Data privacy in interoperability environments – a case study in the Portuguese healthcare sector

Secundino Lopes, Rui Quaresma

Resumo


Data sharing between organizations through interoperability initiatives involving multiple information systems is fundamental to promote the collaboration and integration of services. However, in terms of data, the considerable increase in its exposure to additional risks, require a special attention to issues related to privacy of these data. For the Portuguese healthcare sector, where the sharing of health data is, nowadays, a reality at national level, data privacy is a central issue, which needs solutions according to the agreed level of interoperability between organizations. This context led the authors to study the factors with influence on data privacy in a context of interoperability, through a qualitative and interpretative research, based on the method of case study. This article presents the final results of the research that successfully identifies 10 subdomains of factors with influence on data privacy, which should be the basis for the development of a joint protection program, targeted at issues associated with data privacy.


Texto Completo:

PDF

Referências


APDSI, “O Tratamento de Dados Pessoais em Portugal. Breve Guia Prático” , http://www.apdsi.pt, 2014

Appari, A. Johnson, M. E. “Information security and privacy in healthcare: current state of research”. International Journal of Internet and Enterprise Management, ed., p. 279v. 6, http://www.inderscience.com/link.php?id=35624 , 2010.

Art. 29 WP, “The Future of Privacy. Joint contribution to the Consultation of the European Commission on the legal framework for the fundamental right to protection of personal data. Adopted on 01 December 2009”

http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2009/wp168_en.pdf , 2009

Art. 29 WP, “Opinion 3/2010 on the principle of accountability, 00062/10/PT WP 173” http://ec.europa.eu/justice/policies/privacy/index_en.htm , , 2010a

Art. 29 WP, “Opinion 1/2010 on the concepts of ‘controller’ and ‘processor’, 00264/10/EN WP 169” ,

http://ec.europa.eu/justice/policies/privacy/index_en.htm , , 2010b

Berger, D. W., “What Healthcare CEO’s Need to Know about IT Security Risk” , http://www.redspin.com/healthcare, 2014

Biesdorf, S. Niedermann, F., “Healthcare’s digital future”health care systems and services

http://www.mckinsey.com/insights/health_systems_and_services/healthcares_digital_future , 2014

Caldeira, M. M. Romão, M. J. B. “Estratégias de investigação em sistemas de informação organizacionais - a utilização de métodos qualitativos”. Portuguese Journal of Management Studies, ed., p. 77–97v. 0, http://ideas.repec.org/a/pjm/journl/vviiy2002i1p77-97.html , 2002.

Cavoukian, A. “PRIVACY BY DESIGN … TAKE THE CHALLENGE”. ed. Information and Privacy Commissioner of Ontario, Canada, .

Cleff, B. E. “Privacy Issues in Mobile Advertising”. International Review of Law, Computers & Technology, ed., p. 225–236v. 21, http://www.tandfonline.com/doi/abs/10.1080/13600860701701421 , 2007.

ENISA, “Privacy, Accountability and Trust – Challenges and Opportunities” ,

http://www.enisa.europa.eu/activities/identity-and-trust/privacy-and-trust/library/deliverables/pat-study , , 2011

EpSOS, “Smart Open Services for European Patients, Open eHealth initiative for a European large scale pilot of Patient Summary and electronic Prescription, D3.3.3 epSOS, epSOS Interoperability Framework”, http://www.epsos.eu/, 2010

Ernst & Young, “Privacy trends 2012. The case for growing accountability” , http://www.ey.com/ , 2012

European Union. “DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data”. Official Journal of the European Union, ed., p. 0031 – 0050, 1995.

Frissen, V. et al., “The Future of eGovernment. An exploration of ICT-driven models of eGovernment for the EU in 2020” (D. Osimo, D. Zinnbauer, A. Bianchi, Eds.) , http://www.jrc.ec.europa.eu, 2007

Fugini, M. Mezzanzanica, M., “Development of a Security Methodology for Cooperative Information Systems: the CooPSIS Project” , http://is2.lse.ac.uk/asp/aspecis/20030054.pdf, 2003

Gasser, U. Palfrey, J. “BREAKING DOWN DIGITAL BARRIERS. When and How ICT Interoperability Drives Innovation”. Berkman Center for Internet & Society at Harvard University, ed.,

http://cyber.law.harvard.edu/interop , 2007.

GDPR. “Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals with regard to the processing of personal data and on the free movement of such data(General Data Protection Regulation)” http://ec.europa.eu/justice/dataprotection/

document/review2012/com_2012_11_en.pdf , 2012

Gottschalk, P. “Maturity levels for interoperability in digital government”. Government Information Quarterly, ed., p. 75–81v. 26, , http://linkinghub.elsevier.com/retrieve/pii/S0740624X08000683 , 2009.

Haux, R. “Health information systems - Past, present, future”. International Journal of Medical Informatics, ed., p. 268–281v. 75, 2006.

Hunton & Williams, “Data Protection Accountability: The Essential Elements A Document for Discussion” ,

http://www.huntonfiles.com/files/webupload/CIPL_Galway_Accountability_Paper.pdf , 2009

ICO, “Privacy by Design”UK Information Commissioner’s Office , https://ico.org.uk/for-organisations/guide-to-dataprotection/privacy-by-design/ , 2008

ICO, “Privacy Impact Assessment Handbook version 2” , http://www.adls.ac.uk/wp-content/uploads/2011/08/PIAhandbook.pdf , 2009

IEEE. “IEEE Standard Glossary of Software Engineering Terminology”Officep. 1v. 121990,

http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=159342 , 1990

ISO/IEC. “ISO/IEC 27005:2008(E) Information technology — Security techniques — Information security risk management”v. 2008ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission), http://www.iso.org , 2008

Jericho Forum, “Principles for Managing Data Privacy”: Position Paper ,

http://www.opengroup.org/getinvolved/forums/jericho , 2007

Kahn, S. Sheshadri, V. “Medical record privacy and security in a digital environment”. IT Professional, ed., p. 46–52v.10, 2008.

Miles, M. B. Huberman, A. M. “Qualitative Data Analysis. An Expanded Sourcebook”. ed. SAGE Publications, Inc, .

Myers, M. D. “Qualitative Research in Information Systems”. MIS Quarterly, ed., p. 241–242v. 21, http://www.qual.auckland.ac.nz/ , 1997.

NETHA, “NEHTA’s Approach to Privacy Version 1.0” , www.nehta.gov.au , 2006

Otjacques, B. Hitzelberger, P. Feltz, F. “Interoperability of E-Government Information Systems: Issues of Identification and Data Sharing”. Journal of Management Information Systems, ed., p. 29–51v. 23, ,

http://mesharpe.metapress.com/openurl.asp?genre=article&id=doi:10.2753/MIS0742-1222230403 , 2007.

Patrício, L. Brito, A. “O desenho da Plataforma de Dados da Saúde (PDS) ao serviço dos cuidados e dos profissionais de saúde”. Tecno Hospital no53. Revista de Engenharia e Gestão da Saúde, ed., p. 16–19, 2012.

Plummer, A. A. “Information Systems Methodology for Building Theory in Health Informatics: The Argument for a Structured Approach to Case Study Research”. 34th Hawaii International Conference on System Sciencesp. 1–10v. 00IEEE Computer Society,2001

Skinner, G. Han, S. Chang, E. “An Introduction to a Taxonomy of Information Privacy in Collaborative Environments”.

th WSEAS International Conference on Applied Computer Sciencep. 981–986v. 2006,

http://www.fit.cbs.curtin.edu.au/ , 2006

Soares, D. Amaral, L. “Reflections on the Concept of Interoperability in Information Systems”. Proceedings of the 16th

International Conference on Enterprise Information Systems, ed., p. 331–339,

http://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0004969703310339 , 2014.

Tolk, A. Aaron, R. D. “Addressing Challenges of Transferring Explicit Knowledge, Information, and Data in Large Heterogeneous Organizations: A Case Example from a Data-Rich Integration Project at the U.S. Army Test and Evaluation Command”. Engineering Management Journal, ed., v. 22, 2010.

Waldo, J. Lin, H. S. Millett, L. I. “Engaging Privacy and Information Technology in a Digital Age Engaging Privacy and Information Technology in a Digital Age: Executive Summary”. Journal of Privacy and Confidentiality, ed., p. 5–18v. 2, http://repository.cmu.edu/jpc/vol2/iss1/ , 2010.

Xu, H. et al. “Examining the Formation of Individual’s Privacy Concerns: Toward an Integrative View”. International Conference on Information Systems (ICIS)AIS Electronic Library (AISeL),

http://aisel.aisnet.org/cgi/viewcontent.cgiarticle=1210&context=icis2008 , 2008

Yin, R. K. “Case Study Research: Design and Methods, 4rd Edition (Applied Social Research Methods, Vol. 5)”. ed.




DOI: http://dx.doi.org/10.18803/capsi.v16.043-054

Apontamentos

  • Não há apontamentos.