biomedical data: their acquisition, storage & use. - security and privacy
DESCRIPTION
Introduction to some essential Concepts for Biomedical Computing. Focus on Security and Privacy.TRANSCRIPT
Data
Information
KNOWLEDGE
Biomedical Data: Their Acquisition, Storage & Use
The Data-to-Knowledge Spectrum (data, information, knowledge)
CONSTANTLY EVOLVING CYCLE : KNOWLEDGE CHANGES
EXAMPLE:
Data is the raw facts obtained e.g. My blood pressure is 150/90.
Information is outcome of analyzing data e.g.: My blood pressure is high.
Knowledge is obtained from analyzing information e.g. hypertension is diagnosed when blood pressure is higher that 150/90.
Essential Concepts for Biomedical Computing
Hardware
o Servers // Many Users interacting
o Personal Computers // One User
o Workstations // One user – difference with PCs is: higher performance and better processing for specific tasks
SERVERS
WORKSTATION
PC, Tablets
& Mobile
Essential Concepts for Biomedical Computing
Software
o Programming Languages (MUMPS | Java, C, Perl, PSL…)
o Data Management
o Operating Systems
o Database Management Systems
o Software for Network Communication
BiomedicalComputing:Security
Privacy, Confidentiality, and Security
o Privacy: Control of disclosure of personal health and other information
o Confidentiality: Ability of a person to release or not their personal health information to a doctor, a care provider etc.
E.g. Asking to limit further release or use of the given information
o Security: Protection of Privacy and confidentiality through a series of policies, procedures and safeguards. Control access to the systems and informations
Essential Concepts for Biomedical Computing
Maintaining Security: Parameters
o Availability
o Accountability
o Perimeter
o Role-limited access
o Comprehensibility and control
Maintaining Security: Parameters
o Availability: Ensures accurate and up to date information is available when needed.
o Accountability: Users are responsible for their access and usage of the data. Based on a documented “need to know” and “right to know”
o Perimeter definition: Allows the system to set boundaries of trusted access to an information on the system both physically and logically
Maintaining Security: Parameters
o Role-limited access: Enables access for personnel to only access the information they need and limits access beyond their legitimate need.
o Comprehensibility and control: Ensures that record owners, data stewards and patients can understand and have control over aspects of information confidentiality and access.
New Definition:
Data Stewards Vs Data Custodians
Data Stewards are responsible for what is stored in a data field, while Data Custodians are responsible for the technical environment and database structure.
INFORMATION SYSTEM: Simplified Diagram
ISs can be described as organizational and management solutions to challenges posed by the environment.
Organization
Technology
ManagementInformatio
nSystem