Enhancing accountability of electronic health record usage via patient-centric monitoring

Electronic Health Record (EHR) and Personal Health Record (PHR) systems could allow patients to better manage their health information and share it to enhance the quality and efficiency of their healthcare. Unfortunately, misuse of information stored in EHR and PHR systems will create new risks for patients, and we need to empower them to safeguard their health information to avoid problems such as medical identity theft. In this paper, we introduce the notion of accountable use and update of electronic health records and design a patient-centric monitoring system based on it. We develop a system architecture and associated protocols that enable either explicit or implicit patient control over when and how health information is accessed. Our approach provides a reasonable solution rather than addressing the more general information flow control problem in distributed systems. We also implement and evaluate a prototype system motivated by a health record sharing scenario based on NHIN Direct to demonstrate that enhanced accountability can be supported with acceptable performance and integration overheads.

[1]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[2]  Michael K. Reiter,et al.  Networked cryptographic devices resilient to capture , 2003, International Journal of Information Security.

[3]  Marvin Theimer,et al.  Reclaiming space from duplicate files in a serverless distributed file system , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[4]  Whitney Walters,et al.  Medical identity theft. , 2011, Optometry.

[5]  Emily K. Adams,et al.  MeD-Lights: a usable metaphor for patient controlled access to electronic health records , 2010, IHI.

[6]  Daisuke Mashima,et al.  User-Centric Handling of Identity Agent Compromise , 2009, ESORICS.

[7]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[8]  Markus Jakobsson,et al.  Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.

[9]  Eddie Kohler,et al.  Making information flow explicit in HiStar , 2006, OSDI '06.

[10]  Trent Jaeger,et al.  An architecture for enforcing end-to-end access control over web applications , 2010, SACMAT '10.

[11]  B. Clifford Neuman,et al.  A note on the use of timestamps as nonces , 1993, OPSR.

[12]  Stefan Berger,et al.  Shamon: A System for Distributed Mandatory Access Control , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[13]  Roxana Geambasu,et al.  Keypad: an auditing file system for theft-prone devices , 2011, EuroSys '11.

[14]  Ron Steinfeld,et al.  Universal Designated-Verifier Signatures , 2003, ASIACRYPT.

[15]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[16]  Steve Harrison,et al.  Healthcare and Security: Understanding and Evaluating the Risks , 2011, HCI.

[17]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[18]  Matthew Green,et al.  Securing medical records on smart phones , 2009, SPIMACS '09.

[19]  David Lansky,et al.  An Architecture for Privacy in a Networked Health Information Environment , 2008, Cambridge Quarterly of Healthcare Ethics.

[20]  David A. Bell,et al.  Secure computer systems: mathematical foundations and model , 1973 .

[21]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[22]  G. McNair,et al.  Identity Theft , 2007, The SAGE Encyclopedia of Criminal Psychology.

[23]  Willy Susilo,et al.  A Secure Channel Free Public Key Encryption with Keyword Search Scheme without Random Oracle , 2009, CANS.

[24]  Ahmad-Reza Sadeghi,et al.  Securing the e-health cloud , 2010, IHI.

[25]  Eric Horvitz,et al.  Patient controlled encryption: ensuring privacy of electronic medical records , 2009, CCSW '09.