A secure architecture for the pseudonymization of medical data

As aging and very expensive programs put more pressure on health and social care systems, an increase in the need for electronic healthcare records can be observed, because they promise massive savings and better clinical quality. However, patients and commissioners for data protection have legitimate concerns about the privacy and confidentiality of the stored data. Although the concept of pseudonymization allows an association with a patient only under specified and controlled circumstances, existing approaches have major vulnerabilities. This paper provides a new architecture for the pseudonymization of medical data that combines primary and secondary use in one system and thus provides a solution to vulnerabilities of existing approaches

[1]  Joachim Biskup,et al.  Recent Advances in Intrusion Detection , 2000, Lecture Notes in Computer Science.

[2]  Graham Greene,et al.  The Human Factor , 1978 .

[3]  Denise Thomson,et al.  Central Questions of Anonymization: A Case Study of Secondary Use of Qualitative Data , 2005 .

[4]  J. Hunter The human factor. , 2001, Nursing standard (Royal College of Nursing (Great Britain) : 1987).

[5]  James Pope,et al.  Implementing EHRs requires a shift in thinking. PHRs--the building blocks of EHRs--may be the quickest path to the fulfillment of disease management. , 2006, Health management technology.

[6]  A. Pfitzmann,et al.  Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology , 2002 .

[7]  Klaus Pommerening Medical Requirements for Data Protection , 1994, IFIP Congress.

[8]  Ulrich Flegel Pseudonymizing Unix Log Files , 2002, InfraSec.

[9]  Sandford Bessler,et al.  An Efficient Mechanism to Ensure Location Privacy in Telecom Service Applications , 2004, Net-Con.

[10]  Ido Dubrawsky,et al.  Hack Proofing Your Network (Second Edition) , 2002 .

[11]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[12]  Tim Thornburgh Social engineering: the "Dark Art" , 2004, InfoSecCD '04.

[13]  K. A. Taipale,et al.  Technology, Security and Privacy: The Fear of Frankenstein, the Mythology of Privacy and the Lessons of King Ludd , 2004 .

[14]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[15]  Joe Grand,et al.  Hack Proofing Your Network , 2002 .

[16]  Heinz U. Lemke,et al.  The PREPaRe system - patient-oriented access to the "personal electronic medical record" , 2001, CARS.

[17]  Sandford Bessler,et al.  A Privacy Enhancement Mechanism for Location Based Service Architectures Using Transaction Pseudonyms , 2005, TrustBus.

[18]  Richard Enbody,et al.  The Last Line of Defense : a Host-Based , Real-Time , Kernel-Level Intrusion Detection System , 2005 .

[19]  A. Grizzle,et al.  Drug-related morbidity and mortality: updating the cost-of-illness model. , 2001, Journal of the American Pharmaceutical Association.

[20]  Alan L. Rector,et al.  CLEF - Joining up Healthcare with Clinical and Post-Genomic Research , 2003 .

[21]  J. Powell,et al.  Electronic Health Records Should Support Clinical Research , 2005, Journal of medical Internet research.