Securing EHRs via CPMA attribute-based encryption on cloud systems

Electronic Health Records (EHRs) are further driving the volume of data as patients' files, x-rays, lab results, and other sensitive medical records are transmitted across the network. Today, nearly one-third of healthcare providers use mobile devices to access EHRs from cloud systems. With the healthcare industry facing a new reality, healthcare applications are steadily impacting the mobility and security of how caregivers and hospitals are authorized to access vital information. However, mobile services are still not generally allowed to operate with highly sensitive and personal data, mainly due to the lack of a defined security standard, low protection of data transferred through the mobile and wireless network and no standard and widely accepted user authentication method that ensure confidentiality. In this paper, a proposed privacy-preserving EHR system using ciphertext-multi authority attribute-based encryption (CPMA-ABE) will be built. In this system, patients can encrypt their EHRs and store them on semi-trusted cloud servers such that servers do not have access to sensitive EHR contexts. Meanwhile patients maintain full control over access to their EHR files, by assigning fine-grained, attribute-based access privileges to selected data users, while different users can have access to different parts of their EHR. The system also provides extra features such as populating EHR from different EHR cloud systems using ABE.