Securing electronic health records with broadcast encryption schemes

Information security is a concern in integrated electronic health record systems (EHRs). This paper discusses the development of a mathematical model to secure the access of EHRs. In this paper, we incorporate the notion of a broadcast encryption scheme for securing EHRs. We present a novel solution to allow a secure access to the EHRs whilst minimising the number of the encrypted ciphertexts. In a nutshell, our proposed solution enjoys shorter ciphertexts compared to having multiple ciphertexts encrypted for several different participants. Our proposed solution is applicable in practice to solve an existing open problem in the effort of securing EHRs.

[1]  L. Gostin,et al.  Privacy and security of personal information in a new health care system. , 1993, JAMA.

[2]  Khin Than Win,et al.  Privacy, Confidentiality and Consent of Electronic Health Record Systems , 2003 .

[3]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[4]  Craig E. Kuziemsky,et al.  Can GRID services provide answers to the challenges of national health information sharing? , 2003, CASCON.

[5]  G. Barnett,et al.  Maintaining the Confidentiality of Medical Records Shared over the Internet and the World Wide Web , 1997, Annals of Internal Medicine.

[6]  P. Cox Using patient identifiable data without consent , 2001, BMJ : British Medical Journal.

[7]  Nilmini Wickramasinghe,et al.  A wireless trust model for healthcare , 2004, Int. J. Electron. Heal..

[8]  Ross J. Anderson,et al.  Information technology in medical practice: safety and privacy lessons from the United Kingdom , 1999, The Medical journal of Australia.

[9]  J Dudeck Informed consent for cancer registration. , 2001, The Lancet. Oncology.

[10]  Jeffrey M Drazen,et al.  Registry research and medical privacy. , 2004, The New England journal of medicine.

[11]  David W. Chadwick,et al.  Electronic transmission of prescriptions: towards realising the dream , 2004, Int. J. Electron. Heal..

[12]  Joonsang Baek,et al.  Efficient Multi-receiver Identity-Based Encryption and Its Application to Broadcast Encryption , 2005, Public Key Cryptography.

[13]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[14]  Costas Lambrinoudakis,et al.  A security architecture for interconnecting health information systems , 2004, Int. J. Medical Informatics.

[15]  George Demiris,et al.  Electronic home healthcare: concepts and challenges , 2004, Int. J. Electron. Heal..

[16]  Khin Than Win,et al.  Electronic health record system risk assessment : a case study from the MINET , 2004 .