EUropean Best Information through Regional Outcomes in Diabetes Privacy and Disease Registries Technical Aspects Peter Beck JOANNEUM RESEARCH, Austria.

Slides:

Advertisements

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Grid Security. Typical Grid Scenario Users Resources.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Applied Cryptography for Network Security

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Chapter 10: Authentication Guide to Computer Network Security.

Session 11: Security with ASP.NET

Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Chapter 21 Distributed System Security Copyright © 2008.

Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Security in ebXML Messaging CPP/CPA Elements. Elements of Security P rivacy –Protect against information being disclosed or revealed to any entity not.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Securing Data in Transit and Storage Sanjay Beri Co-Founder & Senior Director of Product Management Ingrian Networks.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.

Access Control / Authenticity Michael Sheppard 11/10/10.

Digital Signatures and Digital Certificates Monil Adhikari.

Jump to first page Internet Security in Perspective Yong Cao December 2000.

April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

Information Systems Design and Development Security Precautions Computing Science.

The technology behind the USPS EPM. AND COMPLIANCE March 25, 2004 Adam Hoffman.

TAG Presentation 18th May 2004 Paul Butler

Security Issues in Information Technology

Computer Communication & Networks

TAG Presentation 18th May 2004 Paul Butler

IS3230 Access Security Unit 9 PKI and Encryption

Security in ebXML Messaging

Presentation transcript:

EUropean Best Information through Regional Outcomes in Diabetes Privacy and Disease Registries Technical Aspects Peter Beck JOANNEUM RESEARCH, Austria 2° EUBIROD Meeting Brussels January 2011

Factors = Key Elements of Data Protection  The key elements of data protection (FACTORS) identified in the management of diabetes registries are as follows: A1. Accountability of personal information A2. Collection of Personal Information A3. Consent A4. Use of Personal Information A5. Disclosure and Disposition of Personal Information A6. Accuracy of Personal Information A7. Safeguarding Personal Information A8. Openness A9. Individual Access to Personal Information A10. Challenging Compliance A11. Anonymization Process for Secondary Uses of Health Data

Introduction to Cryptography Conventional Cryptography

Introduction to Cryptography Public Key Cryptography

Introduction to Cryptography Digital Signatures

Introduction to Cryptography Hash Functions and Digital Signatures

=facilitate establishing whether a public key truly belongs to the purported owner =a public key + owner identity information  signed together Introduction to Cryptography Digital Certificates

Public Key Infrastructure Certification Authority – Issue certificates Verify identity – Keep a list of (valid) certificates – Certificate revocation Web of Trust (PGP)

Security Key Concepts Communication Security Services Authenticity Authorization / Access Control Integrity Confidentiality Non-Repudiation

Security Key Concepts Authenticity = verifying a claim of identity e.g. Airport: I am John Doe, I want to fly to Brussels  Passport something you know, something you have, or something you are username password (cryptographic) key challenge-response biometrics Protection mechanisms TAN

Security Key Concepts Authorization / Access Control =Apply and configure mechanisms to enforce administrative policies Protection Mechanisms Access Control List + Role based access control  (e.g. file system, DBs, Web-Apps) Capabilities Data input Physician Local Administrator Global Administrator Administer Centers Import Data Administer Staff Create Reports Execute Analyses Enter Data Sheets Administer Patients Login

Security Key Concepts Integrity =Avoid undetected modification of data Protection mechanism – message integrity Message Digests (Hashing) Protection mechanism – communication stream integrity Sequence Numbers Time Stamps

Security Key Concepts Confidentiality =Prevent the disclosure of information to unauthorized individuals or systems Protection mechanism symmetric or asymmetric encryption

Security Key Concepts Non-Repudiation =implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction Protection mechanism digital signatures  time stamp, notarization

Safeguarding Data How can you protect your data and software? Use and maintain anti-virus software and a firewall Regularly scan your computer (viruses, spyware…) Keep software up to date Evaluate your software's settings Avoid unused software programs Create separate user accounts Establish guidelines for computer use Use passwords and encrypt sensitive files Set up and follow corporate policies for handling and storing data Dispose of sensitive information properly Follow good security habits

Anonymisation I =Make it impossible to establish or indicate who or what (someone or something) is remove any direct identifiers (SSN, name, DOB…) replace direct identifiers by indirect patient IDs (Pseudonymisation) – requires a trusted third party  reversible pseudonymisation (encryption with a key)  irreversible pseudonymisation (hash, …)

Anonymisation II ensure that any combination of data cannot identify an individual – not easy, especially for sparse data  k-anonymity use aggregated data only (no individual data sets) – all analyses have to be done in line with data source – further calculatons not possible

Data flow throgh Trusted Third Party (the case of the Disease Management Program in Austria) Physician officeHealth Information Network Social Insurance Internet DMP Medical Data Repository Physician Software Browser Terminal Stand-alone Client Data Centre GINA e-card Central System Social Insurance online Portal Pseudonymi- sation centre DMP Administration Software Documentation Prepare Data: Check, Split Administrative and Risk Data Clinical Data: Sign+Encrypt Data Transmission Administrative + Risk Data SSN Risk Data SSN Risk Data Clinical Data SSN Clinical Data Pseudo- nym SSN Clinical Data Pseudo- nym Sign+ Submit Risk Data Clinical Data

Local Aggregation of Data (the case of the BIRO Reporting Architecture) BIRO Central Reporting Partner Work Conversion Source Dataset Local BIRO Database Engine Statistical Analysis Aggregated Data „Statistical Objects“ |A|12|1|5| |B|18|2|6| |C|16|1|4| Sender Central BIRO System Authenticated, Signed & Encrypted Communication Regional Data Processing Regional Register BIRO Database Receiver ReportBIRO Central Engine

Tanks for your attention!