References of "Bincoletto, Giorgia 018124760F"
     in
Bookmark and Share    
Full Text
See detailDATA PROTECTION BY DESIGN IN THE E-HEALTH CARE SECTOR: THEORETICAL AND APPLIED PERSPECTIVES
Bincoletto, Giorgia UL

Doctoral thesis (2021)

In the digital age, e-health technologies play a pivotal role in the processing of medical information. As personal health data represents sensitive information concerning a data subject, enhancing data ... [more ▼]

In the digital age, e-health technologies play a pivotal role in the processing of medical information. As personal health data represents sensitive information concerning a data subject, enhancing data protection and security of systems and practices has become a primary concern. In recent years, there has been an increasing interest in the concept of privacy by design (PbD), which aims at developing a product or a service in a way that it supports privacy principles and rules. In the European Union, Article 25 of the General Data Protection Regulation provides a binding obligation of implementing data protection by design (DPbD) technical and organisational measures. This thesis explores how an e-health system could be developed and how data processing activities could be carried out to apply data protection principles and requirements from the design stage. Currently, there is a lack of clarity and knowledge on the topic for developers, data controllers and stakeholders. The research attempts to bridge the gap between the legal and technical disciplines on DPbD by providing a set of guidelines for the implementation of the principle in the e-health care sector. The research is based on literature review, legal and comparative analysis, and investigation of the existing technical solutions and engineering methodologies. So, this thesis uses both legal comparison and the interdisciplinary method. The work can be differentiated by theoretical and applied perspectives. First, it critically conducts a legal analysis on the principle of PbD and it studies the DPbD legal obligation and the related provisions. Later, the research contextualises the rule in the health care field by investigating the applicable legal framework for personal health data processing. Moreover, the research focuses on the US legal system by conducting a comparative analysis since PbD is an international principle and in the US federal law there is a specific rule for the e-health care sector that mandates the implementation of technical and organisational safeguards. Adopting an applied perspective, the research investigates the existing technical methodologies and tools to design data protection and it proposes a set of comprehensive DPbD organisational and technical guidelines for a crucial case study, that is an Electronic Health Record system. [less ▲]

Detailed reference viewed: 25 (7 UL)