Are the Healthcare Institutions Ready to Comply with Data Traceability Required by GDPR? A Case Study in a Portuguese Healthcare Organization

Cátia Santos-Pereira; Cátia Santos-Pereira; Alexandre B. Augusto; José Castanheira; Tiago Morais; Ricardo Correia; Ricardo Correia

SciTePress - Publication Details

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Are the Healthcare Institutions Ready to Comply with Data Traceability Required by GDPR? A Case Study in a Portuguese Healthcare Organization

Topics: Confidentiality and Data Security; Ehealth; Electronic Health Records and Standards; Interoperability and Data Integration; Medical Informatics

In Proceedings of the 13th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5: BIOSTEC, 555-562, 2020 , Valletta, Malta

Authors: Cátia Santos-Pereira ^{1

;

2} ; Alexandre B. Augusto ² ; José Castanheira ³ ; Tiago Morais ³ and Ricardo Correia ^{4

;

2}

Affiliations: ¹ Faculdade de Engenharia da Universidade do Porto, Porto, Portugal ; ² HealthySystems, Porto, Portugal ; ³ Unidade Local de Saúde de Matosinhos, Porto, Portugal ; ⁴ CINTESIS – Centro de Investigação em Tecnologias e Serviços de Saúde, Porto, Portugal

Keyword(s): Audit-trail, Audit-log, GDPR, Security, Data Privacy, Traceability, Healthcare.

Abstract: GDPR introduces a new concept: ”Data protection by design and per default” for new software development however legacy systems will also have to adapt in order to comply. This creates great pressure on health care institutions, namely hospitals, and software producers to provide data protections and traceability mechanisms for their current and legacy systems. The aim of this work is to understand the maturity level of a Portuguese Healthcare Organization in their audit records to comply with GDPR article 30 and 32 since healthcare organization operate in a daily-basis with personal data. This study was performed with the partnership of a public Portuguese healthcare organization and were organized into three main phases: (1) data collection of all information systems that operate with personal data; (2) interviews with IT professionals in order to retrieve the necessary knowledge for each information system and (3) analysis of the collected data and its conclusions. This study helpe d to identify a need inside this organization and to determine a follow-up plan to overpass this challenge. However it also identified some constrains like financial budget, legacy systems, small team of IT professionals in the organization and difficulties in establish communication with information system providers. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 8.209.245.224

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Santos-Pereira, C., Augusto, A. B., Castanheira, J., Morais, T. and Correia, R. (2020). Are the Healthcare Institutions Ready to Comply with Data Traceability Required by GDPR? A Case Study in a Portuguese Healthcare Organization. In Proceedings of the 13th International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC 2020) - HEALTHINF; ISBN 978-989-758-398-8; ISSN 2184-4305, SciTePress, pages 555-562. DOI: 10.5220/0009000405550562

@conference{healthinf20,
author={Cátia Santos{-}Pereira and Alexandre B. Augusto and José Castanheira and Tiago Morais and Ricardo Correia},
title={Are the Healthcare Institutions Ready to Comply with Data Traceability Required by GDPR? A Case Study in a Portuguese Healthcare Organization},
booktitle={Proceedings of the 13th International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC 2020) - HEALTHINF},
year={2020},
pages={555-562},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009000405550562},
isbn={978-989-758-398-8},
issn={2184-4305},
}

TY - CONF

JO - Proceedings of the 13th International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC 2020) - HEALTHINF
TI - Are the Healthcare Institutions Ready to Comply with Data Traceability Required by GDPR? A Case Study in a Portuguese Healthcare Organization
SN - 978-989-758-398-8
IS - 2184-4305
AU - Santos-Pereira, C.
AU - Augusto, A.
AU - Castanheira, J.
AU - Morais, T.
AU - Correia, R.
PY - 2020
SP - 555
EP - 562
DO - 10.5220/0009000405550562
PB - SciTePress