Towards A Well-Secured Electronic Health Record in the Health Cloud

The major concerns for most cloud implementers particularly in the health care industry have remained data security and privacy. A prominent and major threat that constitutes a hurdle for practitioners within the health industry from exploiting and benefiting from the gains of cloud computing is the fear of theft of patients health data in the cloud. Investigations and surveys have revealed that most practitioners in the health care industry are concerned about the risk of health data mix-up amongst the various cloud providers, hacking to comprise the cloud platform and theft of vital patients’ health data.An overview of the diverse issues relating to health data privacy and overall security in the cloud are presented in this technical report. Based on identifed secure access requirements, an encryption-based eHR security model for securing and enforcing authorised access to electronic health data (records), eHR is also presented. It highlights three core functionalities for managing issues relating to health data privacy and security of eHR in health care cloud

LEVERAGING BLOCKCHAIN TECHNOLOGY FOR SLA ENFORCEMENT IN HEALTH CARE CLOUD PARTNERSHIPS

The healthcare industry is rapidly adopting cloud-based solutions to improve operational efficiency and patient outcomes. However, healthcare cloud partnerships often face challenges related to the lack of scalability, trust, and Service Level Agreement (SLA) enforcement, and has a notable impact on consumer care quality. To address this issue, the study proposed leveraging blockchain technology to enhance SLA enforcement by using smart contracts in health care cloud partnerships for small and medium-sized facilities. The research questions were: Q.1 What are the current challenges facing small to medium sized healthcare facilities in enforcing SLAs in cloud partnerships? Q.2 How can BC-based smart contracts helps enhance scalability in cloud computing systems in healthcare SMEs by enforcing Service Level Agreements (SLAs) in a safe and efficient manner? Q.3 What are the factors that affect the implementation of blockchain-based smart contracts for SLA enforcement in healthcare SMEs cloud partnerships? The project utilized case studies to demonstrate the effectiveness of using BC technology based smart contracts to enhance SLA enforcement and improve patient outcomes. The findings and conclusions were as follows: 1. Current challenges facing healthcare SMEs in enforcing SLAs in cloud partnerships: SMEs may lack bargaining power, resources, and technical expertise to effectively negotiate, monitor, and enforce SLAs in cloud partnerships, leading to service disruptions, compliance issues, and financial losses. 2. BC-based smart contracts can enhance the scalability of cloud computing systems in healthcare SMEs by automating SLA execution, ensuring real-time data integrity, transparency, and accountability, reducing fraud, error, and transaction costs, and enabling decentralized trust among stakeholders. 3. Factors affecting the implementation of BC-based smart contracts to better SLA enforcement in healthcare SMEs cloud partnerships: regulatory uncertainty, interoperability, standardization, privacy, security, cost, complexity, governance, and user adoption, and 4. Unique Trends and challenges in the healthcare industry for its data analysis: increasing demand for real-time, patient-centered, personalized, and evidence-based care, generating and integrating large volumes of diverse and complex data from multiple sources, ensuring data quality, privacy, and security, complying with regulations and standards, and fostering collaboration and innovation across stakeholders. MedRec, SimplyVital Health, and Medical Chain demonstrate how BC provides secure data sharing, encryption and access control mechanisms, and promotes interoperability through standard data formats and protocols. Results showed improved scalability, trust, and SLA enforcement with the use of BC technology. Further research in the other domains of this area is recommended. It is required to address broader aspects related to the topic. The areas for further study that emerged from the findings and conclusions of this project include: 1. interoperability,2. trusted monitoring solutions, 3.user experience, 4. privacy and security,5. med tokens, cost and 6. integration with existing BSS and OSS. Keywords: Cloud computing, Blockchain technology, SLA enforcement, Smart Contracts, Healthcare cloud, Blockchain-based SLA enforcement, Smart Healthcare, e-healthcare, Scalability

Secure and Trustable Electronic Medical Records Sharing using Blockchain

Electronic medical records (EMRs) are critical, highly sensitive private information in healthcare, and need to be frequently shared among peers. Blockchain provides a shared, immutable and transparent history of all the transactions to build applications with trust, accountability and transparency. This provides a unique opportunity to develop a secure and trustable EMR data management and sharing system using blockchain. In this paper, we present our perspectives on blockchain based healthcare data management, in particular, for EMR data sharing between healthcare providers and for research studies. We propose a framework on managing and sharing EMR data for cancer patient care. In collaboration with Stony Brook University Hospital, we implemented our framework in a prototype that ensures privacy, security, availability, and fine-grained access control over EMR data. The proposed work can significantly reduce the turnaround time for EMR sharing, improve decision making for medical care, and reduce the overall costComment: AMIA 2017 Annual Symposium Proceeding

On the feasibility of attribute-based encryption on Internet of Things devices

Attribute-based encryption (ABE) could be an effective cryptographic tool for the secure management of Internet of Things (IoT) devices, but its feasibility in the IoT has been under-investigated thus far. This article explores such feasibility for well-known IoT platforms, namely, Intel Galileo Gen 2, Intel Edison, Raspberry pi 1 model B, and Raspberry pi zero, and concludes that adopting ABE in the IoT is indeed feasible

Trusted cloud computing framework for healthcare sector

Cloud computing is rapidly evolving due to its efficient characteristics such as cost-effectiveness, availability and elasticity. Healthcare organizations and consumers lose control when they outsource their sensitive data and computing resources to a third party Cloud Service Provider (CSP), which may raise security and privacy concerns related to data loss and misuse appealing threats. Lack of consumers' knowledge about their data storage location may lead to violating rules and regulations of Health Insurance Portability and Accountability Act (HIPAA) that can cost them huge penalty. Fear of data breach by internal or external hackers may decrease consumers' trust in adopting cloud computing and benefiting from its promising features. We designed a HealthcareTrusted Cloud Computing (HTCC) framework that maintains security, privacy and considers HIPAA regulations. HTCC framework deploys Trusted Computing Group (TCG) technologies such as Trusted Platform Module (TPM), Trusted Software Stack (TSS), virtual Trusted Platform Module (vTPM), Trusted Network Connect (TNC) and Self Encrypting Drives (SEDs). We emphasize on using strong multi-factor authentication access control mechanisms and strict security controls, as well as encryption for data at storage, in-transit and while process. We contributed in customizing a cloud Service Level Agreement (SLA) by considering healthcare requirements. HTCC was evaluated by comparing with previous researchers' work and conducting survey from experts. Results were satisfactory and showed acceptance of the framework. We aim that our proposed framework will assist in optimizing trust on cloud computing to be adopted in healthcare sector

A systematic literature review of cloud computing in eHealth

Cloud computing in eHealth is an emerging area for only few years. There needs to identify the state of the art and pinpoint challenges and possible directions for researchers and applications developers. Based on this need, we have conducted a systematic review of cloud computing in eHealth. We searched ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as well as relevant open-access journals for relevant articles. A total of 237 studies were first searched, of which 44 papers met the Include Criteria. The studies identified three types of studied areas about cloud computing in eHealth, namely (1) cloud-based eHealth framework design (n=13); (2) applications of cloud computing (n=17); and (3) security or privacy control mechanisms of healthcare data in the cloud (n=14). Most of the studies in the review were about designs and concept-proof. Only very few studies have evaluated their research in the real world, which may indicate that the application of cloud computing in eHealth is still very immature. However, our presented review could pinpoint that a hybrid cloud platform with mixed access control and security protection mechanisms will be a main research area for developing citizen centred home-based healthcare applications