A survey of state-of-the-art methods for securing medical databases

This review article presents a survey of recent work devoted to advanced state-of-the-art methods for securing of medical databases. We concentrate on three main directions, which have received attention recently: attribute-based encryption for enabling secure access to confidential medical databases distributed among several data centers; homomorphic encryption for providing answers to confidential queries in a secure manner; and privacy-preserving data mining used to analyze data stored in medical databases for verifying hypotheses and discovering trends. Only the most recent and significant work has been included

Secure and Privacy-Preserving Data Sharing and Collaboration in Mobile Healthcare Social Networks of Smart Cities

Mobile healthcare social networks (MHSN) integrated with connected medical sensors and cloud-based health data storage provide preventive and curative health services in smart cities. The fusion of social data together with real-time health data facilitates a novel paradigm of healthcare big data analysis. However, the collaboration of healthcare and social network service providers may pose a series of security and privacy issues. In this paper, we propose a secure health and social data sharing and collaboration scheme in MHSN. To preserve the data privacy, we realize secure and fine-grained health data and social data sharing with attribute-based encryption and identity-based broadcast encryption techniques, respectively, which allows patients to share their private personal data securely. In order to achieve enhanced data collaboration, we allow the healthcare analyzers to access both the reencrypted health data and the social data with authorization from the data owner based on proxy reencryption. Specifically, most of the health data encryption and decryption computations are outsourced from resource-constrained mobile devices to a health cloud, and the decryption of the healthcare analyzer incurs a low cost. The security and performance analysis results show the security and efficiency of our scheme

Practice Management & Patient Health Record System

General Physicians or Specialists who has less number of patients often cannot afford to buy high end Practice management software which often costs thousands of dollars. Online Personal health record (PHR) sharing system is an emerging patient oriented model created for health information exchange following all HIPAA regulations, Using this application patient can share his/her health record with organizations (Hospitals, Health insurance firms.. etc.). It is an application which helps connect doctors and billers together and provides hassle free experience and it does not need any additional plugins or hardware and can be accessed from any device like personal computer, laptop or tablets instantly. In this application we are providing two registration forms, one for Patient and another for organization, unless patient or organization registers they will not be able use this application. If patient wants to share information with a third person who is not registered with the application they can do it so without any fright of exploitation of their record as the files would be encrypted and can only be accessed by the key. This key is system generated and it is generated at the time of patient sending his/her Health Record. For the patients, it gives the pleasure of staying at ease about their scheduled appointments with the doctor also providing them a platform to save their medical history at one organized easily accessible place to share, study and review. For the medical billers, PHR is a boon which saves the staff a lot of time to access the record and bill the patients’ insurances effectively complying with HIPAA norms

Protocols for Secure Computation on Privately Encrypted Data in the Cloud

Cloud services provide clients with highly scalable network, storage, and computational resources. However, these service come with the challenge of guaranteeing the confidentiality of the data stored on the cloud. Rather than attempting to prevent adversaries from compromising the cloud server, we aim in this thesis to provide data confidentiality and secure computations in the cloud, while preserving the privacy of the participants and assuming the existence of a passive adversary able to access all data stored in the cloud. To achieve this, we propose several protocols for secure and privacy-preserving data storage in the cloud. We further show their applicability and scalability through their implementations. we first propose a protocol that would allow emergency providers access to privately encrypted data in the cloud, in the case of an emergency, such as medical records. Second, we propose various protocols to allow a querying entity to securely query privately encrypted data in the cloud while preserving the privacy of the data owners and the querying entity. We also present cryptographic and non-cryptographic protocols for secure private function evaluation in order to extend the functions applicable in the protocols