A Security Model for Virtual Healthcare Communities

Abstract

Virtual healthcare communities aim in bringing together healthcare ­professionals and patients in order to further improve the quality of healthcare services and assist healthcare professionals and researchers in their everyday activities. Patient monitoring and medical consultation – the two most popular activities inside virtual healthcare communities – require members’ collaboration in a secure and reliable environment. In this environment, patients share their medical data with doctors, expect confidentiality, and demand reliable medical consultation. Apart from a concrete policy framework, several ethical, legal, and technical issues must be considered in order to build a trustful community. This work presents the architecture of a virtual healthcare community portal, giving emphasis on the security issues that arise when attempting to manage risk inside such a community. Following a standardized risk assessment process, which identifies, estimates, and evaluates all potential security risks for the community, a security model is developed, and the community architecture is designed. Finally, a set of usage scenarios, with reference to real events, is employed in order to uncover security risks and illustrate the solutions provided by the proposed architecture.