Information security and privacy in healthcare information system is a very critical matter. The increasing acceptance of information systems by various healthcare institutions and increasing security and privacy concerns among patients, all point to the need for proper frameworks of information security and privacy in place. In this paper, we have analyzed numerous categories of threats to a health information system and have identified threats that are unique to a health information system. Later, we have explored various models and algorithms that may be utilized to alleviate these threats. Finally, we have proposed future directions that may encourage further research into this field.

Chapter Contents:

• 9.1 Introduction
• 9.2 Threats to information security and privacy
• 9.2.1 Understanding information security and privacy
• 9.2.2 Classification of threats
• 9.2.2.1 Organizational threats
• 9.2.2.2 Systemic threats
• 9.3 Information security and privacy disciplines
• 9.3.1 Information access control
• 9.3.2 Statistical disclosure control
• 9.4 Models and algorithms
• 9.4.1 Information access control
• 9.4.1.1 Role-based access control
• 9.4.1.2 Contextual role-based access control
• 9.4.1.3 Tag-based data model
• 9.4.1.4 Privacy management architecture
• 9.4.2 Statistical disclosure control
• 9.4.2.1 Pseudonymization
• 9.4.2.2 p-sensitive k-anonymity property
• 9.4.2.3 Microaggregation
• 9.5 Conclusions and future directions
• References

Inspec keywords: health care; data privacy; medical information systems; information systems; security of data

Other keywords: increasing security; healthcare records; health information system; information security; healthcare information system; privacy concerns; information systems

Subjects: Data security; Biology and medical computing; Medical administration