Regulatory Privacy Protection for Biomedical Cloud Computing


This article provides background information on biomedical cloud computing. It examines the privacy concerns that arise from the use of biomedical cloud computing services and then surveys the current state of regulatory privacy safeguards for patients and consumers of these services both in the U.S and abroad. Finally, it identifies opportunities for legal and technological mechanisms to be implemented or reinforced so that patients and consumers are not forced to lose control of their information when they use biomedical cloud computing services.

Share and Cite:

Y. Yang and K. Borg, "Regulatory Privacy Protection for Biomedical Cloud Computing," Beijing Law Review, Vol. 3 No. 4, 2012, pp. 145-151. doi: 10.4236/blr.2012.34020.

Conflicts of Interest

The authors declare no conflicts of interest.


[1] D. Crawford, “Biomedical Research Gets Head Into Cloud Computing,” 2011.
[2] A. Mathews, “United Health to Launch Cloud-Based Data Platform,” Wall Street Journal, 2012.
[3] I. Carrión, J. Alemán and A. Toval, “Personal Health Records: New Means to Safely Handle our Health Data,” IEEE computer Society Digital Library, IEEE Computer Society, 2012.
[4] C. McCarthy, “Paging Dr. Google: Personal Health Records and Patient Privacy,” William & Mary Law Review, Vol. 51, No. 6, 2010, pp. 2243-2268.
[5] C. Klein, “Cloudy Confidentiality: Clinical and Legal Implications of Cloud Computing in Health Care,” The Journal of the American Academy of Psychiatry and the Law, Vol. 39, No. 4, 2011, pp.571-578.
[6] L. Osterhaus, “Cloud Computing and Health Information,” The University of Iowa School of Library and Information Science Journal, Vol. 19, 2010, pp. 1-9.
[7] HITECH Act Enforcement Interim Final Rule. US Department of Health and Human Services, 2009.
[8] M. Delgado, “The Evolution of Health Care IT: Are Current US Privacy Policies Ready for the Clouds,” IEEE World Congress on Services, Washington DC, 4-9 July 2011, pp. 371-378.
[9] R. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang and B. Lee, “Trust Cloud: A Framework for Accountability and Trust in Cloud Computing,” 2011.
[10] T. Martin, “Hey! You! Get off of My Cloud: Defining and Protecting the Metes and Bounds of Privacy, Security, and Property in Cloud Computing,” 2011.
[11] A. Palanzi, “Patient Privacy in the Cloud: Why Congress Should Model HIPAA Enforcement Mechanisms after the FCA to Meet a New Wave of Privacy Threats from the Implementation of Cloud-Computing Technologies,” 2012.
[12] R. Grossman and K. White, “A Vision for Biomedical Cloud,” Journal of Internal Medicine, Vol. 271, No. 2, 2012, pp. 122-130. doi:10.1111/j.1365-2796.2011.02491.x
[13] J. Philbin, F. Prior and P. Nagy, “Will the Next Generation of PACS Be Sitting on a Cloud,” Journal of Digital Imaging, Vol. 24, No. 2, 2011, pp. 179-183. doi:10.1007/s10278-010-9331-4
[14] E. Schweitzer, “Reconciliation of the Cloud Computing Model with US,” Journal of American Medical Informatics Association, Vol. 19, No. 2, 2012, pp. 161-165. doi:10.1136/amiajnl-2011-000162
[15] S. Pearson, “Toward Accountability in the Cloud,” IEEE Internet Computing, 2011, pp. 64-69. doi:10.1109/MIC.2011.98
[16] J. Soma, M. Nichols, M. Gates and A. Gutierrez, “Chasing the Clouds without Getting Drenched: A Call for Fair Practices in Cloud Computing Services,” 2011.
[17] R. Ko, B. Lee and S. Pearson, “Towards Achieving Accountability, Auditability and Trust in Cloud Computing,” Advances in Computing and Communications, Communications in Computer and Information Science, Vol. 193, 2011, pp. 432-444. doi:10.1007/978-3-642-22726-4_45
[18] Fujitsu Research Institute, “Personal Data in the Cloud: A Global Survey of Consumer Attitudes,” 2010.
[19] C. Witt, “HIPAA versus the Cloud,” 2011.
[20] C. Lyon and K. Retzer, “Privacy in the Cloud: A Legal Framework for Moving Personal Data to the Cloud,” 2011.
[21] A. Weissberger, “ACLU of Northern California, Cloud Computing: Storm Warning for Privacy,” 2009.
[22] J. Harshbarger, “Cloud Computing Providers and Data Security Law: Building Trust with United States Companies,” Journal of Technology Law and Policy, Vol. 16, No. 2, 2011, pp. 229-254.
[23] Federal Trade Commission, Fair Information Practice Principles, 2012.
[24] J. Turow, J. King, C. Hoofnagle, A. Bleakley and M. Hennessy, “Americans Reject Tailored Advertising and Three Activities that Enable It,” 2009.
[25] N. Ozer, “Privacy and Free Speech: It’s good for Business,” 2009.
[26] S. Pearson and A. Charlesworth, “Accountability as a Way Forward in Privacy Protection in the Cloud,” Cloud Computing, Lecture Notes in Computer Science, Vol. 5931, 2009, pp. 131-144,
[27] A. Narayanan and V. Shmatikov, “Robust De-Anonymization of Large Sparse Datasets,” 2008.
[28] P. Wayner, “You Know about Backups. Now, Do It Online,” New York Times, 2008.

Copyright © 2024 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.