Abstract
Complete end-to-end security support in the context of a complex CPS system in context of sensitive medical applications goes beyond pure technical countermeasures, hardware and techniques. Especially since highly sensitive medical data will be created, accesses, stored, processes and transferred it is of paramount importance to define accurate and comprehensive data management processes. Critical objectives achieved from accurate and comprehensive data management processes definition include:
Data privacy involving the right of any individuals to expect that personal information collected about them will be processed securely and will not be disseminated in any form without their written consent.
Data protection consists of a framework of security measures designed to guarantee that data are handled in such a manner as to ensure that they are safe from unforeseen, unintended, unwanted or malevolent use. Data protection is the technical mechanism to ensure data privacy.
Data management processes, as seen in this document, comprise be rules, actions to be taken in specific event as well as guidelines assuring adequate security level provision both in normal operation conditions (i.e. no threat is apparent) as well as in cases where specific security threat is identified.
A critical aspect necessitating the definition of such rules is the fact that the human factor is always in the loop in the context of respective systems’ operation which may comprise the weak link from the security point view. Therefore, these rules mainly concern actions taken by humans concerning data management (e.g. password policy and account creation), algorithm configuration (e.g. acceptable encryption policy and security credential policy), equipment management policy (e.g. equipment disposal policy and removable media policy) etc. Another critical aspect is to highlight relevant legal and legislative requirements and extract significant principles, concerns and recommendations with respect to up to data literature.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
UK Data Protection Act 1988. http://www.legislation.gov.uk/ukpga/1998/29/contents
FP7 Ethical guidelines, “Data protection and privacy ethical guidelines” (2009) Experts Working Group on Data Protection and Privacy, Chaired by: Caroline Gans-Combe
Deliverable D3.2 of the ARMOR FP7 research project “Data management processes”
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Antonopoulos, C.P., Voros, N.S. (2015). Data Management Processes. In: Voros, N., Antonopoulos, C. (eds) Cyberphysical Systems for Epilepsy and Related Brain Disorders. Springer, Cham. https://doi.org/10.1007/978-3-319-20049-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-20049-1_6
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-20048-4
Online ISBN: 978-3-319-20049-1
eBook Packages: EngineeringEngineering (R0)