Privacy and Security Concerns with Healthcare Data and Social Media Usage

Abstract

First of all, I’m glad to be back on board and allow Dr. Bagchi to take a good break for a while. It is nice to be in touch with everyone again. The second issue of the Journal of Information Privacy & Security (JIPS) for 2017 contains three articles, one expert opinion, and one book review. The first two articles focus on the importance of protecting personal information and securing data in the healthcare industries. The third article discusses the influence of consumers’ security perception on their social advertising usage. In the Expert Opinion section, Mr. Lionel Cassin, an information security officer at Texas A&M University–Corpus Christi, discusses the major issues of security and privacy that the university is facing, and points out that it is crucial to improve awareness of information security and privacy on campus. In the Book Review section, Dr. Arslan reviews the book titled Security and Privacy in Social Networks by Yaniv Altshuler, Yuval Elovici, Armin B. Cremers, Nadav Aharony, and Alex Pentland. More details are as follows: The first article is titled “Handling Confidentiality and Privacy on Cloud-based Health Information Systems.” The authors Carlos Serrao and Elsa Cardoso propose an approach to minimize the security risks in health-related data based on rights management technologies. Based on a trend that the health-related data may be migrated into the cloud, opportunities are increasing for cybercriminals to commit fraud or other similar criminal schemes after directing their attacks towards health and medical data of patients. To prevent organizations from financial and reputational losses, several initiatives have been created to improve the confidentiality and privacy requirements of the health and medical information. In this article, the authors propose the usage of the rights management systems as this approach can offer a governed environment and enables critical privacy and security mechanism. Although the system will not solve all the problems, it can help reducing the impact of large data breaches, making it more difficult for potential attacker to access unprotected information. The second article, “The Effect of Procedural and Technological Security Countermeasures on the Propensity to Misuse Medical Data,” authored by Wachiraporn Arunothong and Derek L. Nazareth, discusses the healthcare providers’ concern about the threat to misuse of medical data by internal users such as their employees. Even though the use of electronic medical records (EMRs) and electronic health records (EHRs) can help increase the efficiency and effectiveness of healthcare services, it is crucial to cultivate the awareness of security and to ensure that the employees follow the policy measures to avoid misuse. The results from conducting an online survey with physicians, nurses, medical students, and nursing students revealed that the healthcare providers who have more conscious of institutional security policy were less likely to engage in misuse. It is thus necessary for healthcare organizations to provide some training, such as robust training, coupled with periodic refresher training to educate their employees about the importance of HIPAA compliance and to inform them about the steps that the institution takes to maintain compliance, both from a procedural as well as technological standpoint. The study concluded that increasing the awareness of security and policy measures among employees is a vital part of preventing misuse. The last article in this issue titled “What Affects Users to Click on Display Ads on Social Media? The Roles of Message Values, Involvement, and Security” is authored by En Mao and Jing Zhang. These authors examined the three major communication components—message, channel/media, and receiver/audience—on advertising clicks, which impact the effectiveness of social media advertising. They then proposed a research model and tested it with online-survey data from 572 social JOURNAL OF INFORMATION PRIVACY AND SECURITY 2017, VOL. 13, NO. 2, 49–50 https://doi.org/10.1080/15536548.2017.1322413