Computer Standards & Interfaces 69 (2020) 103408

Contents lists available at ScienceDirect

Computer Standards & Interfaces

journal homepage: www.elsevier.com/locate/csi

Towards a GDPR compliant way to secure European cross border Healthcare T

Industry 4.0
⁎
Xabier Larruceaa,c, , Micha Moffieb, Sigal Asafb, Izaskun Santamariaa
a
Tecnalia, Parque Tecnológico de Bizkaia. Edificio 700. E-48160 Derio – Bizkaia, Spain
b
IBM Research-Haifa, Haifa University Campus, Haifa, Israel
c
University of the Basque Country. Vitoria-Gasteiz, Spain

A R T I C LE I N FO A B S T R A C T

Index Terms: The Health sector is gaining momentum within the Industry 4.0. National Health Systems are tightly connected
Health information management to different complex systems, and a wide set of devices. NHSs are processing and managing patients’ data, and
Industrial communication they are exchanging sensitive information cross different countries. This paper takes into account legal aspects
Data security such as GDPR and it extends the Healthcare Industry architecture reference model, with a set of tools dealing
Privacy
with consent management and data hiding tools A case study illustrates the use of the reference architectural
Data processing
model.

1. Introduction
Healthcare industry 4.0 is being considered as a relevant topic
within the Industry 4.0 [6]. The Industry 4.0 paradigm was coined in
2011 [20], and traditionally it refers to manufacturing or production
processes. However, the role of this paradigm in the medical field [13]
is gaining momentum, and there are initial integrations of healthcare
systems into Industry 4.0 [4]. In this sense, Industry 4.0 and healthcare
services [1] are complementary approaches and their integration is
becoming a need.
According to [19], Industry 4.0 is spilling out from manufacturing to
healthcare, and the increase of digitally networked and data-intensive
are pushing forward the smarter production concept and, thus, the in-
dustry 4.0 concept.
In fact, Internet of Things (IoT), cloud/fog/edge computing, big
data analytics, artificial intelligence, and robotics are being used to
create digitalized healthcare products and digitalized healthcare ser-
vices. The integration of Cloud based and IoT approaches with
healthcare systems and its applications is representing a major chal-
lenge integrating diverse applications, devices, and people managing
patients health records [8]. In this sense, fog computing and healthcare
are being integrated.
However, in the context of national healthcare systems there are
still some challenges to be tackled, such as the exchange of electronic
health records [11] which is still not solved. In this sense, the OpenNCP
[9] is an environment connecting National Health Systems (NHS) cross
European countries (Fig. 1), and it is being promoted and recommended
by the European Commission. Each country is connected throughout a
Virtual Machine (VM) and it is used to connect different NHS in order to
create a network for sharing patient's health records. Each NHS has a
complex architecture and may be connected to Industry 4.0 technolo-
gies and/or IoT based architectures.
It has been shown that VMs can be altered with vulnerable code and
can give the control to potential cybercriminals, or can cause un-
predicted behaviours, or fatal errors. In fact, there are several vulner-
abilities used by hackers such as service hijacking, data scavenging,
customer-data manipulation, or even malicious VM creation. At the
same time, a federated healthcare industry 4.0 system involving dif-
ferent countries requires the implementation of technologies, over-
coming interoperability problems cross systems and an assessment of
legal aspects such as the General Data Protection Regulation (GDPR)
[29]. Security and privacy of personal data including transfers of per-
sonal data to third countries or international organizations are major
subjects within this European law, and mechanisms must be set up for
assuring security and privacy, especially when managing patient's
health records [30]. In addition, Cloud Virtualization (CV) introduces
some new security problems especially in federated and multi-cloud
environment, and malicious software is one of the of the core tools used
by the cybercriminals to compromise information systems. In the
healthcare sector a special attention is dedicated to data security [2],
and therefore more security checks are recommended.
Therefore, such a complex scenario – connecting a vast number of

⁎
Corresponding author.
E-mail address: xabier.larrucea@tecnalia.com (X. Larrucea).

https://doi.org/10.1016/j.csi.2019.103408
Received 3 December 2019; Received in revised form 22 December 2019; Accepted 24 December 2019
Available online 25 December 2019
0920-5489/ © 2020 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license
(http://creativecommons.org/licenses/BY-NC-ND/4.0/).
X. Larrucea, et al.
Fig. 1. National Healthcare Systems connected throughout the OpenNCP net-
work for sharing patient's health records. Each cloud is a complex architecture
which interoperates with other NHSs through the OpenNCP.
technologies and architectures to manage sensitive information – must
be safeguarded, and address current cybersecurity challenges in
Industry 4.0 [16]. In fact, as stated by the industry analysis carried out
[16], healthcare is one of the major concerns in industry 4.0, and not
only manufacturing processes.
This paper contributes with the following:
• Adoption of the healthcare industry 4.0 architectural model
• Integration of different tools for assuring security and privacy over
the Healthcare Industry architecture reference model. Specifically,
we identify a set of potential threats and the security measures for
data security and privacy
• A case study illustrates the use of the architecture and the use of its
related tools.
This paper is structured as follows. First, a background overview on
healthcare, OpenNCP and GDPR, is provided. Second, a proposed
healthcare industry 4.0 architecture is proposed. Next, we use a case
study to illustrate the approach. In section Five, we draw conclusions
and outline future steps.
2. Background
2.1. Healthcare information systems, OpenNCP and Industry4.0
Security is one of the main challenges in healthcare systems because
there are both technical and non-technical aspects. From a technical
point of view, there are several technical barriers such as the integra-
tion of National Healthcare Systems (NHS) in order to share patients’
information and patients’ health records for improving diagnosis and
treatments. In fact, NHSs are differently managed and implemented
within the European Union, and even regions within each country have
different healthcare systems. Therefore, if we want to enable the ex-
change of health records among states we need to provide the means for
its interoperability. This integration of these different healthcare sys-
tems is a major challenge especially in an industry 4.0 environment.
From a non-technical point of view, security awareness is one of the
main topics to be addressed in healthcare systems. Technologies are
evolving and eHealth cloud [21] is being considered as well.
Privacy of the patient must be safeguarded within this kind of en-
vironments, especially when there is an increasing number of connected
devices and systems sharing information. For example, scanners’ results
used to include some patients’ identification and the exchange of these
results can identify patients.
2
Computer Standards & Interfaces 69 (2020) 103408
IoT systems are being integrated with NHS, and there are some IoT
system architectures well designed to support specific applications for
emerging healthcare industry [18].
The backbone for exchanging patient's health records cross
European countries is the OpenNCP platform [9]. This platform is
supported by the European Commission providing a common network
and an infrastructure to connect different national healthcare systems.
It was originally created by the epSOS project [32], and its being pro-
moted, evolved and enhanced through the eHealth Digital Service In-
frastructure (DSI) Operations [10]. The eHealth DSI (eHDSI) is the in-
itial deployment and operation of services for cross-border health data
exchange under the Connecting Europe Facility (CEF). Each National
Contact Points for eHealth (NCPeH) is deployed in a VM which con-
nects the others VM. Literature reflects some experiences such as [28]
In its turn, each member state has a complex and different infra-
structure connecting the OpenNCP. Several research works have been
published related to this platform such as [15].
Concerning Industry 4.0, communications is a central part of the
industry 4.0 such as defined by [26], and it's a relevant layer within the
reference architectural framework [26]. According to [25], there are
“several ways to improve security in electronic communications. The years
since 2013 have shown an increasing willingness on the part of companies to
implement more secure encryption. However, governments seem reluctant to
give up their acquired data sources to re-establish the state of law”.
2.2. GDPR, eHealth records and consent
The General Data Protection Regulation (GDPR) [29] is a European
directive (law) where security aspects related to personal data must be
enhanced. In addition, transfers of personal data to third countries or
international organizations are being considered as one of the main
challenges or topics to be addressed. In this context, consent manage-
ment is a key aspect. This law stresses the role of the patient and the
role of its consent given by the patient for data processing. According to
this law, Where processing is based on the data subject's consent, the con-
troller should be able to demonstrate that the data subject has given consent
to the processing operation [29]. And this consent must be also exchange
among different member states when a patient is being assisted by a
doctor in other country. Other research works related to GDPR such as
[22] are dealing with this recent regulation. Privacy regulation such as
GDPR and privacy rules related to collection, sharing and transferring
of personal and sensitive information is significantly impacting gov-
ernments and businesses. These rules and limitations will impact both
new and existing applications and may require significant modifications
to existing systems and data flows.
Another European directive is related to the management of pa-
tient's health records [30]. These records should be connected to
medical devices, hospitals records, and so on. Medical doctors require
as much information as possible, and patients’ information used to be
spread over the network
The aforementioned two European directives stress and emphasize
the consent management concept. Traditionally, the consent is captured
and represented in a piece of paper, and until now this is the best si-
tuation. In the worst situations, there is no evidence of the explicit
consent. Healthcare systems require to capture the informed consent
from patients in an explicit way that it cannot be a simple signed piece
of paper. Consent management systems must define a specific consent
architecture [12].
3. Enhanced Healthcare Industry 4.0
3.1. Healthcare industry 4.0 Architecture
The proposed architecture (Fig. 2) extends the IoT architecture [17]
and the Reference Architectural Model Industry 4.0 [26] in order to
support a healthcare industry 4.0 reference architecture. Basically, we
X. Larrucea, et al.
Fig. 2. Reference Architectural Model Industry 4.0 [26]. adopted for the
healthcare industry 4.0.
are using the same layered stack, including the following:
• Business Processes: this layer involves the interaction among the
different stakeholders to provide an added value to the healthcare
industry 4.0 stakeholders. This paper considers the consent man-
agement process to illustrate how it works since consent has a re-
levant role within the current regulations such as the GDPR.
• Functions: to implement consent management functionalities, we
need to develop and set up processes to (1) identify the sensitive
data elements and (2) enforce the consent decision – in addition to
the consent management tool per se. In particular, during interaction
among different healthcare systems as well as the explicit consent
stated by patients.
• Data: tightly related to the above layers, data layer is related with
the required data required by the OpenNCP architecture. This layer
deals with the format of the data, and the identification of the data,.
• Communication: we are using the OpenNCP as a communication
channel for sharing patients’ information such as eHealth records.
We extend the OpenNCP to include all different healthcare systems.
• Digitalization: health records are represented using HL7 () and fol-
lowing the International Patient Summary guidelines. Scanners and
other medical results such as blood analysis are digitalized.
• Physical Things: Mobile devices can access to health records by
using encrypted channels. This aspect is not addressed in this paper
due to space limitations.
3.2. Security and privacy mechanisms
As stated previously, the security and privacy mechanisms included
in our architecture acts over the stack defined in Fig. 2. It is essential to
specify how the data layer works for identifying sensitive information
with health records, and to hide this information.
3.2.1. Data layer
How does the Data hiding tool work?
The data hiding tool aims at addressing privacy rules related to
personal sensitive information sharing and storing – while providing a
solution for real-world applications and data flows. The hiding tool
addresses stringent requirements on the performance of the tool as well
as on the format of the hidden information in the payload and provides
multiple masking/unmasking operations (e.g. redact, tokenize, encrypt,
format preserving encryption etc.). In addition, the tool supports a wide
array of mechanisms to identify, select (sensitive) and modify data
elements within different types of payloads including structured, un-
structured and composite documents. Lastly, the tool provides the user
with a policy allowing her to specify the exact data elements to process,
what operation to perform on each of those elements and provides a
mechanism to specify predicated processing of select data items (e.g.
3
Computer Standards & Interfaces 69 (2020) 103408
based on consent decisions).
The hiding tool main interface is a single method called process.
This method received the payload, policy and a few more additional
arguments (e.g. the predicates) and provides as a result the processed
payload (e.g. masked/unmasked).
How does the Data Sensitivity work?
The process of identifying sensitive data is a necessary step to be
able to address EU GDPR regulation. The first step is to discover the
personal data in the organization datastores, categorize the data, and
finally apply appropriate methods to protect the data. Given a category,
the organization can adhere to a specific GDPR requirements. For ex-
ample, the GDPR defines special categories such as racial and health
data. A company must have a legitimate and lawful reason for col-
lecting, storing, transmitting, or processing these special categories.
The Data Sensitivity Analysis Tool addresses the first step. It finds
the sensitive/personal data in relational databases. The tool is provided
with DB tables for analysis and a configuration. The configuration al-
lows us to customize the tool and select relevant predefined classifiers.
In addition, the tool provides the ability to define custom classifiers.
The tool analyses each one of the tables and provides the table ca-
tegories as well as specific information for each column. This in-
formation includes the column categories and sub-categories, each at-
tached with a corresponding confidence score.
Internally, the tool utilizes several methods to identify categories.
These include: regular expression, dictionaries and methods to check
complex restrictions such as Luhn checksum. In addition, the tool uses
statistical analysis. It checks the percent of values that satisfy a specific
category such as email address or personal nationality identifier and
provides a corresponding score. Moreover, we developed advanced
classifiers that support differentiating between domain overlap cate-
gories.
3.2.2. Business processes layer
This layer is concerned with the upper layer of the architecture. We
have defined the architecture for supporting the consent management
because it is one of the two major issues [3] in healthcare systems.
Occasionally, a kind of remote consent is required when patients are not
physically present, and they want to capture and represent semantic
models for consent management. Sometimes, consent requires the ac-
cess to patient data [7], and physicians must deal with ethics aspects.
The data processing of health information among different actors (e.g.
peer to peer) [31] is the other major issue [3], and this is especially
relevant in emergency contexts [27] or even in the IoT (Internet of
Things). Consent and policies are tightly related between them. In fact,
according to [24]:
“the patient's consent has a pivotal role in granting or removing access
rights to subjects accessing patient's medical data. Depending on the
context in which the access is being executed, different consent policies
can be applied.”
Policy frameworks such as [14] are useful to enhance and provide
trust to users. In this sense, our approach based on [5] is to provide an
integrated set of tools that supports and enables the creation of a formal
structure for abstraction, governance and implementation of trust re-
lationships and security policies. Working across multiple disparate
organisations and technologies, it provides a standardized trusted me-
chanism between all parties for sharing data, whilst maintaining strict
conformance to the strongly defined trust framework.
Fig. 3 summarizes the workflow over two countries, and how the
consent and the data hiding tool are used. Consent manager reads the
patient's health records, and it defines a set of rules representing the
desire of the patient. Then the data hiding tool masks the appropriate
data. This masked data is the information patient does not want to
share. Afterwards all this information is exchanged and sent to the re-
quested country by using the extended OpenNCP.
X. Larrucea, et al.
Fig. 3. Business process flow and the interaction among the integrated tools for
enhancing security and privacy.
4. Case study
4.1. Research method
The purpose of this section is to report a case study. According to
[23] there are different research methodologies for case studies. Our
primary objective is exploratory, and the primary data used is quali-
tative. Our purpose is to analyze a specific situation where a citizen
travels from one country to another and there is a need for health data
exchange. This situation requires the use of a healthcare industry re-
ference architecture. The layers of this architecture are described in
previous section. Basically, this exploratory process is based on a gen-
eral overview, and the description of the healthcare industry reference
architecture layers. These descriptions are illustrated with an example.
4.2. General overview
The following figure (Fig. 4) summarizes the case study we are
using. We are connecting three different countries, and each country
has its own NHS, and their data is represented
However in order to simplify the scenario we are illustrating just
two countries in the following Fig. 5.
4.3. Business processes layer
This layer deals with the consent management in a healthcare in-
dustry 4.0 context where 2 different countries must collaborate and
share patient's health records for assisting a patient travelling from one
country to another.
Fig. 4. Reference Architectural Model Industry 4.0 adopted for the healthcare
industry 4.0.
4
Computer Standards & Interfaces 69 (2020) 103408
Fig. 5. A UK patient traveling to SPAIN, medical doctor and patient agreement
for exchanging data.
This case study (Fig. 5) is also based on the case studies reflected in
[15] where they use the same situation as a testing example. In this
case, a UK citizen travelling to Spain (Fig. 5) incurs a stroke and is taken
to the nearest Spanish hospital. While receiving first aid from the
Emergency Medical Services (EMS), the coordination center informs the
EMS in which hospital the patient should be taken to. At the same time
a message is sent to a workstation located in the emergency department
of the hospital responsible for alerting the first-aid unit. As soon as the
message is received a medical team is created for the stroke assistance.
To ensure the best assistance, the medical staff wishes to check the
patient's electronic health records (EHR) to know their medical history
(e.g. their epSOS patient summary).
From a technical point of view, Fig. 6 represents the solution where
different National Health Systems are interconnected [32]. Fig. 6 in-
cludes the two members of the European Union that are connected by
using OpenNCP. Each national OpenNCP installation plays a relevant
role within the consent management. This business process involves
different OpenNCP nodes and each node includes a set of functionalities
in order to strength data security and privacy. Security is a chain and it
is as strong as its weakest link and all these NHSs are connected by
using this platform.
Each national contact point has the same set of tools for managing
consent, for hiding sensitive data, and for secure monitoring (Fig. 6).
4.4. Data layer
As this layer is central aspect of our resulting platform, we show in
Fig. 7 the main UI for data hiding tool. The UI allows the user to create,
manage and test the hiding policies. Note, during runtime the data
hiding tools’ ‘process’ API is called with the policy id and relevant
payload.
Obviously, there are several connections among different tools such
as the consent manager, the data hiding tool and the extended
OpenNCP, but we just want to highlight the tool we have developed and
used for supporting the approach.
Although Fig. 7 is small, one can see the two main functionalities of
the tools’ UI: creation and management on the left side, testing on the
right. In the following paragraphs we provide an example of the out-
comes of this tool.
Example of an eHealth record masked
The data hiding tool was used to hide specific data in a Psychiatry
Discharge Report (XML based) and was configured to account for the
consent provided by the user and hide only the non-consented in-
formation.
Fig. 8 and Fig. 9 shows the original xml before and after the masking
tool was invoked. Note, in this case the tool encrypted all attributes and
text in the relevant section (shown).
Example of a Data Sensitivity work
We run the Data Sensitivity Analysis tool on consultation table with
our case study NHS DB. This table contains patient info including many
Direct and Indirect (Quasi) Personal Identifier information such as
X. Larrucea, et al. Computer Standards & Interfaces 69 (2020) 103408

Fig. 6. Reference Architectural Model Industry 4.0 adopted for the healthcare industry.

Fig. 7. Data Masking toolkit for the Reference Architectural Model Industry 4.0
adopted for the healthcare industry 4.0.

Fig. 9. An example of the XML masked.

name, phone, national id and birth date. The purpose was to categorize
correctly each of the table columns. The tool found that the table
contains both Direct and Indirect (Quasi) Personal Identifiers. In addi-
tion, for each column it provides its category and sub categories.
Fig. 10 displays part of the JSON result for the consultation table. As
illustrated, the consultation table contains both Direct Identifier and
Quasi Identifier columns. The HCP_ID column is identified as a Quasi
Identifier and the results show a high likely-hood (confidence score of
0.9) that it contains personal region information.

4.5. GDPR articles

Fig. 8. An example of the XML unmasked.
GDPR specification and adoption imply a set of legal requirements

5
X. Larrucea, et al.
Fig. 10. JSON result for the consultation table.
to be fulfilled. This case study is analyzed from the GDPR perspective
because it has a new kind of impact on systems for health data ex-
change. GDPR is applicable to any organization in the world that pur-
chases or uses applications, services, products processing data, and they
have a commercial presence in Europe. This directive is directly effec-
tive in all Member States of the European Union and thereby unifying
legal obligations that are currently defined at national level.
The assessment of GDPR within this case study is a complex process,
and probably it requires further and more in-depth analysis by ana-
lyzing the general legal and the fundamental-rights requirements.
Basically, this case study includes tools dealing with the GDPR's article
5 “Principles relating to processing of personal data”, and particularly
health records, In fact, the real application of the OpenNCP requires the
application of this directive, and the adoption of different methods and
tools. The GDPR's Article 6 Lawfulness of processing Therefore, the
reference architecture described in this paper deals with not only data
sensitivity analysis and data hiding tools, but also with consent man-
agement (GDPR's Article 7 Conditions for consent) and the use of
OpenNCP as an interoperability channel for assuring data portability
(GDPR article 20 Right to data portability).
5. Conclusions
The medical field is gaining momentum within the Industry 4.0. and
we cannot be on the sidelines of the incipient irruption of the health
sector within this paradigm. NHSs are processing and managing pa-
tients’ data, and they are starting to exchange eHealth records among
different countries. In addition, the health sector is including and de-
veloping medical devices, and they are being connected to the NHS in
order to support medical doctor's activities such as prescriptions,
treatments and so forth. This aspect involves technical challenges and
legal implications. Therefore, our contributions are aligned to support
this scenario and to overcome interoperability problems cross systems.
From a legal point of view, our approach to strengthen security and
privacy of personal data including transfers of personal data to third
countries promote by the General Data Protection Regulation (GDPR)
[29]. This paper contributes with the definition of a healthcare industry
4.0 architectural model based on a RAMI4.0. We have defined and used
consent manager and the data hiding tool for sharing health records.
Another relevant contribution is related to the integration of dif-
ferent tools for assuring security and privacy over the Healthcare
Industry architecture reference model. In this sense we identify a set of
potential threats and the security measures for data security and
privacy
6
Computer Standards & Interfaces 69 (2020) 103408
Our case study illustrates some of the real world complexities and
how the approach we took can address those complexities. This in-
cludes identifying and categorizing the information that is subject to
GDPR and consent, integrating the consent manager and data hiding
tool within the data flow while providing the user fined grained control
over his personal data.
As a future work, we are working on the exchange of patients’ data
stemming from mobile devices, and on how to integrate them into NHS,
and on how to prevent data breaches within this complex scenario.
CRediT authorship contribution statement
Xabier Larrucea: Conceptualization, Methodology, Validation.
Micha Moffie: Methodology, Software, Validation. Sigal Asaf:
Methodology, Software, Validation. Izaskun Santamaria:
Conceptualization, Supervision.
Declaration of Competing Interest
None
Acknowledgement
This paper has been partially funded by the SHiELD project, (H2020
Framework Contract No. GA 727301)
References
[1] Mohamed Alloghani, Dhiya Al-Jumeily, Abir Hussain, Ahmed J. Aljaaf,
Jamila Mustafina, E. Petrov, Healthcare services innovations based on the state of
the art technology trend industry 4.0, 2018 11th International Conference on
Developments in eSystems Engineering (DeSE), Cambridge, United Kingdom, IEEE,
2018, pp. 64–70, , https://doi.org/10.1109/DeSE.2018.00016.
[2] R. Anitha, Saswati Mukherjee, Data security in cloud for health care applications,
in: Hwa Young Jeong, Mohammad S. Obaidat, Neil Y. Yen, James J. Park (Eds.),
Advances in Computer Science and Its Applications, Springer, Berlin Heidelberg,
Berlin, Heidelberg, 2014, pp. 1201–1209, , https://doi.org/10.1007/978-3-642-
41674-3_167.
[3] Muhammad Rizwan Asghar, TzeHowe Lee, Mirza Mansoor Baig, Ehsan Ullah,
Giovanni Russello, Gillian Dobbie, A Review of Privacy and Consent Management in
Healthcare: A Focus On Emerging Data Sources, IEEE, 2017, pp. 518–522, https://
doi.org/10.1109/eScience.2017.84.
[4] Adel Badri, Bryan Boudreau-Trudel, Ahmed Saâdeddine Souissi, Occupational
health and safety in the industry 4.0 era: a cause for major concern? Saf. Sci. 109
(2018) 403–411, https://doi.org/10.1016/j.ssci.2018.06.012 November 2018.
[5] William J. Buchanan, Omair Uthmani, Lu Fan, Niall Burns, Owen Lo,
Alistair Lawson, James Varga, Cassie Anderson, Modelling of integrated trust,
governance and access, in: Massimo Felici (Ed.), Cyber Security and Privacy,
Springer, Berlin Heidelberg, Berlin, Heidelberg, 2013, pp. 91–101, , https://doi.
org/10.1007/978-3-642-41205-9_8.
[6] A. Celesti, O. Amft, M. Villari, Guest editorial special section on cloud computing,
edge computing, internet of things, and big data analytics applications for health-
care industry 4.0, IEEE Trans. Industr. Inf. 15 (1) (2019) 454–456, https://doi.org/
10.1109/TII.2018.2883315 January 2019.
[7] Margarida David, Fernando Rosa, Pedro Pereira Rodrigues, Need and Requirements
Elicitation For Electronic Access to Patient's Medication History in the Emergency
Department, IEEE, 2014, pp. 497–498, https://doi.org/10.1109/CBMS.2014.108.
[8] Mohamed Elhoseny, Ahmed Abdelaziz, Ahmed S. Salama, A.M. Riad,
Khan Muhammad, Arun Kumar Sangaiah, A hybrid model of internet of things and
cloud computing to manage big data in health services applications, Future Gener.
Comput. Syst. 86 (2018) 1383–1394, https://doi.org/10.1016/j.future.2018.03.
005 September 2018.
[9] European Commission. OpenNCP. Retrieved October 1, 2018 fromhttps://ec.
europa.eu/cefdigital/wiki/display/EHNCP.
[10] European Commission. eHealth DSI Operations. Retrieved July 29, 2018
fromhttps://ec.europa.eu/cefdigital/wiki/display/EHOPERATIONS/eHealth+DSI
+Operations+Home.
[11] Jigna J Hathaliya, Sudeep Tanwar, Sudhanshu Tyagi, Neeraj Kumar, Securing
electronics healthcare records in Healthcare 4.0 : a biometric-based approach,
Comput. Electr. Eng. 76 (2019) 398–410, https://doi.org/10.1016/j.compeleceng.
2019.04.017 June 2019.
[12] Oliver Heinze, Markus Birkle, Lennart Köster, Björn Bergh, Architecture of a con-
sent management suite and integration into IHE-based regional health information
networks, BMC Med. Inform. Decis. Mak. 11 (1) (2011), https://doi.org/10.1186/
1472-6947-11-58 December 2011.
[13] Mohd Javaid, Abid Haleem, Industry 4.0 applications in medical field: a brief re-
view, Current Med. Res. Pract. (2019), https://doi.org/10.1016/j.cmrp.2019.04.
X. Larrucea, et al.
001 April 2019.
[14] J. Karat, C.-.M. Karat, E. Bertino, N. Li, Q. Ni, C. Brodie, J. Lobo, S.B. Calo,
L.F. Cranor, P. Kumaraguru, R.W. Reeder, Policy framework for security and
privacy management, IBM J. Res. Dev. 53 (2) (2009), https://doi.org/10.1147/
JRD.2009.5429046 March 20094:1-4:14.
[15] Xabier Larrucea, Izaskun Santamaria, Ricardo Colomo-Palacios, Assessing source
code vulnerabilities in a cloud-based system for health systems: OpenNCP, IET
Softw. 13 (3) (2019) 195–202, https://doi.org/10.1049/iet-sen.2018.5294 June
2019.
[16] Marianna Lezzi, Mariangela Lazoi, Angelo Corallo, Cybersecurity for Industry 4.0 in
the current literature: a reference framework, Comput. Ind. 103 (2018) 97–110,
https://doi.org/10.1016/j.compind.2018.09.004 December 2018.
[17] Shancang Li, Li Da Xu, Shanshan Zhao, The internet of things: a survey, Inf. Syst.
Front. 17 (2) (2015) 243–259, https://doi.org/10.1007/s10796-014-9492-7 April
2015.
[18] Pasquale Pace, Gianluca Aloi, Raffaele Gravina, Giuseppe Caliciuri,
Giancarlo Fortino, Antonio Liotta, An edge-based architecture to support efficient
applications for healthcare industry 4.0, IEEE Trans. Ind. Inf. 15 (1) (2019)
481–489, https://doi.org/10.1109/TII.2018.2843169 January 2019.
[19] Zhibo Pang, Geng Yang, Ridha Khedri, Yuan-Ting Zhang, Introduction to the special
section: convergence of automation technology, biomedical engineering, and health
informatics toward the healthcare 4.0, IEEE Rev. Biomed. Eng. 11 (2018) 249–259,
https://doi.org/10.1109/RBME.2018.2848518 2018.
[20] Sabine Pfeiffer, The vision of “Industrie 4.0” in the making—a case of future told,
tamed, and traded, Nanoethics 11 (1) (2017) 107–121, https://doi.org/10.1007/
s11569-016-0280-3 April 2017.
[21] F. Ramalho, A. Neto, K. Santos, J.B. Filho, N. Agoulmine, Enhancing eHealth smart
applications: a fog-enabled approach, 2015 17th International Conference on E-
health Networking, Application & Services (HealthCom), Boston, MA, USA, IEEE,
2015, pp. 323–328, , https://doi.org/10.1109/HealthCom.2015.7454519.
[22] Erkuden Rios, Eider Iturbe, Xabier Larrucea, Massimiliano Rak, Wissam Mallouli,
Jacek Dominiak, Victor Muntés, Peter Matthews, Luis Gonzalez, Service level
agreement-based GDPR compliance and security assurance in (multi)Cloud-based
systems, IET Software (2019), https://doi.org/10.1049/iet-sen.2018.5293 February
2019.
[23] Per Runeson, Martin Höst, Guidelines for conducting and reporting case study
Computer Standards & Interfaces 69 (2020) 103408
research in software engineering, Empirical Softw. Eng. 14 (2) (2009) 131–164,
https://doi.org/10.1007/s10664-008-9102-8 April 2009.
[24] Giovanni Russello, Changyu Dong, Naranker Dulay, Consent-Based Workflows for
Healthcare Management, IEEE, 2008, pp. 153–161, https://doi.org/10.1109/
POLICY.2008.22.
[25] Stefan Schuster, M. van denBerg, X. Larrucea, T. Slewe, P. Ide-Kostic, Mass sur-
veillance and technological policy options: improving security of private commu-
nications, Comput. Stand. Interfaces 50 (2017) 76–82, https://doi.org/10.1016/j.
csi.2016.09.011 February 2017.
[26] Karsten Schweichhart. Reference architectural model industrie 4.0 (RAMI 4.0).
Retrieved fromhttps://ec.europa.eu/futurium/en/system/files/ged/a2-
schweichhart-reference_architectural_model_industrie_4.0_rami_4.0.pdf.
[27] Jason S. Shapiro, Diana Crowley, Shkelzen Hoxhaj, James Langabeer, Brian Panik,
Todd B. Taylor, Arlo Weltge, Jeffrey A. Nielson, Health information exchange in
emergency medicine, Ann. Emerg. Med. 67 (2) (2016) 216–226, https://doi.org/10.
1016/j.annemergmed.2015.06.018 February 2016.
[28] Mariacarla Staffa, Luigi Sgaglione, Giovanni Mazzeo, Luigi Coppolino,
Salvatore D'Antonio, Luigi Romano, Erol Gelenbe, Oana Stan, Sergiu Carpov,
Evangelos Grivas, Paolo Campegiani, Luigi Castaldo, Konstantinos Votis,
Vassilis Koutkias, Ioannis Komnios, An OpenNCP-based solution for secure eHealth
data exchange, J. Netw. Comput. Appl. 116 (2018) 65–85, https://doi.org/10.
1016/j.jnca.2018.05.012 August 2018.
[29] THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. 2016. Directive 95/46/EC
(General data protection regulation). Retrieved June 25, 2019 fromhttps://eur-lex.
europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679.
[30] THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION.
Directive 2011/24/EU of the European Parliament and of the council of 9 march
2011 on the application of patients’ rights in cross-border healthcare. Retrieved
June 25, 2019 fromhttps://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX
%3A32011L0024.
[31] Jens H. Weber-Jahnke, Christina Obry, Protecting privacy during peer-to-peer ex-
change of medical documents, Inf. Syst. Frontiers 14 (1) (2012) 87–104, https://
doi.org/10.1007/s10796-011-9304-2 March 2012.
[32] Smart Open Services for European Patients (epSOS). Retrieved July 29,
2018fromhttps://www.itu.int/net4/wsis/stocktaking/projects/Project/Details?
projectId=1399467257.