4,091 research outputs found

    Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography

    Get PDF
    Several recent works have proposed and implemented cryptography as a means to preserve privacy and security of patients health data. Nevertheless, the weakest point of electronic health record (EHR) systems that relied on these cryptographic schemes is key management. Thus, this paper presents the development of privacy and security system for cryptography-based-EHR by taking advantage of the uniqueness of fingerprint and iris characteristic features to secure cryptographic keys in a bio-cryptography framework. The results of the system evaluation showed significant improvements in terms of time efficiency of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood of imposters gaining successful access to the keys protecting patients protected health information. This result also justifies the feasibility of implementing fuzzy key binding scheme in real applications, especially fuzzy vault which demonstrated a better performance during key reconstruction

    The Active Bundle Scheme for Protecting Electronic Medical Records

    Get PDF
    Adoption of the electronic medical records (EMRs) or electronic health records (EHRs) by healthcare providers will improve the quality of the American healthcare and reduce the annual bill. However, it will also increase privacy threats due to easier dissemination of EMRs/EHRs than “paper” medical records. Current privacy protection solutions for patient EMRs/EHRs have two main limitations: (1) they require an extensive exchange of messages between computer systems of healthcare providers; and (2) they depend only on data encryption. In this position paper, we propose a solution that provides protection for the patients\u27 EMRs/EHRs disseminated among different authorized healthcare provider systems. This is achieved through the use of the construct named active bundles (ABs). ABs keep EMRs/EHRs as sensitive data, include metadata containing privacy policies, and encompass a virtual machine that enforces privacy policies

    Double Secret Protection: Bridging Federal and State Law To Protect Privacy Rights for Telemental and Mobile Health Users

    Get PDF
    Mental health care in the United States is plagued by stigma, cost, and access issues that prevent many people from seeking and continuing treatment for mental health conditions. Emergent technology, however, may offer a solution. Through telemental health, patients can connect with providers remotely—avoiding stigmatizing situations that can arise from traditional healthcare delivery, receiving more affordable care, and reaching providers across geographic boundaries. And with mobile health technology, people can use smart phone applications both to self-monitor their mental health and to communicate with their doctors. But people do not want to take advantage of telemental and mobile health unless their privacy is protected. After evaluating the applicability of current health information privacy law to these new forms of treatment, this Note proposes changes to the federal regime to protect privacy rights for telemental and mobile health users

    Advancing Healthcare Security: A Cutting-Edge Zero-Trust Blockchain Solution for Protecting Electronic Health Records

    Get PDF
    The effective management of electronic health records (EHRs) is vital in healthcare. However, traditional systems often need help handling data inconsistently, providing limited access, and coordinating poorly across facilities. This study aims to tackle these issues using blockchain technology to improve EHR systems' data security, privacy, and interoperability. By thoroughly analyzing blockchain's applications in healthcare, we propose an innovative solution that leverages blockchain's decentralized and immutable nature, combined with advanced encryption techniques such as the Advanced Encryption Standard and Zero Knowledge Proof Protocol, to fortify EHR systems. Our research demonstrates that blockchain can effectively overcome significant EHR challenges, including fragmented data and interoperability problems, by facilitating secure and transparent data exchange, leading to enhanced coordination, care quality, and cost-efficiency across healthcare facilities. This study offers practical guidelines for implementing blockchain technology in healthcare, emphasizing a balanced approach to interoperability, privacy, and security. It represents a significant advancement over traditional EHR systems, boosting security and affording patients greater control over their health records. Doi: 10.28991/HIJ-2023-04-03-012 Full Text: PD

    Double Secret Protection: Bridging Federal and State Law To Protect Privacy Rights for Telemental and Mobile Health Users

    Get PDF
    Mental health care in the United States is plagued by stigma, cost, and access issues that prevent many people from seeking and continuing treatment for mental health conditions. Emergent technology, however, may offer a solution. Through telemental health, patients can connect with providers remotely—avoiding stigmatizing situations that can arise from traditional healthcare delivery, receiving more affordable care, and reaching providers across geographic boundaries. And with mobile health technology, people can use smart phone applications both to self-monitor their mental health and to communicate with their doctors. But people do not want to take advantage of telemental and mobile health unless their privacy is protected. After evaluating the applicability of current health information privacy law to these new forms of treatment, this Note proposes changes to the federal regime to protect privacy rights for telemental and mobile health users

    Health data in cloud environments

    Full text link
    The process of provisioning healthcare involves massive healthcare data which exists in different forms on disparate data sources and in different formats. Consequently, health information systems encounter interoperability problems at many levels. Integrating these disparate systems requires the support at all levels of a very expensive infrastructures. Cloud computing dramatically reduces the expense and complexity of managing IT systems. Business customers do not need to invest in their own costly IT infrastructure, but can delegate and deploy their services effectively to Cloud vendors and service providers. It is inevitable that electronic health records (EHRs) and healthcare-related services will be deployed on cloud platforms to reduce the cost and complexity of handling and integrating medical records while improving efficiency and accuracy. The paper presents a review of EHR including definitions, EHR file formats, structures leading to the discussion of interoperability and security issues. The paper also presents challenges that have to be addressed for realizing Cloudbased healthcare systems: data protection and big health data management. Finally, the paper presents an active data model for housing and protecting EHRs in a Cloud environment

    Protecting patients’ electronic health records using enhanced active bundles

    Get PDF
    We propose a solution that provides protection for patients' electronic health/medical records disseminated among different authorized healthcare information systems. The solution is known as Active Bundles using a Trusted Third Party (ABTTP). It is based on the use of trusted third parties, and the construct named active bundles. The latter keep electronic health/medical records as sensitive data; include metadata with information describing sensitive data and prescribing their use; and encompass a virtual machine (VM), which controls and manages how its active bundle behaves. An essential task of the VM is enforcement of the privacy and other policies specified by metadata. We also propose enhancements to the ABTTP scheme. They include adding to ABTTP an algorithm finding the degree of privacy policy inclusion between two privacy policies, and a scheme, known as Agent-Based Active Bundles, which replaces trusted third parties with intelligent agents
    • …
    corecore