[Dshield] 2nd Call for Chapters - Certification and Security in Health-Related Web Applications: Concepts and Solutions

[Argiris Chryssanthou]

Call for Chapters
Book: Certification and Security in Health-Related Web Applications: Concepts and Solutions
(A. Chryssanthou)


2nd CALL FOR CHAPTERS
Proposals Submission Deadline: 25th May 2009
Full Chapters Due: 25th July 2009
Certification and Security in Health-Related Web Applications:
Concepts and Solutions
A book edited by Dr. Ioannis Apostolakis, National School of Public Health, Dept. of Health Economics, Greece
Mr. Anargyros Chryssanthou, MSc, Data Protection Authority, Auditors Department, Greece
Dr. Iraklis Varlamis, Harokopio University of Athens, Dept. of Informatics & Telematics, Greece

Published by: IGI Global (formerly Idea Group Inc.)
http://www.igi-global.com/requests/details.asp?ID=611
Introduction
The
main issue of concern in health-related applications is the protection
of medical data. A patient’s profile data is deemed as sensitive data
and is protected by data protection laws. Medical data needs to be
accessible only by authorized people. It needs to remain confidential,
maintain its’ integrity, and be available to authorized people upon
request. In the classic model of CIA, this perspective publication
seeks to integrate two new aspects of security, authorization, and
non-repudiation.
In the case of health related web applications, medical information
that is transferred across the network should be encrypted, secured,
and protected. Additionally, to secure the exchanging endpoints we need
to accurately verify the real identity of the exchanging parties, in
order to prevent cases of identity theft. Any transfer of medical data
also needs to be audited properly, in order for the administrators
responsible or the authorities to be able to connect any faulty
transaction with the exchanging parties and attribute responsibilities.
Processes need to be established to be able to certify each transacting
party, each transfer, and the associated level of security.
Certification, in terms of security, refers to the compliance to
suitable standards and regulations ranging from the ISO 27001:2005
standard to HIPAA and data protection laws. Certification in
health-related web applications springs from the need to verify the
accurate, impervious, and protected exchange of medical data.
Objective of the Book
This book will aim to provide relevant theoretical frameworks and the latest empirical research findings in the area. It is expected to increase interaction between members of
the medical community, IT professionals, and all other interested
parties. It is also expected to review the certification and security
procedures through collaboration, to identify open threats and emerging
needs, and to provide solutions. With this book, we intend to provide a
valuable tool for every professional intending to develop, support or
participate in a health related application over the internet. The
chapters that will be published are expected to cover as many security
and certification issues as possible and provide practical solutions
and case study applications. This publication aims to become the initial reference book, the gateway, which can lead to potential solutions for issues that lurk in the background.
Target Audience
The target audience of this book will be
composed of professionals and researchers that employ, study, design,
and implement health related web applications. Students of management
of healthcare systems and healthcare managers in general will use this
book as a companion that helps them avoid design pitfalls and a
walkthrough towards building trustful medical communities. Security
professionals working in medical institutions will be able to identify compliance requirements and implement the proper measures to achieve an adequate level of
security for medical data and certification, either by certification
bodies or by data protection authorities.
Recommended topics include, but are not limited to, the following:
Confidentiality, Integrity, Availability in health related web applications
Risk analysis in health related web applications
Medical computer networks and security management
Applying ISO standards (ISO 27001:2005, ISO 17999:2005) in healthcare environments
Compliance in health related web applications
Health related web applications and data protection laws
Trust in healthcare communities
Certification in medical applications
Submission Procedure
Researchers and practitioners are invited to submit on or before May 25, 2009,
a 1-2 page chapter proposal clearly explaining the mission and concerns
of his or her proposed chapter. Authors of accepted proposals will be
notified by June 25, 2009 about the status of their proposals and sent chapter guidelines. Full chapters are expected to be submitted by July 25, 2009. All submitted chapters will be reviewed on a double-blind review basis.
Publisher
This book is scheduled
to be published by IGI Global (formerly Idea Group Inc.), publisher of
the “Information Science Reference” (formerly Idea Group Reference), “Medical Information Science Reference,” and “IGI Publishing” imprints. For additional information regarding the publisher, please visit http://www.igi-global.com/. This publication is anticipated to be released in 2010. Additional information regarding this publication can also be found athttp://wim.aueb.gr/iraklis/igibook.
Important Dates
May 25, 2009: Proposal Submission Deadline
June 25, 2009: Notification of Proposal Acceptance
July 25, 2009: Full Chapter Submission
October 25, 2009: Notification of Full Chapter Acceptance
January 1, 2009: Final Chapter Submission
March 15, 2010: Final Deadline
Editorial Advisory Board Members
Prof. Arie Hasman, University of Amsterdam, Dept. of Medical Informatics, The Netherlands
Prof. Sokratis Katsikas, University of Piraeus, Dept. of Technology Education and Digital Systems, Greece
Assistant Prof. Spyros Kokolakis, University of Aegean, Dept. of Information & Communication Systems Engineering, Greece
Assistant Prof. Ilias Maglogiannis, University of Central Greece, Dept. of Computer Science and Biomedical Informatics, Greece
Assistant Prof. Panagiotis Bamidis, Medical Education Informatics, Medical School, Aristotle University of Thessaloniki
Lecturer Athina Lazakidou, University of Peloponnese, Dept. of Nursing, Greece
Lecturer Panagiotis Nastou, University of Aegean, Dept. of Mathematics, Greece
Dr. Panagiotis Rizomiliotis, University of Aegean, Dept. of Information and Communication Systems Engineering, Greece
Dr. Maria Katharaki, Dept. of Economic Science, National & Kapodistrian University of Athens, Greece
Dr. Anastasia Kastania, Athens University of Economics and Business, Dept. of Computer Science, Greece
Inquiries and submissions can be forwarded electronically (Word document) or by mail to:
Dr. Iraklis Varlamis
Harokopio University of Athens, Department of Informatics and Telematics
Tel: +302109549295 Fax: +302109549281
E-mail: varlamis at gmail.com, achryssanthou at gmail.com


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sans.org/pipermail/list/attachments/20090516/d7b2cb8f/attachment.htm