Title: A risk management model for securing virtual healthcare communities

Authors: Anargyros Chryssanthou; Iraklis Varlamis; Charikleia Latsiou

Addresses: Hellenic Data Protection Authority, Auditors Department, 1-3, Kifissias Avenue, Ampelokipoi, Greece. ' Harokopio University of Athens, Department of Informatics and Telematics, 89, Harokopou St., Greece. ' Hellenic Data Protection Authority, Auditors Department, 1-3, Kifissias Avenue, Ampelokipoi, Greece

Abstract: Virtual healthcare communities aim to bring together healthcare professionals and patients, improve the quality of healthcare services and assist healthcare professionals and researchers in their everyday activities. In a secure and reliable environment, patients share their medical data with doctors, expect confidentiality and demand reliable medical consultation. Apart from a concrete policy framework, several ethical, legal and technical issues must be considered in order to build a trustful community. This research emphasises on security issues, which can arise inside a virtual healthcare community and relate to the communication and storage of data. It capitalises on a standardised risk management methodology and a prototype architecture for healthcare community portals and justifies a security model that allows the identification, estimation and evaluation of potential security risks for the community. A hypothetical virtual healthcare community is employed in order to portray security risks and the solutions that the security model provides.

Keywords: information security; virtual communities; ISO 27000 standards; risk assessment; risk management; virtual healthcare; web based communities; security risks; online communities.

DOI: 10.1504/IJEH.2011.044344

International Journal of Electronic Healthcare, 2011 Vol.6 No.2/3/4, pp.95 - 116

Published online: 19 Dec 2011 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article