{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,29]],"date-time":"2025-10-29T03:45:31Z","timestamp":1761709531616,"version":"3.37.3"},"reference-count":41,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2018,10,16]],"date-time":"2018-10-16T00:00:00Z","timestamp":1539648000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100010663","name":"H2020 European Research Council","doi-asserted-by":"publisher","award":["727528"],"award-info":[{"award-number":["727528"]}],"id":[{"id":"10.13039\/100010663","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["BMC Med Inform Decis Mak"],"published-print":{"date-parts":[[2018,12]]},"DOI":"10.1186\/s12911-018-0664-0","type":"journal-article","created":{"date-parts":[[2018,10,16]],"date-time":"2018-10-16T10:47:26Z","timestamp":1539686846000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":31,"title":["Comprehensive user requirements engineering methodology for secure and interoperable health data exchange"],"prefix":"10.1186","volume":"18","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4061-9815","authenticated-orcid":false,"given":"Pantelis","family":"Natsiavas","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Janne","family":"Rasmussen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maja","family":"Voss-Knude","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6381-8326","authenticated-orcid":false,"given":"\u039aostas","family":"Votis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2079-8713","authenticated-orcid":false,"given":"Luigi","family":"Coppolino","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Paolo","family":"Campegiani","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2938-7459","authenticated-orcid":false,"given":"Isaac","family":"Cano","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Mar\u00ed","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Giuliana","family":"Faiella","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6536-7300","authenticated-orcid":false,"given":"Fabrizio","family":"Clemente","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marco","family":"Nalin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9928-7077","authenticated-orcid":false,"given":"Evangelos","family":"Grivas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Oana","family":"Stan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9688-2201","authenticated-orcid":false,"given":"Erol","family":"Gelenbe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jos","family":"Dumortier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jan","family":"Petersen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6915-6722","authenticated-orcid":false,"given":"Dimitrios","family":"Tzovaras","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2571-8572","authenticated-orcid":false,"given":"Luigi","family":"Romano","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4995-5329","authenticated-orcid":false,"given":"Ioannis","family":"Komnios","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4154-850X","authenticated-orcid":false,"given":"Vassilis","family":"Koutkias","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,10,16]]},"reference":[{"unstructured":"KONFIDO project website. \n http:\/\/www.konfido-project.eu\/konfido\/\n \n . Accessed 18 May 2018.","key":"664_CR1"},{"key":"664_CR2","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/978-3-319-12229-8_2","volume-title":"Homomorphic Encryption. Homomorphic Encryption Appl","author":"X Yi","year":"2014","unstructured":"Yi X, Paulet R, Bertino E. Homomorphic Encryption. Homomorphic Encryption Appl. Cham: Springer; 2014. p. 27\u201346. \n https:\/\/doi.org\/10.1007\/978-3-319-12229-8_2\n \n ."},{"key":"664_CR3","doi-asserted-by":"publisher","first-page":"9653","DOI":"10.1038\/s41598-018-28008-6","volume":"8","author":"C Mesaritakis","year":"2018","unstructured":"Mesaritakis C, Akriotou M, Kapsalis A, Grivas E, Chaintoutis C, Nikas T, Syvridis D. Physical Unclonable function based on a multi-mode optical waveguide. Sci Rep. 2018;8:9653. \n https:\/\/doi.org\/10.1038\/s41598-018-28008-6\n \n .","journal-title":"Sci Rep"},{"issue":"5","key":"664_CR4","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/MSP.2014.103","volume":"12","author":"S Bhatt","year":"2014","unstructured":"Bhatt S, Manadhata PK, Zomlot L. The operational role of security information and event management systems. IEEE Secur Priv. 2014;12(5):35\u201341. \n https:\/\/doi.org\/10.1109\/MSP.2014.103\n \n .","journal-title":"IEEE Secur Priv"},{"issue":"9","key":"664_CR5","doi-asserted-by":"publisher","first-page":"e003800","DOI":"10.1161\/CIRCOUTCOMES.117.003800","volume":"10","author":"S Angraal","year":"2017","unstructured":"Angraal S, Krumholz HM, Schulz WL. Blockchain technology: applications in health care. Circ Cardiovasc Qual Outcomes. 2017;10(9):e003800 PMID:28912202.","journal-title":"Circ Cardiovasc Qual Outcomes"},{"key":"664_CR6","doi-asserted-by":"publisher","first-page":"617","DOI":"10.3233\/978-1-61499-512-8-617","volume":"210","author":"M Fonseca","year":"2015","unstructured":"Fonseca M, Karkaletsis K, Cruz I, Berler A, Oliveira I. OpenNCP: a novel framework to foster cross-border e-health services. Stud Health Technol Inform. 2015;210:617\u201321. \n https:\/\/doi.org\/10.3233\/978-1-61499-512-8-617\n \n .","journal-title":"Stud Health Technol Inform"},{"unstructured":"epSOS project website. \n https:\/\/ec.europa.eu\/digital-single-market\/en\/news\/cross-border-healthproject-epsos-what-has-it-achieved\n \n . Accessed 18 May 2018.","key":"664_CR7"},{"unstructured":"eIDAS website. \n https:\/\/www.eid.as\/home\/\n \n . Accessed 18 May 2018.","key":"664_CR8"},{"issue":"15","key":"664_CR9","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1016\/j.jnca.2018.05.012","volume":"116","author":"M Staffa","year":"2018","unstructured":"Staffa M, Sgaglione S, Mazzeo G, Coppolino L, D'Antonio S, Romano L, Gelenbe E, Stan O, Carpov S, Grivas E, Campegiani P, Castaldo L, Votis K, Koutkias V, Komnios I. An OpenNCP-based solution for secure eHealth data exchange. J Netw Comput Appl. 2018;116(15):65\u201385. \n https:\/\/doi.org\/10.1016\/j.jnca.2018.05.012\n \n .","journal-title":"J Netw Comput Appl"},{"key":"664_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1080\/17538157.2017.1363761","volume":"18","author":"A Tubaishat","year":"2017","unstructured":"Tubaishat A. Perceived usefulness and perceived ease of use of electronic health records among nurses: application of technology acceptance model. Inform Health Soc Care. 2017;18:1\u201311. \n https:\/\/doi.org\/10.1080\/17538157.2017.1363761\n \n .","journal-title":"Inform Health Soc Care"},{"issue":"1","key":"664_CR11","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1186\/s12911-017-0482-9","volume":"17","author":"J Tavares","year":"2017","unstructured":"Tavares J, Oliveira T. Electronic health record portal adoption: a cross country analysis. BMC Med Inform Decis Mak. 2017;17(1):97. \n https:\/\/doi.org\/10.1186\/s12911-017-0482-9\n \n .","journal-title":"BMC Med Inform Decis Mak"},{"unstructured":"Antilope project website. \n https:\/\/www.antilope-project.eu\/front\/index.html\n \n . Accessed 18 May 2018.","key":"664_CR12"},{"unstructured":"JAseHN project website. \n http:\/\/jasehn.eu\/\n \n . Accessed 18 May 2018.","key":"664_CR13"},{"unstructured":"SemanticHealthNet project website. \n http:\/\/www.semantichealthnet.eu\/\n \n . Accessed 18 May 2018.","key":"664_CR14"},{"unstructured":"DECIPHER project website. \n http:\/\/www.decipherpcp.eu\/\n \n . Accessed 18 May 2018.","key":"664_CR15"},{"unstructured":"STORK 2.0 project website. \n https:\/\/ec.europa.eu\/digital-single-market\/en\/content\/stork-take-your-eidentity-you-everywhere-eu\n \n . Accessed 18 May 2018.","key":"664_CR16"},{"key":"664_CR17","doi-asserted-by":"publisher","DOI":"10.2824\/217830","volume-title":"Security and resilience in eHealth infrastructures and services, Security Challenges and Risks","author":"D Liveri","year":"2015","unstructured":"Liveri D, Sarri A, Skouloudi C. Security and resilience in eHealth infrastructures and services, Security Challenges and Risks; 2015. \n https:\/\/doi.org\/10.2824\/217830\n \n ."},{"key":"664_CR18","doi-asserted-by":"publisher","DOI":"10.2824\/28801","volume-title":"Cyber security and resilience for Smart Hospitals","author":"European Union Agency for Network and Information Security","year":"2016","unstructured":"European Union Agency for Network and Information Security. Cyber security and resilience for Smart Hospitals; 2016. \n https:\/\/doi.org\/10.2824\/28801\n \n ."},{"unstructured":"ISO\/IEC 27000 standards family - Information security management systems. Geneva; 2016. \n https:\/\/www.iso.org\/isoiec-27001-information-security.html\n \n . Accessed 18 May 2018.","key":"664_CR19"},{"unstructured":"ISO\/IEC 27002:2013 - Information technology -- Security techniques -- Code of practice for information security controls. 2013. \n https:\/\/www.iso.org\/standard\/54533.html\n \n . Accessed 18 May 2018.","key":"664_CR20"},{"unstructured":"ISO\/IEC 27010:2015 - Information technology -- Security techniques -- Information security management for inter-sector and inter-organizational communications. 2015. \n https:\/\/www.iso.org\/standard\/68427.html\n \n . Accessed 18 May 2018.","key":"664_CR21"},{"unstructured":"ISO\/IEC 27040:2015 - Information technology -- Security techniques -- Storage security. 2015. \n https:\/\/www.iso.org\/standard\/44404.html\n \n . Accessed 18 May 2018.","key":"664_CR22"},{"unstructured":"ISO 27799:2016 - Health informatics -- Information security management in health using ISO\/IEC 27002. 2016. \n https:\/\/www.iso.org\/standard\/62777.html\n \n . Accessed 18 May 2018.","key":"664_CR23"},{"unstructured":"ISO 22857:2013 - Health informatics -- Guidelines on data protection to facilitate trans-border flows of personal health data. 2013. \n https:\/\/www.iso.org\/standard\/52955.html\n \n . Accessed 18 May 2018.","key":"664_CR24"},{"unstructured":"ISO\/IEC 25010:2011 - Systems and software engineering -- Systems and software Quality Requirements and Evaluation (SQuaRE) -- System and software quality models. 2011. \n https:\/\/www.iso.org\/standard\/35733.html\n \n . Accessed 18 May 2018.","key":"664_CR25"},{"key":"664_CR26","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/978-981-10-7419-6_13","volume-title":"Gap analysis for information security in interoperable solutions at a systemic level: the KONFIDO approach. Precision Medicine Powered by pHealth and Connected Health","author":"J Rasmussen","year":"2017","unstructured":"Rasmussen J, Natsiavas P, Votis K, et al. Gap analysis for information security in interoperable solutions at a systemic level: the KONFIDO approach. Precision Medicine Powered by pHealth and Connected Health, vol. 66. Singapore: Springer; 2017, IFMBE Proceedings. p. 75\u20139. \n https:\/\/doi.org\/10.1007\/978-981-10-7419-6_13\n \n ."},{"doi-asserted-by":"publisher","unstructured":"Coppolino L, D\u2019Antonio S, Romano L, Staffa M. KONFIDO project: a secure infrastructure increasing interoperability on a systemic level among eHealth services across Europe. Proc. IEEE Int Conf Internet of Things (iThings) and Green Computing and Communications (GreenCom) and Cyber, Physical and Social Computing (CPSCom) and Smart Data (SmartData). 2017;342\u20137. \n https:\/\/doi.org\/10.1109\/iThings-GreenCom-CPSCom-SmartData.2017.57\n \n .","key":"664_CR27","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData.2017.57"},{"issue":"2","key":"664_CR28","first-page":"296","volume":"12","author":"LR Wong","year":"2017","unstructured":"Wong LR, Mauricio DS, Rodriguez GD. A systematic literature review about software requirements elicitation. J Eng Sci Technol. 2017;12(2):296\u2013317.","journal-title":"J Eng Sci Technol"},{"key":"664_CR29","doi-asserted-by":"publisher","first-page":"1288","DOI":"10.1145\/3019612.3019789","volume-title":"Deriving use cases from business processes: a goal-oriented transformational approach. Proc Symp Appl Comput - SAC \u201817","author":"G Park","year":"2017","unstructured":"Park G, Fellir F, Hong J-E, Garrido JL, Noguera M, Chung L. Deriving use cases from business processes: a goal-oriented transformational approach. Proc Symp Appl Comput - SAC \u201817. New York: ACM Press; 2017. p. 1288\u201395. \n https:\/\/doi.org\/10.1145\/3019612.3019789\n \n ."},{"key":"664_CR30","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/978-3-642-12550-8_7","volume-title":"Natural Language Processing and Information Systems","author":"Leonid Kof","year":"2010","unstructured":"Kof L. Requirements analysis: concept extraction and translation of textual specifications to executable models. Natural Language Processing and Information Systems (NLDB 2009). Lecture Notes in Computer Science, vol. 5723. Berlin: Springer; 2010. p. 79\u201390. \n https:\/\/doi.org\/10.1007\/978-3-642-12550-8_7\n \n ."},{"key":"664_CR31","doi-asserted-by":"publisher","first-page":"586","DOI":"10.1109\/ICCAD.2014.7001410","volume":"2014","author":"R Drechsler","year":"2014","unstructured":"Drechsler R, Soeken M, Wille R. Automated and quality-driven requirements engineering. IEEE\/ACM Int Conf Comput Des IEEE. 2014;2014:586\u201390. \n https:\/\/doi.org\/10.1109\/ICCAD.2014.7001410\n \n .","journal-title":"IEEE\/ACM Int Conf Comput Des IEEE"},{"doi-asserted-by":"publisher","unstructured":"Nematzadeh A, Camp LJ. Threat analysis of online health information system. Proc 3rd Int Conf PErvasive Technol Relat to Assist Environ - PETRA \u201810. New York: ACM Press; 2010. Article No. 31. \n https:\/\/doi.org\/10.1145\/1839294.1839331\n \n .","key":"664_CR32","DOI":"10.1145\/1839294.1839331"},{"doi-asserted-by":"publisher","unstructured":"Schneider RM. A comparison of information security risk analysis in the context of e-government to criminological threat assessment techniques. Proc 2010 Inf Secur Curric dev Annu Conf (InfoSecCD'10). 2010;107\u201316.\u00a0\n https:\/\/doi.org\/10.1145\/1940941.1940966\n \n .","key":"664_CR33","DOI":"10.1145\/1940941.1940966"},{"key":"664_CR34","volume-title":"Threats and countermeasures","author":"JD Meier","year":"2003","unstructured":"Meier JD, Mackman A, Dunner M, Vasireddy S, Escamilla R, Murukan A. Threats and countermeasures. 2003. \n https:\/\/msdn.microsoft.com\/en-us\/library\/ff648641.aspx\n \n . Accessed 18 May 2018."},{"unstructured":"The EU General Data Protection Regulation (GDPR). \n https:\/\/www.eugdpr.org\/\n \n . Accessed 18 May 2018.","key":"664_CR35"},{"unstructured":"Shaughnessy JJ, Zechmeister EB, Zechmeister JS. Research methods in psychology. 10th ed. New York: McGraw-Hill Education; 2015. ISBN:978-0-07-782536-2.","key":"664_CR36"},{"key":"664_CR37","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1007\/978-981-10-7419-6_14","volume-title":"Identification of barriers and facilitators for eHealth acceptance: the KONFIDO study. Precision Medicine Powered by pHealth and Connected Health","author":"P Natsiavas","year":"2017","unstructured":"Natsiavas P, Kakalou C, Votis K, et al. Identification of barriers and facilitators for eHealth acceptance: the KONFIDO study. Precision Medicine Powered by pHealth and Connected Health, vol. 66. Singapore: Springer; 2017, IFMBE Proceedings. p. 81\u20135. \n https:\/\/doi.org\/10.1007\/978-981-10-7419-6_14\n \n ."},{"unstructured":"Trilium II project website. \n https:\/\/trillium2.eu\/\n \n . Accessed 20 July 2018.","key":"664_CR38"},{"key":"664_CR39","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1007\/978-3-319-09798-5_2","volume-title":"Requirements engineering: best practice. Requir Eng Digit Heal","author":"SA Fricker","year":"2015","unstructured":"Fricker SA, Grau R, Zwingli A. Requirements engineering: best practice. Requir Eng Digit Heal. Cham: Springer International Publishing; 2015. p. 25\u201346. \n https:\/\/doi.org\/10.1007\/978-3-319-09798-5_2\n \n ."},{"key":"664_CR40","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/978-3-319-09798-5_8","volume-title":"How to elicit, analyse and validate requirements for a digital health solution. Requir Eng Digit Heal","author":"M Volk","year":"2015","unstructured":"Volk M, Falk-Andersson N, Sedlar U. How to elicit, analyse and validate requirements for a digital health solution. Requir Eng Digit Heal. Cham: Springer International Publishing; 2015. p. 155\u201388. \n https:\/\/doi.org\/10.1007\/978-3-319-09798-5_8\n \n ."},{"key":"664_CR41","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/978-3-319-09798-5_7","volume-title":"Identifying security requirements and privacy concerns in digital health applications. Requir Eng Digit Heal","author":"GS Brost","year":"2015","unstructured":"Brost GS, Hoffmann M. Identifying security requirements and privacy concerns in digital health applications. Requir Eng Digit Heal. Cham: Springer International Publishing; 2015. p. 133\u201354. \n https:\/\/doi.org\/10.1007\/978-3-319-09798-5_7\n \n ."}],"container-title":["BMC Medical Informatics and Decision Making"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s12911-018-0664-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s12911-018-0664-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s12911-018-0664-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,15]],"date-time":"2019-10-15T19:11:41Z","timestamp":1571166701000},"score":1,"resource":{"primary":{"URL":"https:\/\/bmcmedinformdecismak.biomedcentral.com\/articles\/10.1186\/s12911-018-0664-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,10,16]]},"references-count":41,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,12]]}},"alternative-id":["664"],"URL":"https:\/\/doi.org\/10.1186\/s12911-018-0664-0","relation":{},"ISSN":["1472-6947"],"issn-type":[{"type":"electronic","value":"1472-6947"}],"subject":[],"published":{"date-parts":[[2018,10,16]]},"assertion":[{"value":"21 May 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 September 2018","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 October 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The survey targeting citizens\/patients referred in the manuscript was approved by CERTH\u2019s Bioethics Committee. The participants gave online informed consent to participate in the survey.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval and consent to participate"}},{"value":"Not applicable; the manuscript does not contain individual level of data.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}},{"value":"One of the authors (namely, VK) is an Associate Editor with BMC Medical Informatics and Decision Making in a different section (i.e., \u201cDecision Support\u201d) compared to the section that the current paper has been submitted to (i.e., \u201cHealthcare Information Systems\u201d). The authors declare that they have no competing interests.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}},{"value":"Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Publisher\u2019s Note"}}],"article-number":"85"}}