Methods Inf Med 1993; 32(05): 349-356
DOI: 10.1055/s-0038-1634952
Original Article
Schattauer GmbH

Medical Database Security Policies

G. J. Pangalos
1   Computer Division, Faculty of Technology, General Department, Aristotelian University, Thessaloniki, Greece
› Author Affiliations
Further Information

Publication History

Publication Date:
08 February 2018 (online)

Abstract

Database security plays an important role in the overall security of medical information systems. Security does not only involve fundamental ethical principles such as privacy and confidentiality, but is also an essential prerequisite for effective medical care. The general framework and the requirements for medical database security are presented. The three prominent proposals for medical database security are discussed in some detail, together with specific proposals for medical database security. A number of parameters for a secure medical database development are presented and discussed, and guidelines are given for the development of secure medical database systems.

 
  • REFERENCES

  • 1 Land T. Security in database systems. Corn-put Security J 1992; 01: 41-6.
  • 2 Biskup J. Medical database security. In: Data Protection and Confidentiality in Health Informatics, . Amsterdam: IOS Press; 1991
  • 3 Campbell J. A research and development program for distributed DBMSs. In: Jajoda S. ed. Database Security TV, . Amsterdam: North-Holland Publ Comp; 1991: 381-94.
  • 4 Pangalos G. Security in Medical Database Systems. SEISMED project report No INT/ S. 3/92. Brussels: EEC; 1992
  • 5 Jajodia S, Landwehr C. eds. Database Security IV. . Amsterdam: North-Holland Publ Comp; 1991
  • 6 EEC/DGXII, ed. Data Protection and Confidentiality in Health Informatics. . Amsterdam: IOS Press; 1991
  • 7 Landwehr C. ed. Database Security II: Status and Prospects. Amsterdam: North-Holland Publ Comp; 1989
  • 8 Fugini M. Secure database development methodologies. In: Landwehr C. ed. Database Security II: Status and Prospect. Amsterdam: North-Holland Publ’ Comp; 1989: 123-9.
  • 9 Biskup J. Medical database security. Proceedings GI-20. . Heidelberg: Springer Ver-lag; 1990: 212-21.
  • 10 Department of Defense Trusted Computer System Evaluation Criteria. . Washington DC: DoD 5200.28-STD; 1985
  • 11 Information Technology Evaluation Criteria . (ITSEC) (version 1.2). EEC Document, Brussels. June 1991
  • 12 Draft Trusted BDMS Interpretation of the DoD Trusted Computer System Evaluation Criteria. . Washington DC: National Computer Security Center; 1989
  • 13 Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria. . Washington DC: National Computer Security Center; NCSC-TG-005, 1987
  • 14 Information Technology Security Evaluation Manual . (ITSEM) (Draft). Brussels: EEC; 1992
  • 15 Graubart R. A comparison of three secure DBMS architectures. In: Spooner D, Landwehr C. Database Security III. . Amsterdam: North-Holland Publ Comp; 1990
  • 16 Zloof M. Query by example: a database language. IBM Systems J 1977; 16: 324-43.
  • 17 Spooner D, Landwehr C. eds. Database Security III. . North-Holland Publ Comp. 1990
  • 18 Biscup J. Analysis of the privacy model for the information system DORIS. In: Landwehr C. ed. Database Security II: Status and prospects. . Amsterdam: North-Holland Publ Comp; 1989: 123-40.
  • 19 Marel JV, Bakker Ar. User access rights in an integrated hospital information system. In: Van Bemmel JH, Ball M, Wigertz O. eds. MEDINFO 83. Amsterdam: North-Holland Publ Comp; 1988: 963-9.
  • 20 Biskup J. A general framework for database security. Proceedings EROSICS. . Toulouse, France; 1990: 35-41.
  • 21 Ting T. Application information security semantics: A case of mental health delivery. In: Spooner D, Landwehr C. eds. Database Security III. . Amsterdam: North-Holland Publ Comp; 1990: 1-12.
  • 22 Landwehr C. The best available technologies for computer security. IEEE Computer 1983; 16: 86-95.