Confidentiality of Electronic Health Data: Methods for Protecting Personally Identifiable Information. Risk Analysis & Contingency Planning

07/03/1996

Bakker AR. Benefits and threats of new technologies. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 191-6. (Studies in health technology and informatics; vol. 1).

Bakker AR. Computers in hospitals, vulnerability aspects. In: Adlassnig KP, Grabner G, Bengtsson S, Hansen R, editors. Medical Informatics Europe 1991. Proceedings; 1991 Aug 19-22; Vienna, Austria. Berlin: Springer-Verlag; 1991. p. 62-6. (Lecture notes in medical informatics; 45).

Barber B. Are your systems securely engineered? Br J Healthc Comput Inf Manag 1995 Apr;12(3):30-1.

Barber B, Davey J. Approaching safe and secure health information systems in Europe. Comput Methods Programs Biomed 1994 Jul;44(1):23-9.

Barber B, Davey J. The use of the CCTA risk analysis and management methodology (CRAMM) in health information systems. In: Lun KC, Degoulet P, Piemme TE, Rienhoff O, editors. MEDINFO 92. Proceedings of the 7th World Congress on Medical Informatics; 1992 Sep 6-10; Geneva, Switzerland. Vol. 2. Amsterdam: North- Holland; 1992. p. 1589-93.

Barber B, Fairey M. Attack and defence: NHS security and data protection programme. Br J Healthc Comput Inf Manag 1995 Jul;12(6):30-2.

Berleur J, Beardon C, Laufer R, editors. Proceedings of the IFIP WG9.2 Working Conference on Facing the Challenge of Risk and Vulnerability in an Information Society; 1993 May 20-22; Namur, Belgium. Amsterdam: Elsevier Science Pub.; 1993. 311 p. (IFIP Transactions A (Computer Science and Technology); vol.A-33).

Brandt M. Confidentiality today: where do you stand? J AHIMA 1993 Dec;64(12):59-62.

Cloud AC. An EDP audit with a twist. Inf Exec 1990 Fall;3(4):14-5.

Cox TP. The 'paperless' physician office: a risk management perspective. J Healthc Risk Manag 1993 Fall;13(4):29-35.

Davey J. Risk analysis and management. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 350-9. (Studies in health technology and informatics; vol. 1).

Eleazar PY. Risks associated with clinical databases. Top Health Rec Manag 1991 Nov;12(2):49-58.

Ferraiolo DF, Gilbert DM, Lynch N. Assessing federal and commercial information security needs. Gaithersburg (MD): National Institute of Standards and Technology (US), Computer Systems Laboratory; 1992 Nov. Report No: NIST Internal Report (NISTIR) 4976. Available from: NTIS, Springfield, VA;PB93-138956.

Furnell SM, Sanders PW, Stockel CT. An expert system for health care data security: a conceptual outline. In: Ifeachor EC, Rosen KG, editors. Proceedings of the International Conference on Neural Networks and Expert Systems in Medicine and Healthcare.; 1994 Aug 23-26; Plymouth, UK. Plymouth (UK): Univ. of Plymouth; 1994. p. 346-52.

Gabrieli ER. Data security. J Clin Comput 1992;21(1-2):17-41.

Gritzalis D, Tomaras A, Katsikas S, Keklikoglou J. Data security in medical information systems: the Greek case. Comput Secur 1991 Apr;10(2):141-59.

Liczbanski M. Protect your data! Data Based Advis 1992 May;10(5):114-24.

Louwerse CP. Practical aspects of handling data protection and data security. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 324-33. (Studies in health technology and informatics; vol. 1).

Miller D. Security, durability & portable computers. Healthc Inform 1993 May;10(5):72, 74.

Miller DW. Commonly overlooked information security issues. Toward Electron Patient Rec 1994 May;2(10):1, 3- 7.

Morris DC. It could never happen here! Comput Healthc 1990 Aug;11(8):38-44.

National Institute of Standards and Technology (US), Computer Systems Laboratory. Guideline for the analysis of local area network security. Gaithersburg (MD): The Institute; 1994 Nov. (Federal information processing standards; FIPS PUB 191). Available from: NTIS, Springfield, VA.

Pangalos GJ. Medical database security evaluation. Med Inf (Lond) 1993 Oct-Dec;18(4):283-92.

Picukaric JM. The computer-based patient record: risks, security, and the HIM role. J AHIMA 1992 Mar;63(3):78- 84.

Skok R. Security systems: malpractice insurance for healthcare organizations. J AHIMA 1993 Jan;64(1):51-2.

Warnock-Matheron A, Gruending DL, Hannah KJ. A risk management approach to the security of hospital information systems. Can J Nurs Adm 1993 May-Jun;6(2):22-4, 30.

Warren MJ, Sanders PW, Gaunt PN. Security criteria expert system concept: the healthcare application. In: Ifeachor EC, Rosen KG, editors. Proceedings of the International Conference on Neural Networks and Expert Systems in Medicine and Healthcare; 1994 Aug 23-26; Plymouth, UK. Plymouth (UK): Univ. Plymouth; 1994. p. 146-53.