Draft Trusted BDMS Interpretation of the DoD Trusted Computer System Evaluation Criteria. . Washington DC: National Computer Security Center; 1989
13 Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria. . Washington DC: National Computer Security Center; NCSC-TG-005, 1987
14 Information Technology Security Evaluation Manual . (ITSEM) (Draft). Brussels: EEC; 1992
15 Graubart R. A comparison of three secure DBMS architectures. In: Spooner D, Landwehr C. Database Security III. . Amsterdam: North-Holland Publ Comp; 1990
16 Zloof M. Query by example: a database language. IBM Systems J 1977; 16: 324-43.
17 Spooner D, Landwehr C. eds. Database Security III. . North-Holland Publ Comp. 1990
18 Biscup J. Analysis of the privacy model for the information system DORIS. In: Landwehr C. ed. Database Security II: Status and prospects. . Amsterdam: North-Holland Publ Comp; 1989: 123-40.
19 Marel JV, Bakker Ar. User access rights in an integrated hospital information system. In: Van Bemmel JH, Ball M, Wigertz O. eds. MEDINFO 83. Amsterdam: North-Holland Publ Comp; 1988: 963-9.
20 Biskup J. A general framework for database security. Proceedings EROSICS. . Toulouse, France; 1990: 35-41.
21 Ting T. Application information security semantics: A case of mental health delivery. In: Spooner D, Landwehr C. eds. Database Security III. . Amsterdam: North-Holland Publ Comp; 1990: 1-12.
22 Landwehr C. The best available technologies for computer security. IEEE Computer 1983; 16: 86-95.