This paper describes a national eHealth platform concept with a multi-level privacy protection in order to improve the security and privacy of medical information on their storage locations as well as during the exchanging/sharing processes. The key idea is to classify and split-up data into different servers. A Trusted Third Party server manages personal identifying data together with the related pseudonyms while the medical information server manages the related medical data assigned to pseudonyms. The well known IHE-XDS profiles are enriched by Public Key Infrastructure, symmetric and asymmetric encryption together with pseudonymization methods. IHE-XDS promote the interoperability level and the extensions increase the security level. Keywords— eHealth; Patient Privacy; Electronic Health Records; Secure Patient Data Storage
[1]
Peter R. Croll,et al.
Consumer-Centric and Privacy-Preserving Identity Management for Distributed E-Health Systems
,
2008,
Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).
[2]
Eric R. Verheul,et al.
Pseudonymized Data Sharing
,
2010
.
[3]
David Gefen,et al.
The impact of personal dispositions on information sensitivity, privacy concern and trust in disclosing health information online
,
2010,
Decis. Support Syst..
[4]
Cédric Pruski,et al.
e-CRL: A Rule-Based Language for Expressing Patient Electronic Consent
,
2010,
2010 Second International Conference on eHealth, Telemedicine, and Social Medicine.
[5]
B. Achiriloaie,et al.
VI REFERENCES
,
1961
.