In healthcare a multiplicity of actors needs to access and share patients’ data while being compliant with policies defined by data protection legislation. Building frameworks to enable stakeholders to design and develop data-sharing mechanisms in compliance with legislations is a challenging task. In this work, we propose a methodology and a platform called CHINO, inspired by Privacy by Design principles, to guide the involved stakeholders during the definition of data-sharing processes by using visual representations such as Business Process Modelling (BPM). BPM enables the stakeholders to reason and share their understanding about privacy aspects from early analysis phases, while CHINO platform provides the execution framework for the defined BPM processes and privacy policies. To prove the CHINO efficacy, we show how policies extracted from legislations can be modelled and executed and we report our studies with end-users with whom we validated the system usability. We analyse also CHINO from a legal point of view and its compliance with data protection legislations.

Enabling Privacy by Design in Medical Records Sharing / Stevovic, Jovan; Bassi, Eleonora; Giori, Alessio; Casati, Fabio; Armellin, Giampaolo. - STAMPA. - 20:(2015), pp. 385-406. [10.1007/978-94-017-9385-8_16]

Enabling Privacy by Design in Medical Records Sharing

Stevovic, Jovan;Bassi, Eleonora;Casati, Fabio;
2015-01-01

Abstract

In healthcare a multiplicity of actors needs to access and share patients’ data while being compliant with policies defined by data protection legislation. Building frameworks to enable stakeholders to design and develop data-sharing mechanisms in compliance with legislations is a challenging task. In this work, we propose a methodology and a platform called CHINO, inspired by Privacy by Design principles, to guide the involved stakeholders during the definition of data-sharing processes by using visual representations such as Business Process Modelling (BPM). BPM enables the stakeholders to reason and share their understanding about privacy aspects from early analysis phases, while CHINO platform provides the execution framework for the defined BPM processes and privacy policies. To prove the CHINO efficacy, we show how policies extracted from legislations can be modelled and executed and we report our studies with end-users with whom we validated the system usability. We analyse also CHINO from a legal point of view and its compliance with data protection legislations.
2015
Reforming European Data Protection Law
Dordrecht
Springer
978-94-017-9384-1
978-94-017-9385-8
978-94-017-9384-1
978-94-017-9385-8
Stevovic, Jovan; Bassi, Eleonora; Giori, Alessio; Casati, Fabio; Armellin, Giampaolo
Enabling Privacy by Design in Medical Records Sharing / Stevovic, Jovan; Bassi, Eleonora; Giori, Alessio; Casati, Fabio; Armellin, Giampaolo. - STAMPA. - 20:(2015), pp. 385-406. [10.1007/978-94-017-9385-8_16]
File in questo prodotto:
File Dimensione Formato  
327993_1_En_16_Reviewed.pdf

accesso aperto

Descrizione: articolo principale
Tipologia: Post-print referato (Refereed author’s manuscript)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 575.58 kB
Formato Adobe PDF
575.58 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/118971
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact