article

A Secure EHR System Based on Hybrid Clouds

Authors:

Jinn-Ke JanAuthors Info & Claims

Journal of Medical Systems, Volume 36, Issue 5

Pages 3375 - 3384

https://doi.org/10.1007/s10916-012-9830-6

Published: 01 October 2012 Publication History

Abstract

Consequently, application services rendering remote medical services and electronic health record (EHR) have become a hot topic and stimulating increased interest in studying this subject in recent years. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. Sharing EHR information can provide professional medical programs with consultancy, evaluation, and tracing services can certainly improve accessibility to the public receiving medical services or medical information at remote sites. With the widespread use of EHR, building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructures for facilitating EHR sharing and EHR integration. In this paper, we propose an EHR sharing and integration system in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs.

References

[1]

HIMSS, definition of an electronic health record, http://www. himss.org/ASP/topics_ehr.asp.

[2]

Rau, H. H, Hsu, C. Y, Lee, Y. L., Chen, W., and Jian, W. S., Developing electronic health records in Taiwan, IT Professional, pp. 17-25, March/April, 2010.

[3]

Schabetsberger, T., Ammenwerth, E., Andreatta, S., Gratl, G., Haux, R., Lechleitner, G., Schindelwig, K., Stark, C., Vogl, R., Wilhelmy, I., and Wozak, F., From a paper-based transmission of discharge summaries to electronic communication in health care regions. Int. J. Med. Inform. 75(3):209-215, 2006.

[4]

Hsu, C. Y., Chen, Y. C., Luo, R. C., Rau, H. H., Fan, C. T., Hsiao, B. S., and Chiu, H. W., A resource-sharing platform for trading biomedical intellectual property. IT Prof. 12(2):42-49, 2010.

Digital Library

[5]

Li, S. H., Wang, C. Y., Lu, W. H., Lin, Y. Y., and Yen, D., Design and implementation of a Telecare information platform. J. Med. Syst., 2010.

[6]

Takemura, T., Araki, K., Arita, K., Suzuki, T., Okamoto, K., Kume, N., Kuroda, T., Takada, A., and Yoshihara, H., Development of fundamental infrastructure for nationwide EHR in Japan. J. Med. Syst., 2011.

[7]

Heslop, L., Weeding, S., Dawson, L., Fisher, J., and Howard, A., Implementation issues for mobile-wireless infrastructure and mobile health care computing devices for a hospital ward setting. J. Med. Syst. 34(4):509-518, 2010.

[8]

Moore, P., Navigating the Tech Maze, Physicians practice. http:// www.physicianspractice.com/display/article/1462168/1590647, 2009

[9]

Zhang, R., and Liu, L., Security models and requirements for healthcare application clouds, Cloud Computing (CLOUD), 2010 IEEE 3 rd International Conference on, vol., no., pp. 268-275, 5- 10 July 2010.

Digital Library

[10]

Linden, H., Kalra, D., Hasman, A., and Talmon, J., Interorganization future proof EHR systems-A review of the security and privacy related issues. Int. J. Med. Inform. 78:141-160, 2009.

[11]

104th United States Congress, Health Insurance Portability and Accountability Act of 1996 (HIPPA), Online at http://aspe.hhs. gov/admnsimp/pl104191.htm, 1996.

[12]

Pritts, J., and Connr, K., The implementation of e-Consent mechanisms in three countries: Canada, England, and The Netherlands. SAMHSA report, http://ihcrp.georgetown.edu/pdfs/prittse-consent. pdf; 2007.

[13]

Künzi, J., Koster, P., and Petkovic, M., Emergency access to protected health records. Stud. Health Technol. Inform. 150:705-9, 2009.

[14]

Coskun, N., and Erol, R., An optimization model for locating and sizing emergency medical service stations. J. Med. Syst. 34(1):43- 49, 2010.

Digital Library

[15]

MacKenzie, P., and Reiter, M. K., Networked cryptographic devices resilient to capture. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, May 2001, 12-25.

Digital Library

[16]

MacKenzie, P., and Reiter, M. K., Delegation of cryptographic servers for capture-resilient devices. In Proceedings of the 2001 ACM Conference on Computer and Communication Security, November 2001, 10-19.

[17]

Takeda, H., Matsumura, Y., and Kuwata, S., Architecture for networked electronic patient record systems. Int. J. Med. Inform. 60(2):161-167, 2000.

[18]

Chan, A. T. S., Cao, J., Chan, H., and Young, G., A web-enabled framework for smart card application in health services. Comm. ACM 44(9):77-82, 2001.

Digital Library

[19]

Wang, D. W., Liu, D. R., and Chen, Y. C., A mechanism to verify the integrity of computer-based patient records. J. Chin. Med. Assoc. 10:71-84, 1999.

[20]

Yang, Y., Han, X., Bao, F., and Deng, R. H., A smart-card-enabled privacy preserving E-Prescription system. IEEE Trans. Inf. Technol. Biomed. 8(1):47-58, 2004.

Digital Library

[21]

Wu, Z. Y., Chung, Y. F., Lai, F. P., and Chen, T. S., A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst., 2010.

[22]

He, D.B., Chen, J.H. and Rui, Z., A more secure authentication scheme for telecare medicine information systems, J. Med. Syst., 10.1007/s10916-011-9658-5, http://dx.doi.org/10.1007/s10916-011- 9658-5, 2011.

[23]

Pu, Q., Wang, J., and Zhao, R. Y., Strong authentication scheme for Telecare medicine information systems. J. Med. Syst., 2011.

[24]

Farzandipour, M., Sadoughi, F., Ahmadi, M., and Karimi, I., Security requirements and solutions in electronic health records: lessons learned from a comparative study. J. Med. Syst. 34:629- 642, 2010.

[25]

Lekkas, D., and Gritzalis, D., Long-term verifiability of the electronic healthcare records' authenticity. Int. J. Med. Inform. 76 (5):442-448, 2007.

[26]

Pharow, P., and Blobel, B., Electronic signatures for long-lasting storage purposes in electronic archives. Int. J. Med. Inform. 74 (2):279-287, 2005.

[27]

Kluge, W. E. H., Secure e-Health: managing risks to patient health data. Int. J. Med. Inform. 76(5):402-406, 2007. ijmedinf.2006.09.003.

[28]

Ahmad, N., Restrictions on cryptography in India - A case study of encryption and privacy, Comput. Law Secur. Rev., Volume 25, Issue 2, 2009, Pages 173-180, ISSN 0267-3649, 10.1016/j. clsr.2009.02.001.

[29]

Takeda, H., Matsumura, Y., Kuwata, S., Nakano, H., Shanmai, J., Qiyan, Z., Yufen, C., Kusuoka, H., and Matsuoka, M., "An assessment of PKI and networked electronic patient record system: lessons learned from real patient data exchange at the platform of OCHIS (Osaka Community Healthcare Information System). Int. J. Med. Inform. 73(3):311-316, 2004.

[30]

Hu, J., Chen, H.H., A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations. Compu. Stand. Interfaces., 2009.

[31]

van der Linden, H., Kalra, D., Hasman, A., and Talmon, J., Inter-organizational future proof EHR systems: a review of the security and privacy related issues. Int. J. Med. Inform. 78:3, 2009.

[32]

Sucurovic, S., Implementing security in a distributed web-based EHCR. Int. J. Med. Inform. 76(5):491-496, 2007. ijmedinf.2006.09.017.

[33]

Bonacina, S., Marceglia, S., Bertoldi, M., and Pinciroli, F., Modelling, designing, and implementing a family-based health record prototype. Comput. Biol. Med. 40(6):580-590, 2010. j.compbiomed.2010.04.002.

Digital Library

[34]

Gobi, M., and Vivekanandan, K., A new digital envelope approach for secure electronic medical records., IJCSNS Int. J. Comput. Sci. Netw. Secur., VOL. 9 No.1, January 2009.

Cited By

Li SZhang YXu CCheng NLiu ZDu YShen X(2023)HealthFort: A Cloud-Based eHealth System With Conditional Forward Transparency and Secure Provenance via BlockchainIEEE Transactions on Mobile Computing10.1109/TMC.2022.319904822:11(6508-6525)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1109/TMC.2022.3199048
Kanwal TAnjum AKhan A(2021)Privacy preservation in e-health cloud: taxonomy, privacy requirements, feasibility analysis, and opportunitiesCluster Computing10.1007/s10586-020-03106-124:1(293-317)Online publication date: 1-Mar-2021
https://dl.acm.org/doi/10.1007/s10586-020-03106-1
Ermakova TFabian BKornacka MThiebes SSunyaev A(2020)Security and Privacy Requirements for Cloud Computing in HealthcareACM Transactions on Management Information Systems10.1145/338616011:2(1-29)Online publication date: 3-May-2020
https://dl.acm.org/doi/10.1145/3386160
Show More Cited By

A Secure EHR System Based on Hybrid Clouds
1. Applied computing
  1. Life and medical sciences
  2. Operations research
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Cost-Effectiveness Evaluation of EHR: Simulation of an Abdominal Aortic Aneurysm in the Emergency Department

Health care organizations have installed electronic systems to increase efficiency in health care. Empirically assessing the cost-effectiveness of technologies to the health care system is a challenging and complex task. This study examined cost-...
Security Models and Requirements for Healthcare Application Clouds
CLOUD '10: Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing

With the widespread use of electronic health record (EHR), building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT ...
Supportive care pathway functionalities of EHR system in a Saudi Arabian hospital

BackgroundElectronic health record (EHR) is a data management system used in healthcare services. The stored medical information in EHR can be accessed and utilized by authorized users, which helps clinicians in making clinical decisions. Therefore, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Medical Systems

Journal of Medical Systems Volume 36, Issue 5

October 2012

646 pages

ISSN:0148-5598

Issue’s Table of Contents

Copyright © Copyright © 2012 Springer Science+Business Media, LLC.

Publisher

Plenum Press

United States

Publication History

Published: 01 October 2012

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li SZhang YXu CCheng NLiu ZDu YShen X(2023)HealthFort: A Cloud-Based eHealth System With Conditional Forward Transparency and Secure Provenance via BlockchainIEEE Transactions on Mobile Computing10.1109/TMC.2022.319904822:11(6508-6525)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1109/TMC.2022.3199048
Kanwal TAnjum AKhan A(2021)Privacy preservation in e-health cloud: taxonomy, privacy requirements, feasibility analysis, and opportunitiesCluster Computing10.1007/s10586-020-03106-124:1(293-317)Online publication date: 1-Mar-2021
https://dl.acm.org/doi/10.1007/s10586-020-03106-1
Ermakova TFabian BKornacka MThiebes SSunyaev A(2020)Security and Privacy Requirements for Cloud Computing in HealthcareACM Transactions on Management Information Systems10.1145/338616011:2(1-29)Online publication date: 3-May-2020
https://dl.acm.org/doi/10.1145/3386160
Jayaraman IMohammed M(2020)Secure Privacy Conserving Provable Data Possession (SPC-PDP) frameworkInformation Systems and e-Business Management10.1007/s10257-019-00417-818:3(351-377)Online publication date: 1-Sep-2020
https://dl.acm.org/doi/10.1007/s10257-019-00417-8
Rahman MKhalil IMahawaga Arachchige PBouras AYi XGai KRaymond Choo KHe DWen S(2019)A Novel Architecture for Tamper Proof Electronic Health Record Management System using Blockchain WrapperProceedings of the 2019 ACM International Symposium on Blockchain and Secure Critical Infrastructure10.1145/3327960.3332392(97-105)Online publication date: 2-Jul-2019
https://dl.acm.org/doi/10.1145/3327960.3332392
Chakraborty PFarooq FTeredesai AKumar VLi YRosales RTerzi EKarypis G(2019)A Robust Framework for Accelerated Outcome-driven Risk Factor Identification from EHRProceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining10.1145/3292500.3330718(1800-1808)Online publication date: 25-Jul-2019
https://dl.acm.org/doi/10.1145/3292500.3330718
Kruse CSmith BVanderlinden HNealand A(2017)Security Techniques for the Electronic Health RecordsJournal of Medical Systems10.1007/s10916-017-0778-441:8(1-9)Online publication date: 1-Aug-2017
https://dl.acm.org/doi/10.1007/s10916-017-0778-4
Gardiyawasam Pussewalage HOleshchuk V(2016)Privacy preserving mechanisms for enforcing security and privacy requirements in E-health solutionsInternational Journal of Information Management: The Journal for Information Professionals10.1016/j.ijinfomgt.2016.07.00636:6(1161-1173)Online publication date: 1-Dec-2016
https://dl.acm.org/doi/10.1016/j.ijinfomgt.2016.07.006
Effatparvar MDehghan MRahmani A(2016)A comprehensive survey of energy-aware routing protocols in wireless body area sensor networksJournal of Medical Systems10.1007/s10916-016-0556-840:9(1-27)Online publication date: 1-Sep-2016
https://dl.acm.org/doi/10.1007/s10916-016-0556-8
Lynda KSaliha ONadjia B(2015)Data security and privacy in E-health Cloud: Comparative studyProceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication10.1145/2816839.2816930(1-6)Online publication date: 23-Nov-2015
https://dl.acm.org/doi/10.1145/2816839.2816930
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents