Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
Review
. 2019 Sep 3:2019:7516035.
doi: 10.1155/2019/7516035. eCollection 2019.

eHealth Cloud Security Challenges: A Survey

Yazan Al-Issa  1 Mohammad Ashraf Ottom  1 Ahmed Tamrawi  1
Affiliations
Review

eHealth Cloud Security Challenges: A Survey

Yazan Al-Issa et al. J Healthc Eng. .

Abstract

Cloud computing is a promising technology that is expected to transform the healthcare industry. Cloud computing has many benefits like flexibility, cost and energy savings, resource sharing, and fast deployment. In this paper, we study the use of cloud computing in the healthcare industry and different cloud security and privacy challenges. The centralization of data on the cloud raises many security and privacy concerns for individuals and healthcare providers. This centralization of data (1) provides attackers with one-stop honey-pot to steal data and intercept data in-motion and (2) moves data ownership to the cloud service providers; therefore, the individuals and healthcare providers lose control over sensitive data. As a result, security, privacy, efficiency, and scalability concerns are hindering the wide adoption of the cloud technology. In this work, we found that the state-of-the art solutions address only a subset of those concerns. Thus, there is an immediate need for a holistic solution that balances all the contradicting requirements.

PubMed Disclaimer

Conflict of interest statement

The authors declare that they have no conflicts of interest.

Figures

Figure 1
Figure 1
Relationship between delivery and service models.
Figure 2
Figure 2
ISO/IEC 27000-series standards categories.
Figure 3
Figure 3
ISO-27002 best practice topics [94].
Figure 4
Figure 4
Information-centric healthcare model [107].
See this image and copyright information in PMC

References

    1. European Network Information Security Agency. An SME Perspective on Cloud Computing. Heraklion, Greece: European Network Information Security Agency; 2009.
    1. Moor J. H. Towards a theory of privacy in the information age. ACM SIGCAS Computers and Society. 1997;27(3):27–32. doi: 10.1145/270858.270866. - DOI
    1. Brey P. Ethical aspects of information security and privacy. In: Petković M., Jonker W., editors. Security, Privacy, and Trust in Modern Data Management. Berlin, Germany: Springer; 2007. pp. 21–36. - DOI
    1. Kuo A. M.-H. Opportunities and challenges of cloud computing to improve health care services. Journal of Medical Internet Research. 2011;13(3):p. e67. doi: 10.2196/jmir.1867. - DOI - PMC - PubMed
    1. Mell P., Grance T. The NIST Definition of Cloud Computing [Recommendations of the National Institute of Standards and Technology-Special Publication 800-145] Gaithersburg, MD, USA: NIST; 2011. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.