 Beijing Law Review, 2012, 3, 145-151 http://dx.doi.org/10.4236/blr.2012.34020 Published Online December 2012 (http://www.SciRP.org/journal/blr) 145 Regulatory Privacy Protection for Biomedical Cloud Computing Y. Tony Yang1, Kari Borg2 1Department of Health Administration and Policy, George Mason University, Fairfax, USA; 2Department of Ophthalmology, Poly- clinic, Seattle, USA. Email: ytyang@gmu.edu Received August 7th, 2012; revised September 4th, 2012; accepted September 15th, 2012 ABSTRACT This article provides background information on biomedical cloud computing. It examines the privacy concerns that arise from the use of biomedical cloud computing services and then surveys the current state of regulatory privacy safe- guards for patients and consumers of these services both in the US and abroad. Finally, it identifies opportunities for legal and technological mechanisms to be implemented or reinforced so that patients and consumers are not forced to lose control of their information when they use biomedical cloud computing services. Keywords: Privacy; Law; Regulation; Biomedicine; Cloud Computing 1. Introduction Advances in technology and progressions in web-based software have led to the ability to share information with ease and efficiency. In relation to health care, this has created the ability to access patient’s electronic medical records from virtually anywhere. Health care professionals now have the capability to save more lives with faster access to pertinent medical information. Medical resear- chers have also been utilizin g this technology to compile data as well as allow other users the right to use the data for further exploration. These researchers are now gather- ing data from a virtual storage facility where they are able to store information and permit other researchers to access it as well. This form of storing data is known as “cloud computing”: operates through a third party orga- nization that monitors the use, security, and accessibility of the stored data. While this has created major innova- tions in health care research, it brings up a serious con- cern regarding patient privacy and confidentiality. Re- cords of patients’ personal medical histories, as well as other identifying data, have a high risk of being abused when stored in the cloud. Patient data is now in a com- plex, virtual world that is constantly threatened by hac- kers and internal b reaches in security. This ongo ing issue has created debate on how to properly protect patient pri- vacy while still allowing professionals to have the access they need to important data. 2. Biomedical Cloud Computing Biomedical data is increasingly being stored on the “cloud”. The cloud allows for multiple users to access a shared data for research much faster than ever before. Data that used to take researchers months to gather can now be extracted from the cloud in minutes or even seconds (Crawford [1]). One example of a biomedical cloud is that of Ohio State University. They have created a cloud system known as the Translational Research Informatics and Data management grid or “TRIAD” (Crawford [1]). This software was developed to allow most forms of bio- medical data to be uploaded and stored in this cloud, with software then interpreting the data into a standard uni- versal language (Crawford [1]). “When it comes to bio- medical research, you have the digital equivalent of the Tower of Babel. One piece is written in French. And another is written in Russian . And maybe a third compo- nent is in Chinese,” says Philip R. O. Payne, a researcher and chair on the department of biomedical informatics at the Ohio State University (Crawford [1]). Researchers can now extract, upload and share data without the need to spend time and money on tran slatin g th e data into their own “ language”. United Health Inc. is also creating a new cloud aimed at merging the financial aspect of healthcare. For exam- ple, patients will have their billing combined from vari- ous locations regarding the same diagnosis or procedure that was done (Mathews [2]). UnitedHealth is also aim- ing at creating a cloud with data pooled from multiple electronic health records to allow doctors to see if their patient was seen elsewhere, as well as for emergency rooms seeking the entirety of their patients’ charts while treating them (Mathews [2]). These private health record Copyright © 2012 SciRes. BLR  Regulatory Privacy Protection for Biomedical Cloud Computing 146 systems are believed to improve doctor-patient commu- nication, make understanding and use easier, and reduce the risk of medical errors (Carrión, Alemán & Toval [3]). Electronic Health Records (EHRs) that are accessed by multiple organizations or even different locations, rely on some form of off-site, or cloud, computing (McCarthy [4]). Although the benefits of these systems to the medi- cal research world are significant, the importance of a solid framework to manage the security of the data can- not be understated. While all of these interfaces have pri- vacy policies in place, the virtual nature of the data means that it is not primarily protected by physical de- vices such as locks or buildings. The cloud’s virtual sto- rage lockers are at risk for being hacked into regardless of the privacy policies put in place to regulate who can access personal identifying information. 3. Privacy Risks in the Clouds Organizations that manage data clouds are required to have privacy policies in place to create a secure network for their users and for the patients whose data has been extracted. One of the top concerns with storing sensitive medical data is risking the patients’ identifiab le informa- tion (PII). Medical researchers keep data concerning pa- tients’ medical diagnosis, family history, HIV status, etc. It also includes patients’ social security numbers, addre- sses, date of births, among many other records. One form of preventing identifiers from being stolen and abused is to have the system erase all unnecessary personal data when information is being pulled and correlated with other figures. For example, TRIAD has adopted an inter- face that allows researchers to connect tissue samples with medical records that will de-identify the record ma- king the correlation completely anonymous (Crawford [1]). By making it difficult for users to attain identifying information, a significant amount of potential identity theft is deterred. Biomedical cloud providers must follow strict guidelines in regards to patients'privacy by the Health Information Portability and Accountability Act (HIPAA). For instance, there are eighteen types of identifying in- formation that must be removed before biomedical data can be shared with other parties without the consent of the patient (Klein [5]). Some additional restrictions in- clude being sure the server for the network is within the United States and must have physical means of protec- tion such as cages, back-up power, security guards, etc. They must also follow guidelin es set forth by the Privacy Act of 1974 which protects health information and al- lows patients the right to see and change information on their records (Osterhaus [6]). In 2009 the Health Infor- mation Technology for Economic and Clinical Health (HITECH) [7]. Act was signed to encourage meaningful use of health care technology and “strengthen the civil and criminal enforcement of the HIPAA rules”. The HITECH act made the regulations presen t in HIPAA ap- plicable to not just healthcare organizations, but also the cloud service providers that they utilize, closing an im- mense loophole in security (Delgado [8]). A group called the Cloud Security Alliance is a non- profit organization “with a mission to promote the use of best practices for providing security assurance within Cloud Computing, as and to provide education on the uses of Cloud Computing to help secure all other forms of computing”. The Cloud Security Alliance has deter- mined the top seven threats to cloud computing as (Klein [5]): 1) Abuse and nefarious use of cloud computing; 2) Insecure application programming interfaces; 3) Malici- ous insiders; 4) Shared technology vulnerabilities; 5) Data loss or leakages; 6) Account, service and traffic hijacking; 7) Unknown risk profile. Users require that cloud providers be trustworthy for storing their data. To create trust there must be security in place for all of the sensitive information. There are a number of ways in which to address this complex con- cern. One is by examining three aspects involved in the security of these virtual storage facilities: preventative, detective, and corrective controls (Ko, et al. [9]). Preventative controls are the measures put in place to prevent breaches from occurring in the first place (Klein [5]). These can include encryption technology, firewalls, lists of approved users, etc. Many of the controls spe- cified by HIPAA fall under this category, and all can be readily implemented by cloud service providers to suit the specialized needs of the health industry (Martin [10 ]). Each layer of protection that can be added must be evalu- ated for both its costs and benefits. For instance, one pos- sible method of preventing data loss is having dedicated and distinct servers for each client. While this increase in isolation bolsters security by minimizing “accidental” thefts when the target was on the same server, this ap- proach increases the costs to the server provider. Addi- tionally, this diminishes the benefit of having the infor- mation stored in multiple locations, which minimizes loss because of hardware malfunctio ns ( Palan zi [11]). One more sophisticated, albeit partial, means of pre- venting unnecessary transfer of information is through a cloud-based technique called Virtual Machines (VMs). Virtual machines are minimal terminals that load their operating system from a server, either through local in- frastructure or the internet (Grossman & White [12]). Most, if not all, processing is performed by the server. Rather than transferring the entire contents of the file system over the internet, only the pixels displayed on the screen are transmitted. In the case of viewing of medical images (which range from 2 - 500 mb) this approach drastically reduces the amount of bandwidth necessary to view and manipulate files remotely. The nature of VM systems pre- vents much of the unnecessary transferring of sensitive Copyright © 2012 SciRes. BLR  Regulatory Privacy Protection for Biomedical Cloud Computing 147 patient information from the data center to a terminal when accessing EHRs. Additionally, this approach is generally more cost effective, reliable and easier to con- figure than traditional approaches that rely on the instal- lation and maintenance of one operating system install per computing system (Philbin, Prior & Nagy [13]). Fu r- thermore, they provide a uniform computing environment whether accessed from work, home or on the road. Detective controls consist of procedures taken to iden- tify risks in the system (Klein [5]). They include guide- lines for security administration (such as routinely con- ducting risk analyses and implementing policies and pro- cedures to address vulnerabilities), screening and edu- cating the workforce, and activity audits (Schweitzer [14]). Corrective controls are actions to resolve breaches that have already occurred and need to be fixed (Klein [5]). In having the cloud provider monitor these controls, trust can flourish by the users knowing which and how secu- rity measures are being applied to secure their informa- tion. Creating a strong structure for managing these con- trols is the key for adherence to the privacy policies go- verning health data clo uds. Predictive, detective, and corrective controls are ap- plicable to both internal and external threats of informa- tion privacy. Many, if not most, breaches of sensitive data are perpetrated by internal threats, i.e. employees wor- king at either the healthcare organization or cloud service provider. There are two important themes underlying in- ternal security threats: accountability and auditability. Of the seven threats outlined by Ko, et al. [9], all but the 4th and 6th risk can be addressed through increasing accountability and auditability of the cloud providers (Klein [5]). They state that to create trust in the cloud provider, the provider must address these issues to show its users the measures they are taking to secure data and private information (Klein [5]). Consumers who are sto- ring data in the cloud must have full trust in the cloud provider due to the fact that they are keeping substantial medical and personal identifying information in this sys- tem (Carrión, Alemán & Toval [3]). This creates incen- tive for the provider to show its users how they are ad- dressing these privacy issues. Cloud providers must be able to provide accountability for any problems that arise within their system and display this to their users. They must also have their system logs and design clearly presented for their customers, so that users can feel se- cure in knowing the activity and protection of their ac- counts—Something that many cloud services currently fail to do. There are no means to audit a cloud structure if there is no monitoring system for users so that they can survey how and when their data is stored and accessed. Accountability and auditability are crucial for health or- ganizations to feel comfortable in fully utilizing the po- tential powers of the cloud; thorough logging is the cor- ner stone necessary for both (Pearson [15]). Accountability in a cloud system is necessary for de- termining which party is responsible wh en a secur ity breach occurs. If information is taken by an employee of the health institution, liability typically falls similarly. How- ever, if the breach is perpetrated by an employee of the cloud service provider or an external agent, responsibi- lity should lie with the service provider. A retrospective analysis of system logs can typically reveal the origin of a breach, but how to efficiently (in terms of size) and ef- fectively (in terms of preventing future breaches) log health information is still an open question. Many clients that use VM are not fully aware of the linkages between virtual and physical servers, relationships between virtual and physical server locations, and how files are written into both virtual and physical memory addresses (Ko, et al. [9]). The complexity inherent in virtual machine set- ups can be a difficult challenge in terms of determining the origin of a breach. Without proper measures imple- mented ahead of time, assessing liability may be impos- sible—Put simply, a legal nightmare. Auditability refers to the relative ease of auditing a system or an environment. A system lacking in audit- ability has poorly maintained records (Soma, et al. [16 ]). The complex nature of cloud data exchange necessitates a multilayer approach for modeling information exchan- ges. At the system level, there is the operating system, the file system, and the network, as well as the logs cor- responding to the read/write operations between them. At the data layer, there is the logging of each detail regar- ding a single file: its origin, the location(s) where it is stored, which accounts what permissions to access to it, and if/when it will expire. The most important bit of in- formation in logs is the time-stamped record of account accessing and interacting with files. So long as these de- tails are both comprehensive and pr operly protected with encryption, establishing liability is usually possible. Fi- nally, assessment of the workflow level reveals the ro- bustness or weakness of the control regarding user/ter- minal interaction: are employees only accessing the mi- nimal amount of information they need to accomplish a task? Through workflow analysis, problem areas and se- curity loopholes in the clou d are removed or rectified and control and governance of the cloud processes are im- proved. Kirchberg et al. have suggested that a file-centric per- spective should take prevalence in health-related cloud computing security (Ko, et al. [9]). Network logs that trace the life cycle of files (i.e. creation, modification, duplica- tion and destruction) within clouds best enable account- ability and auditability. Additionally, event data regar- ding network activities and actor data (the person or com- puter component that triggered an event) are necessary for proper representation of the file life cycle. Estab- Copyright © 2012 SciRes. BLR  Regulatory Privacy Protection for Biomedical Cloud Computing 148 lishing different network zones is perhaps the best way to organize network logs. A cloud service provider, for in- stance, can designate its own network as internal and the network addresses of the health organization as a safe zone. Data that is relayed to addresses besides these zones can be flagged for review by an automated or human su- pervisor. In the future, file types could be designed to include some space for the local storage of pertinent meta-information (such as read/write histories), making the logging needs of the distributed cloud system less complex (Ko, Lee & Pearson [17]). The lack of transparency within the cloud service pro- vider’s system is the greatest concern for prospective cloud users. One survey found 88% of potential cloud customers were concerned about who would have access to their data (Fujitsu Research Institu te [18]). Some EHR cloud providers, such as Microsoft Health Vault, fail to provide thorough accounts of data storage and access for their users. All contractual relationships between cloud service providers and medical organizations should be considered with care; especially in cases when all of the relevant information for assessing liability may not be accessible by both parties. For this, and other security reasons, the organization needs to negotiate a strong con- tract with the cloud service provider featuring compli- ance with HIPAA, security controls, and auditab ility (Witt [19]). If these requirements can be met, the benefit from shared data sets between health researchers will be im- mense. In the near future, biomedical data can be mined for statistical patterns between an individual’s genome, th erapy, and conditions (Grossman [12]). In creasingly open and shared data means greater statistical power in de- tecting predispositions to diseases early. 4. Regulatory Protection for Privacy 4.1. Privacy Law in the US and Abroad Biomedical enterprises operating in the United States need to consider HIPAA (45 C.F.R. §§ 160 - 164) and the Electronic Communications Privacy Act (ECPA) (18 U.S.C. §§ 2701 - 2712), a federal statutory law that supports specific protections for electronic communications (in transit or in storage) to supplement any protections offered by the Fourth Amendment of the United States Constitu- tion. Such laws require privacy and data security obliga- tions. European-based biomedical enterprises, as well as en- titles working with providers in or with infrastructure in Europe, however, need to take into account the expan- sive requirements under local omnibus data protection laws that safeguard all personal information, even basic details like business contact information. These require- ments can involve informing employees, customers, or other individuals about the outsourcing and processing of their data; obligations to co nsult with works councils be- fore outsourcing employee data; and registering with local data protection authorities (Lyo n [20]). 4.2. Requirements for Data Security Even if an enterprise is not subject to these types of pri- vacy laws, it will want to ensure safeguards for personal information covered by data security and breach notifica- tion laws. In the United States, these laws focus on per- sonal information such as social security numbers, dri- ver’s license numbers, and credit or debit card or financial account numbers. One of the key safeguards is encryp- tion because many (although not all) of the US state breach notification laws provide an exception for encryp- ted data. In contrast, many other countries require protec- tion of all personal information, and do not necessarily provide an exception for encrypted data. Consequently, companies operating outside of the United States may have wider-reaching obligations to protect all personal information. While data protection obligations vary con- siderably from law to law, both US and intern ational pri- vacy laws commonly require the following types of safe- guards: 1) Conducting appropriate due diligence on pro- viders; 2) Restricting access, use, and disclosure of per- sonal information; 3) Establishing technical, organizational, and administrative safeguards; 4) Executing legally suffi- cient contracts with providers; and 5) Notifying affec- ted individuals (and potentially regulators) of a security breach compromising personal information (Delgado [8]). The topic of data security in the cloud has received significant attention lately. The National Institute of Stan- dards and Technology (NIST) has finalized its first set of guidelines for managing security and privacy issues in cloud computing in early 2012. Guidelines on Security and Privacy in Public Cloud Computing (NIST Special Publication 800 - 144) provides an overview of the secu- rity and privacy challenges facing public cloud compu- ting and presents recommendations that organizations should consider when outsourcing data, applications and infrastructure to a public cloud environment (Lyon [20]). The document provides insights on threats, technology risks and safeguards related to public cloud env ironments to help organizations make informed decisions about this use of this technology. SP 800-144 is geared toward sys- tem managers, executives and information officers ma- king decisions about cloud computing initiatives; secu- rity professional responsible for IT security; IT program managers concerned with security and privacy measures for cloud computing; system and net-work administrators; and users of public cloud computing services (Delgado [8]). Copyright © 2012 SciRes. BLR  Regulatory Privacy Protection for Biomedical Cloud Computing 149 4.3. Restrictions on Data Transfers Internationally A growing number of countries, especially in Europe, restrict the transfer or sharing of personal information be- yond their borders. These restrictions can present sig- nificant challenges for multinational biomedical enter- prises seeking to move their data to the cloud. Recogni- zing these challenges, some providers are starting to offer geographic-specific clouds, in which the data are main- tained within a given country or jurisdiction. Some US providers have also certified to the US-European Union (EU) Safe Harbor program, in order to accommodate EU-based customers and patients. However, as the Safe Harbor only permits transfers from the EU to the United States, it is not a global solution. Accordingly, a bio- medical enterprise should assess carefully whether the options offered by a provider are sufficient to meet the enterprise’s own legal obligations in the countries where it operates (Delgado [8]). 5. Critical Recommendations for Reinforcement of Privacy Protection 5.1. Legal Reform The law has long recognized the importance of privacy. Existing statutory privacy law, however, needs a techno- logical upgrade. For example, ECPA should, but does not clearly define the statutory protections applicable to cloud computing services. ECPA does not distinctly express whether documents stored with many cloud computing services are protected at all. ECPA, as currently written, provides protection where con tent is stored with a service “solely for the purpose of providing storage or computer processing services to such subscriber or customer, if the provider is not authorized to access the contents of any such communications for purposes of providing any ser- vices other than storage or computer processing.” It is not clear whether sites that provide collaboration and sharing functions or employ a targeted advertising busi- ness model based on information contained in documents are covered by this clause. Even if ECPA does cover cloud computing records in a specific situation, the pro- tections that it provides are insufficient to properly safe- guard the privacy of sensitive documents being stored with cloud computing services. Beyond ECPA, there are questions about whether other specific privacy laws or regulations fully protect consumers of cloud computing services. For instance, the HIPAA is designed to protect the privacy of health records. HIPAA applies to health care providers, health care clearing-houses, and health plans (insurers). But, it is not clear whether HIPAA pro- tections apply to cloud computing services that store consumer and patient health records. Similarly, does the Video Privacy Protection Act (18 U.S.C. § 2710), which provides statutory protection for video rental records and “other similar material,” protect records of audiovisual material shared or retrieved through a cloud computing service? Therefore, as biomedical cloud computing continues to evolve, it is imperative th at privacy laws and policies are updated so that consumers and patients have the clarity needed to make informed choices and feel confident that their personal information is being protected (Weissber- ger [21]). To this end, Congress might consider imple- menting some of the enfo rcement provisions of the False Claims Act to strengthen HIPAA. This would allow a private right of action measure similar to the FCA’s qui- tam actions (Palanzi [11]). Furthermore, by increasing and modifying the fine structure for services that store large numbers of electronic medical records on cloud networks, the compliance of cloud companies to meet new regula- tory standards may be financially incentivized (Palanzi [11]). 5.2. Contractual Protections for Cloud-Bases Services Cloud providers must be trus ted to maintain the integrity and security of the data they a re tasked with sto ring. Esta- blishing this trust can be achieved by means of a con- tract which allows the customer the op tio n of strong leg al recourse in the event of a data breach. The contract will govern the conditions upon which data is given to the cloud computing provider and should be drafted in con- sultation with a local attorney or other third party spe- cializing in data security laws (Harshbarger [22]). Contractual provisions for cloud based services should include an insurance policy for damages resulting from compromised data, as well as a stipulation of service le- vels. The former demonstrates that the cloud provider has the finical ability to pay a breach of data while the latter clearly delineates the responsibilities on the part of the cloud service provider. Examples of service level stipula- tions include having the cloud provider state that it will have a ninety-nine percent up-time and have its system free from bugs or other defects (Harshbarger [22]). In addition, the cloud provider could negotiate additional operational specifications which might be unique to the nature of the data the customer needs to be stored. This would give the customer a defined set of expectations in relation to the cloud provider’s handli ng of sensitive data. A contract would also allow for increased transparency on the part of the cloud provider. A provision for trans- parency would obligate the cloud provider to make its data security regime available to the customer so that specific precautions and safeguards are known (Harsh- barger [22]). This transparency will increase trust and Copyright © 2012 SciRes. BLR  Regulatory Privacy Protection for Biomedical Cloud Computing 150 confidence among cloud service purchasers as well as give tangible meaning to the notions of cloud-based data security. 5.3. Vigorous Privacy Practices from Biomedical Enterprises Biomedical enterprises have the opportunity to ardently address much of this patient and consumer concern by following the c ore principles of the Fair Information Pra c- tices (Federal Trade Commission [23]). This means pro- viding meaningful notice about how information is used and to whom it is disclosed, collecting and retaining only the information that is need ed to provide services, giving patients and consumers real choice about how any per- sonal information collected abou t them will be used, pro- perly safeguarding patient and consumer information from disclosure and misuse, and enabling them to control, modify, and delete their own records and accounts (Tu- row, et al. [24]). Providing patients and consumers with meaningful control and protection for their personal in- formation will help give them the confidence to utilize cloud computing and may also help biomedical enter- prises avoid negative press, government investigations, and costly lawsuits (Ozer [25]). Patients and consumers expect that data stored with a cloud service provider will stay private; pro viders have a commercial incentive to make sure that it does. By de- signing a service with technical measures to protect con- sumers and patients—Tools that allow them to manage and protect their own information, encryption and anony- mity protocols to protect information by default, and ac- cess controls and data security measures to prevent brea- ches and inappropriate disclosures—Biomedical cloud com- puting providers can establish a platform where patients and consumers are in a position to control their own in- formation and can feel more confident banking private content. The key step in giving patients and consumers control is to build a vigorous and operative interface to allow them to be in charge of their own content and re- cords. Consumers and patients should be able to view and control their entire record. Constructing such an in- terface is much easier if it is part of the design process of the service and not added on as an after thought or in response to consumer and patient demands for greater control and transparency (Pearson & Charlesworth [26]). Anonymization and encryption can also protect con- sumers by reducing the risk of disclosure of information that is captured and stored by the service. Anonymization procedur es, however, shou ld ensure that data is irreversi- bly de-identified (Narayanan & Shmatikov [27]). More- over, creating a solid data security plan protects not only patients and customers but also providers. Data breaches can be disastrous, leading to lawsuits, fines, and lost trust (Soma, et al. [16]). In order to avoid these outcomes, pro- viders should use access controls to prevent unauthorized access to content by both employees and third parties and take additional steps such as promptly deleting data that is no longer necessary in order to reduce the risk of breach. Such practices will help safeguard both patient and customer privacy and the provider’s bottom line. Providing technical measures that protect and secure pa- tient and consumer information may carry both practical and legal significance. Practically, the measures sug- gested above, and others that may emerge, reduce the likelihood of breach or unnecessary disclosure. In addi- tion, these mechanisms may strengthen the legal positions of both consumers and providers by making it clear that the patient or consumer, and not the provider, is the party with access to and control over any stored content. The more “locks” a provider puts in the patient or consumer’s control, the less likely it is that third parties will be as- king providers for the keys (Wayner [28]). 6. Conclusion As biomedical cloud computing continues to develop and expand, it is critical to reinforce regulatory mechanisms to protect the privacy of consumers and patients. Courts and policymakers need to recognize the realities of mo- dern information storage and satisfy the continued ex- pectations of privacy, regardless of whether the informa- tion is stored online or offline. Biomedical enterprises should invest in privacy-friendly technologies and prac- tices that put consumers and patients in control of their own private information. They should also support regu- latory reform to update any outdated statutory under- standings of online privacy. REFERENCES [1] D. Crawford, “Biomedical Research Gets Head Into Cloud Computing,” 2011. http://medicalcenter.osu.edu/mediaroom/releases/Pages/B iomed- cal-Research-Gets-Head-Into-Cloud-Computing.aspx [2] A. Mathews, “United Health to Launch Cloud-Based Data Platform,” Wall Street Journal, 2012. http://online.wsj.com/article/SB100014240529702040627 04577221551500296744.html [3] I. Carrión, J. Alemán and A. Toval, “Personal Health Records: New Means to Safely Handle Our Health Data,” IEEE Computer Society Digital Library, IEEE Computer Society, 2012. http://doi.ieeecomputersociety.org/10.1109/MC.2012.74 [4] C. McCarthy, “Paging Dr. Google: Personal Health Re- cords and Patient Privacy,” William & Mary Law Review, Vol. 51, No. 6, 2010, pp. 2243-2268. http://scholarship.law.wm.edu/wmlr/vol51/iss6/6 [5] C. Klein, “Cloudy Confidentiality: Clinical and Legal Im- Copyright © 2012 SciRes. BLR  Regulatory Privacy Protection for Biomedical Cloud Computing Copyright © 2012 SciRes. BLR 151 plications of Cloud Computing in Health Care,” The Journal of the American Academy of Psychiatry and the Law, Vol. 39, No. 4, 2011, pp. 571-578. [6] L. Osterhaus, “Cloud Computing and Health Information,” The University of Iowa School of Library and Informa- tion Scienc e Journal, Vol. 19, 2010, pp. 1-9. [7] HITECH Act Enforcement Interim Final Rule. US De- partment of Health and Human Services, 2009. http://www.hhs.gov/ocr/privacy/hipaa/administrative/enfo rcementrule/hitechenforcementifr.html [8] M. Delgado, “The Evolution of Health Care IT: Are Cur- rent US Privacy Policies Ready for the Clouds,” IEEE World Congress on Services, Washington DC, 4-9 July 2011, pp. 371-378. http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=60 12698&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpl s%2Fabs_all.jsp%3Farnumber%3D6012698 [9] R. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kir- chberg, Q. Liang and B. Lee, “Trust Cloud: A Frame- work for Accountability and Trust in Cloud Computing,” 2011. http://www.hpl.hp.com/techreports/2011/HPL-2011-38.p df [10] T. Martin, “Hey! You! Get off of My Cloud: Defining and Protecting the Metes and Bounds o f Privacy, Security, and Property in Cloud Computing,” 2011. http://works.bepress.com/timothy_martin/3 [11] A. Palanzi, “Patient Privacy in the Cloud: Why Congress Should Model HIPAA Enforcement Mechanisms after the FCA to Meet a New Wave of Privacy Threats from the Implementation of Cloud-Computing Technologies,” 2012. http://works.bepress.com/andrew_palanzi/1/ [12] R. Grossman and K. White, “A Vision for Biomedical Cloud,” Journal of Internal Medicine, Vol. 271, No. 2, 2012, pp. 122-130. doi:10.1111/j.1365-2796.2011.02491.x [13] J. Philbin, F. Prior and P. Nagy, “Will the Next Genera- tion of PACS Be Sitting on a Cloud,” Journal of Digital Imaging, Vol. 24, No. 2, 2011, pp. 179-183. doi:10.1007/s10278-010-9331-4 [14] E. Schweitzer, “Reconciliation of the Cloud Computing Model with US,” Journal of American Medical Informa- tics Association, Vol. 19, No. 2, 2012, pp. 161-165. doi:10.1136/amiajnl-2011-000162 [15] S. Pearson, “Toward Accountability in the Cloud,” IEEE Internet Computing, 2011, pp. 64-69. http://www.hpl.hp.com/techreports/2011/HPL-2011-138. html doi:10.1109/MIC.2011.98 [16] J. Soma, M. Nichols, M. Gates and A. Gutierrez, “Cha- sing the Clouds without Getting Drenched: A Call for Fair Practices in Cloud Computing Services,” 2011. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2039 439 [17] R. Ko, B. Lee and S. Pearson, “Towards Achieving Ac- countability, Auditability and Trust in Cloud Compu- ting,” Advances in Computing and Communicatio ns, Com- munications in Computer and Information Science, Vol. 193, 2011, pp. 432-444. doi:10.1007/978-3-642-22726-4_45 [18] Fujitsu Research Institute, “Personal Data in the Cloud: A Global Survey of Consumer Attitudes,” 2010. http://www.fujitsu.com/downloads/SOL/fai/reports/fujits u_personal-data-in-the-cloud.pdf [19] C. Witt, “HIPAA versus the Cloud,” 2011. http://healthcare-executive-insight.advanceweb.com/Feat ures/Articles/HIPAA-Versus-the-Cloud.aspx [20] C. Lyon and K. Retzer, “Privacy in the Cloud: A Legal Framework for Moving Personal Data to the Cloud,” 2011. http://www.nist.gov/manuscript-publication-search.cfm?p ub_id=909494 [21] A. Weissberger, “ACLU of Northern California, Cloud Computing: Storm Warning for Privacy,” 2009. http://viodi.com/2009/02/13/aclu-northern-ca-cloud-comp uting-storm-warning-for-privacy/ [22] J. Harshbarger, “Cloud Computing Providers and Data Security Law: Building Trust with United States Compa- nies,” Journal of Technology Law and Policy, Vol. 16, No. 2, 2011, pp. 229-254. [23] Federal Trade Commission, Fair Information Prac tice Prin- ciples, 2012. http://www.ftc.gov/reports/privacy3/fairinfo.shtm [24] J. Turow, J. King, C. Hoofnagle, A. Bleakley and M. Hennessy, “Americans Reject Tailored Advertising and Three Activities That Enable It,” 2009. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1478 214 [25] N. Ozer, “Privacy and Free Speech: It’s Good for Busi- ness,” 2009. http://dotrights.org/business/primer [26] S. Pearson and A. Charle sworth, “Accountability as a Way Forward in Privacy Protection in the Cloud,” Cloud Com- puting, Lecture Notes in Computer Science, Vol. 5931, 2009, pp. 131-144. [27] A. Narayanan and V. Shmatikov, “Robust De-Anonymi- zation of Large Sparse Datasets,” 2008. http://dl.acm.org/citation.cfm?id=1398064 [28] P. Wayner, “You Know about Backups. Now, Do It On- line,” New York Times, 2008. http://www.nytimes.com/2008/10/23/technology/personal tech/23basics1.html
|
