Ensuring privacy for e-health services

G. Yee, L. Korba, R. Song
2006 First International Conference on Availability, Reliability and Security (ARES'06)  
npsi/ctrl?action=rtdoc&an=5765194⟨=en http://nparc.cisti-icist.nrc-cnrc.gc.ca/npsi/ctrl?action=rtdoc&an=5765194⟨=fr Access and use of this website and the material on it are subject to the Terms and Conditions set forth at Abstract The growth of the Internet has been accompanied by the growth of e-health services (e.g. online medical advice, online pharmacies). This proliferation of services and the increasing regulatory and legal requirements for personal privacy have fueled the need to
more » ... the personal privacy of service users. Existing approaches for privacy protection such as access control are predicated on the e-service provider having possession and control over the user's personal data. In this paper, we propose a new approach to protecting personal privacy for e-health services: keeping possession and control over the user's personally identifiable information in the hands of the user as much as possible. Our approach can also be characterized as distributing personally identifiable information only on a "need to know" basis.
doi:10.1109/ares.2006.59 dblp:conf/IEEEares/YeeKS06 fatcat:sv2fvq7uvra2li3dkemucovafm