TY - JOUR TI - Handling confidentiality and privacy on cloud-based health information systems T2 - Journal of Information Privacy and Security VL - 13 IS - 2 AU - SerrĂ£o, C. AU - Cardoso, E. PY - 2017 SP - 51-68 SN - 1553-6548 DO - 10.1080/15536548.2017.1322415 UR - http://www.tandfonline.com/doi/full/10.1080/15536548.2017.1322415 AB - Health-related data include not only the patient’s personal information, but also specific information about the patient health problems, supplementary diagnostic examination results, and much more. All this information is extremely sensitive and should only be accessed by the proper entities and actors, for special specific purposes. Described herein is an approach to address security and privacy of health-related data based on rights management technologies, with an architecture to minimize security risks and privacy conerns. This approach consists of the reutilisation of an open-source and open-specifications rights management system, and designing and adapting the necessary components to address the specific security and privacy requirements that must be faced when managing health and patient data. ER -