Reference : Defining, Measuring, and Enabling Transparency for Electronic Medical Systems
Dissertations and theses : Doctoral thesis
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/38915
Defining, Measuring, and Enabling Transparency for Electronic Medical Systems
English
Pierina Brustolin Spagnuelo, Dayana mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
28-Nov-2018
University of Luxembourg, ​​Luxembourg
Docteur en Informatique
Ryan, Peter mailto
Verissimo, Paulo mailto
Lenzini, Gabriele mailto
Fischer-Hübner, Simone mailto
Martina, Jean Everson mailto
[en] Transparency ; GDPR ; Requirements ; Measurement ; Privacy ; Medical systems
[en] Transparency is a novel concept in the context of Information and Communication Technology (ICT). It has arisen from regulations as a data protection principle, and it is now being studied to encompass the peculiarities of digital information. Transparency, however, is not the first security concept to be borrowed from regulations; privacy once emerged from discussions on individual’s rights.
Privacy began to be vigorously debated in 1890, when Warren and Brandeis analysed legal cases for which penalties were applied on the basis of defamation, infringement of copyrights, and violation of confidence. The authors defended that those cases were, in fact, built upon a broader principle called privacy. But privacy was only given a structured definition almost one century later, in 1960, when Prosser examined cases produced after Warren and Brandeis’ work, classifying violation of privacy into four different torts; it took twenty years more before the concept was thoroughly studied for its functions in ICT. Guidelines by the OECD outlined principles to support the discussion of privacy as a technical requirement. Proceeded by international standards for a privacy framework (ISO/IEC 29100), which translated the former legal concepts into information security terms, such as data minimisation, accuracy, and accountability.
Transparency has a younger, but comparable history; the current General Data Protection Regulation (GDPR) defines it as a principle which requires “that any information and communication relating to the processing of those personal data be easily accessible and easy to understand [..]". However, other related and more abstract concepts preceded it. In the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the Privacy Rule demands to document privacy policies and procedures and to notify individuals of uses of their health information. Former European Directives, i.e., 95/46/EC and 2011/24/EU, establish “the right for individuals to have access to their personal data concerning their health [..] also in the context of cross-border healthcare”. The same did the Freedom of Information Act (FOIA) of 1966, instituting that any person has a right to obtain from agencies information regarding their records. These and other similar requests refer to the transversal quality called transparency.
Similarly to what happened with privacy, transparency was also the subject of guidelines that clarify its interpretation in ICT. However, no framework or standard has been defined yet that translates transparency into a technical property. This translation is the goal of our work.
This thesis is dedicated to debate existing interpretations for transparency, to establish requirements and measurement procedures for it, and to study solutions that can help systems adhere to the transparency principle from a technical perspective. Our work constitutes an initial step towards the definition of a framework that helps accomplish meaningful transparency in the context of Electronic Medical Systems.
Researchers ; Professionals ; Students ; General public
http://hdl.handle.net/10993/38915
FnR ; FNR7842804 > Dayana Pierina Brustolin Spagnuelo > > Transparent Yet Private Access to Medical Data > 01/12/2014 > 30/11/2018 > 2014

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
Spagnuelo_Thesis.pdfPublisher postprint5.79 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.