A Comprehensive Model for Securing Sensitive Patient Data in a Clinical Scenario | IEEE Journals & Magazine | IEEE Xplore

A Comprehensive Model for Securing Sensitive Patient Data in a Clinical Scenario


It is a diagram of the clinical scenario, which consists of an Electronic Medical Record system, a Laboratory Information System, Middlewares and Analyzers. This provides...

Abstract:

The clinical environment is one of the most important sources of sensitive patient data in healthcare. These data have attracted cybercriminals who pursue the theft of th...Show More

Abstract:

The clinical environment is one of the most important sources of sensitive patient data in healthcare. These data have attracted cybercriminals who pursue the theft of this information for personal gain. Therefore, protecting these data is a critical issue. This paper focuses on an analysis of the clinical environment, presents its general ecosystem and stakeholders, and inspects the main protocols implemented between the clinical components from a security and privacy perspective. Additionally, this article defines a complete use case to describe the typical workflow within a clinical setting: the life cycle of a patient sample. Moreover, we present and categorize crucial clinical information and divide it into two sensitivity levels: High and Very Sensitive, while considering the severe risks of cybercriminal access. The threat model for the use case has also been identified, in conjunction with the use case’s security and privacy needs. This work served us as basis to develop the minimum security and privacy requirements to protect the use case. Accordingly, we have defined protection mechanisms for each sensitivity level with the enabling technologies needed to satisfy each requirement. Finally, the main challenges and future steps for the use case are presented.
It is a diagram of the clinical scenario, which consists of an Electronic Medical Record system, a Laboratory Information System, Middlewares and Analyzers. This provides...
Published in: IEEE Access ( Volume: 11)
Page(s): 137083 - 137098
Date of Publication: 30 November 2023
Electronic ISSN: 2169-3536

Funding Agency:


References

References is not available for this document.