论文信息 - Enabling Robust Information Accountability in E-healthcare Systems

Enabling Robust Information Accountability in E-healthcare Systems

In the United States, the transition from traditional paper-based healthcare records to electronic healthcare record (EHR) systems is being promoted aggressively. While EHR systems offer a number of benefits, they will introduce new security and privacy concerns. A significant fraction of such threats, at least in part, arise due to actions of insiders of healthcare organizations, either accidentally or intentionally. We believe information accountability, which allows us to securely identify how a health record reached a certain consumer and who was involved in its sharing or transfer, is a key to discourage such threats. In this work, we propose a patient-centric scheme to establish robust information accountability in electronic healthcare record sharing systems. We also present a prototype implementation and show that it does not impose unacceptable performance overhead.

Daisuke Mashima | Mustaque Ahamad | M. Ahamad | D. Mashima

[1] Ron Steinfeld,et al. Universal Designated-Verifier Signatures , 2003, ASIACRYPT.

[2] James A. Hendler,et al. Information accountability , 2008, CACM.

[3] Lawrence O Gostin,et al. Health information privacy. , 1995, Cornell law review.

[4] Laurie Williams,et al. Modifying Without a Trace : General Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms , 2011 .

[5] Abhinav Srivastava,et al. Protecting E-healthcare Client Devices against Malware and Physical Theft , 2010, HealthSec.

[6] M. Eric Johnson,et al. Data Hemorrhages in the Health-Care Sector , 2009, Financial Cryptography.

[7] Laurie A. Williams,et al. Modifying without a trace: general audit guidelines are inadequate for open-source electronic health record audit mechanisms , 2012, IHI '12.

[8] Steven Willmott,et al. Privacy Issues of Provenance in Electronic Healthcare Record Systems , 2006 .

[9] Whitney Walters,et al. Medical identity theft. , 2011, Optometry.

[10] Daisuke Mashima,et al. Enhancing accountability of electronic health record usage via patient-centric monitoring , 2012, IHI '12.

[11] Luc Moreau,et al. Provenance-Based Auditing of Private Data Use , 2008, BCS Int. Acad. Conf..

[12] Beng Chin Ooi,et al. Privacy and ownership preserving of outsourced medical data , 2005, 21st International Conference on Data Engineering (ICDE'05).

[13] Paul T. Groth,et al. The provenance of electronic data , 2008, CACM.