TY - GEN
T1 - Privacy preserving event driven integration for interoperating social and health systems
AU - Armellin, Giampaolo
AU - Betti, Dario
AU - Casati, Fabio
AU - Chiasera, Annamaria
AU - Martinez, Gloria
AU - Stevovic, Jovan
PY - 2010
Y1 - 2010
N2 - Processes in healthcare and socio-assistive domains typically span multiple institutions and require cooperation and information exchange among multiple IT systems. In most cases this cooperation today is handled "manually" via document exchange (by email, post, or fax) and in a point-to-point fashion. One of the reasons that makes it difficult to implement an integrated solution is that of privacy, as health information is often sensitive and there needs to be a tight control on which information is sent to who and on the purpose for which it is requested and used. In this paper we report on how we approached this problem and on the lessons learned from designing and deploying a solution for monitoring multi-organization healthcare processes in Italy. The key idea lies in combining a powerful monitoring and integration paradigm, that of event bus and publish/subscribe systems on top of service-oriented architectures, with a simple but flexible privacy mechanism based on publication of event summaries and then on explicit requests for details by all interested parties. This approach was the first to overcome the privacy limitations defined by the laws while allowing publish/subscribe event-based integration.
AB - Processes in healthcare and socio-assistive domains typically span multiple institutions and require cooperation and information exchange among multiple IT systems. In most cases this cooperation today is handled "manually" via document exchange (by email, post, or fax) and in a point-to-point fashion. One of the reasons that makes it difficult to implement an integrated solution is that of privacy, as health information is often sensitive and there needs to be a tight control on which information is sent to who and on the purpose for which it is requested and used. In this paper we report on how we approached this problem and on the lessons learned from designing and deploying a solution for monitoring multi-organization healthcare processes in Italy. The key idea lies in combining a powerful monitoring and integration paradigm, that of event bus and publish/subscribe systems on top of service-oriented architectures, with a simple but flexible privacy mechanism based on publication of event summaries and then on explicit requests for details by all interested parties. This approach was the first to overcome the privacy limitations defined by the laws while allowing publish/subscribe event-based integration.
KW - EDA
KW - interoperabilty
KW - privacy enforcement
KW - SOA
UR - http://www.scopus.com/inward/record.url?scp=78649835863&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78649835863&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-15546-8_5
DO - 10.1007/978-3-642-15546-8_5
M3 - Conference contribution
AN - SCOPUS:78649835863
SN - 3642155456
SN - 9783642155451
VL - 6358 LNCS
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 54
EP - 69
BT - Secure Data Management - 7th VLDB Workshop, SDM 2010, Proceedings
T2 - 7th VLDB Workshop on Secure Data Management, SDM 2010
Y2 - 17 September 2010 through 17 September 2010
ER -