An HIT solution for clinical care and disaster planning: How one health center in Joplin, MO survived a tornado and avoided a health information center

Since taking office, President Obama has made substantial investments in promoting the diffusion of health information technology. The objective of the national health IT program is, generally, to enable health care providers to better manage patient care through secure use and sharing of health information. Through the use of technologies including electronic health records, providers can better maintain patient care information and facilitate communication, often improving care outcomes. The recent tornado in Joplin, MO highlights the importance of health information technology in the health center context, and illustrates the importance of secure electronic health information systems as a crucial element of disaster and business continuity planning. This article examines the experience of a community health center in the aftermath of the major tornado that swept through the American midwest in the spring of 2011, and provides insight into the planning for disaster survival and recovery as it relates to patient records and health center data

Secure and Trustable Electronic Medical Records Sharing using Blockchain

Electronic medical records (EMRs) are critical, highly sensitive private information in healthcare, and need to be frequently shared among peers. Blockchain provides a shared, immutable and transparent history of all the transactions to build applications with trust, accountability and transparency. This provides a unique opportunity to develop a secure and trustable EMR data management and sharing system using blockchain. In this paper, we present our perspectives on blockchain based healthcare data management, in particular, for EMR data sharing between healthcare providers and for research studies. We propose a framework on managing and sharing EMR data for cancer patient care. In collaboration with Stony Brook University Hospital, we implemented our framework in a prototype that ensures privacy, security, availability, and fine-grained access control over EMR data. The proposed work can significantly reduce the turnaround time for EMR sharing, improve decision making for medical care, and reduce the overall costComment: AMIA 2017 Annual Symposium Proceeding

Emendation of Undesirable Attack on Multiparty Data Sharing With Anonymous Id Assignment Using AIDA Algorithm

Security is a state of being free from danger or threat. When someone finds the vulnerabilities and loopholes in a system without permission means the system lacks its security. Wherever a secure data sharing occurs between multiparty there would be the possibility for undesirable attacks. In a variety of application domains such as patient medical records, military applications, social networking, electronic voting, business and personal applications there is a great significance of anonymity. Using this system we can store our data as groups and also encrypt it with encryption key. Only the privileged person can see the data. The secure computation function widely used is secure sum that allows parties to compute the sum of their individual inputs without mentioning the inputs to one another. This function helps to characterize the complexities of the secure multiparty computation. Another algorithm for sharing simple integer data on top of secure sum is built. The sharing algorithm will be used at each iteration of this algorithm for anonymous ID assignment (AIDA). By this algorithm and certain security measures it is possible to have a system which is free from undesirable attacks. Keywords:Vulnerability, anonymity, encryption key, secure multiparty computation, AIDA

Literature Survey on Secure Multiparty Anonymous Data Sharing

The  popularity of internet as a communication medium whether for personal or business requires anonymous communication in various ways. Businesses also have legitimate reasons to make communication anonymous and avoid the consequences of identity revelation. The problem of sharing privately held data so that the individuals who are the subjects of the data cannot be identified has been researched extensively. Researchers have understood the need of anonymity in various application domains: patient medical records, electronic voting, e-mail, social networking, etc. Another form of anonymity, as used in secure multiparty computation, allows multiple parties on a network to jointly carry out a global computation that depends on data from each party while the data held by each party remains unknown to the other parties. The secure computation function widely used is secure sum that allows parties to compute the sum of their individual inputs without mentioning the inputs to one another. This function helps to characterize the complexities of the secure multiparty computation. Keywords:Anonymity,Secure multiparty computatio

Rights management technologies: A good choice for securing electronic healthrecords?

Advances in healthcare IT bring new concerns with respect to privacy and security. Security critical patient data no longer resides on mainframes physically isolated within an organization, where physical security measures can be taken to defend the data and the system. Modern solutions are heading towards open, interconnected environments where storage outsourcing and operations on untrusted servers happen frequently. In order to allow secure sharing of health records between different healthcare providers, Rights Management Techniques facilitating a datacentric protection model can be employed: data is cryptographically protected and allowed to be outsourced or even freely float on the network. Rather than relying on different networks to provide confidentiality, integrity and authenticity, data is protected at the end points of the communication. In this paper we compare Enterprise/Digital Rights Management with traditional security techniques and discuss how Rights Management can be applied to secure Electronic Health Records

A Review of Electronic Health Records Systems Around the World

Electronic Medical Records (EMR) are digitised versions of the paper charts in clinician offices, clinics and hospitals. The information in an EMR is usually stored locally at a practice or a hospital, and it contains the medical and treatment history of a patient. [1] [2] [3] Electronic Health Records (EHR) focus on the total health of a patient, and are designed to reach out beyond the health organisation. The EHR systematically collate and store digitised data on patients from the different healthcare and medical organisations and providers. They also enable the secure electronic sharing of these data between the different healthcare settings, and in some instances, the patient. The information, which includes the EMR, moves with the patient between different healthcare settings, providing a more holistic view of the state of a patient across time. The EHR can also provide information on population health by aggregating relevant data (permissions providing). Sometimes EHR is also referred to as an Electronic Patient Record (EPR). [1] [2] [3

Assured information sharing for ad-hoc collaboration

Collaborative information sharing tends to be highly dynamic and often ad hoc among organizations. The dynamic natures and sharing patterns in ad-hoc collaboration impose a need for a comprehensive and flexible approach to reflecting and coping with the unique access control requirements associated with the environment. This dissertation outlines a Role-based Access Management for Ad-hoc Resource Shar- ing framework (RAMARS) to enable secure and selective information sharing in the het- erogeneous ad-hoc collaborative environment. Our framework incorporates a role-based approach to addressing originator control, delegation and dissemination control. A special trust-aware feature is incorporated to deal with dynamic user and trust management, and a novel resource modeling scheme is proposed to support fine-grained selective sharing of composite data. As a policy-driven approach, we formally specify the necessary pol- icy components in our framework and develop access control policies using standardized eXtensible Access Control Markup Language (XACML). The feasibility of our approach is evaluated in two emerging collaborative information sharing infrastructures: peer-to- peer networking (P2P) and Grid computing. As a potential application domain, RAMARS framework is further extended and adopted in secure healthcare services, with a unified patient-centric access control scheme being proposed to enable selective and authorized sharing of Electronic Health Records (EHRs), accommodating various privacy protection requirements at different levels of granularity

New Advanced Technologies to Provide Decentralised and Secure Access to Medical Records: Case Studies in Oncology

The main problem for health professionals and patients in accessing information is that this information is very often distributed over many medical records and locations. This problem is particularly acute in cancerology because patients may be treated for many years and undergo a variety of examinations. Recent advances in technology make it feasible to gain access to medical records anywhere and anytime, allowing the physician or the patient to gather information from an “ephemeral electronic patient record”. However, this easy access to data is accompanied by the requirement for improved security (confidentiality, traceability, integrity, ...) and this issue needs to be addressed. In this paper we propose and discuss a decentralised approach based on recent advances in information sharing and protection: Grid technologies and watermarking methodologies. The potential impact of these technologies for oncology is illustrated by the examples of two experimental cases: a cancer surveillance network and a radiotherapy treatment plan. It is expected that the proposed approach will constitute the basis of a future secure “google-like” access to medical records

A Scalable Multi-Layered Blockchain Architecture for Enhanced EHR Sharing and Drug Supply Chain Management

In recent years, the healthcare sector's shift to online platforms has spotlighted challenges concerning data security, privacy, and scalability. Blockchain technology, known for its decentralized, secure, and immutable nature, emerges as a viable solution for these pressing issues. This article presents an innovative Electronic Health Records (EHR) sharing and drug supply chain management framework tailored to address scalability, security, data integrity, traceability, and secure data sharing. The framework introduces five layers and transactions, prioritizing patient-centric healthcare by granting patients comprehensive access control over their health information. This access facilitates smoother processes, such as insurance claims, while maintaining robust security measures. Notably, our implementation of parallelism significantly bolsters scalability and transaction throughput while minimizing network traffic. Performance evaluations conducted through the Caliper benchmark indicate a slight increase in processor consumption during specific transactions, mitigated effectively by parallelization. RAM requirements remain largely stable. Additionally, our approach notably reduces network traffic while tripling transaction throughput. The framework ensures patient privacy, data integrity, access control, and interoperability, aligning with traditional healthcare systems. Moreover, it provides transparency and real-time drug supply monitoring, empowering decision-makers with actionable insights. As healthcare evolves, our framework sets a crucial precedent for innovative, scalable, and secure systems. Future enhancements could focus on scalability, real-world deployment, standardized data formats, reinforced security protocols, privacy preservation, and IoT integration to comply with regulations and meet evolving industry needs