Skip to main content
SpringerLink
Log in
Book cover

Research Advances in Cloud Computing pp 431–447Cite as

Security and Privacy Issues in Outsourced Personal Health Record

  • Chapter
  • First Online:

Abstract

E-health effectively uses information and communications technology to support health-related services for its users.

This is a preview of subscription content, log in via an institution.

References

  1. Gunter, T. D., & Terry, N. P. (2005). The emergence of national electronic health record architectures in the united states and australia: Models, costs, and questions. Journal of Medical Internet Research, 7, 1.

    Article  Google Scholar 

  2. Kaelber, D. C., Jha, A. K., Johnston, D., Middleton, B., & Bates, D. W. (2008). A research agenda for personal health records (phrs). JAMIA, 15(6), 729–736.

    Google Scholar 

  3. Liu, L. S., Shih, P. C., & Hayes, G. R. (2011). Barriers to the adoption and use of personal health record systems. In Proceedings of the 2011 iConference, iConference ’11 (pp. 363–370), New York, NY, USA, 2011. ACM.

    Google Scholar 

  4. Tang, P. C., & Lansky, D. (2005). The missing link: Bridging the patient?provider health information gap. Health Aff (Millwood), 24(5), 1290–1295.

    Article  Google Scholar 

  5. Health, G. Retrieved from http://www.healthvault.com/personal/index.html.

  6. Health Vault, M. Retrieved from http://www.google.com/intl/en-US/health/about/index.html.

  7. Tang, P. C., Ash, J. S., Bates, D. W., Overhage, J. M., & Sands, D. Z. (2006). Personal health records: Definitions, benefits, and strategies for overcoming barriers to adoption. JAMIA, 13(2), 121–126.

    Google Scholar 

  8. Lindenthal, J. J., & Thomas, C. S. (1982). Psychiatrists, the public, and confidentiality. The Journal of Nervous and Mental Disease, 170(6), 319–23.

    Article  Google Scholar 

  9. Li, M., Yu, S., Lou, W., & Ren, K. (2010). Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In SecureComm (pp. 89–106).

    Google Scholar 

  10. Kumar, N., Mathuria, A., & Das, M. L. (2015). Achieving forward secrecy and unlinkability in cloud-based personal health record system. In 2015 IEEE TrustCom/BigDataSE/ISPA, Helsinki, Finland, 20–22 Aug. 2015 (Vol. 1, pp. 1249–1254).

    Google Scholar 

  11. Haas, S., Wohlgemuth, S., Echizen, I., Sonehara, N., & Müller, G. (2011). Aspects of privacy for electronic health records. International Journal of Medical Informatics, 80(2), e26–e31.

    Article  Google Scholar 

  12. Pfitzmann, A., & Hansen, M. (2010). A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. Retrieved Aug. 2010 from http://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.34.pdf. v0.34.

  13. Safran, C., Bloomrosen, M., Hammond, W. E., Labkoff, S. E., Markel-Fox, S., Tang, P. C., et al. (2007). White paper: Toward a national framework for the secondary use of health data: An american medical informatics association white paper. JAMIA, 14(1), 1–9.

    Google Scholar 

  14. Break-glass—An approach to granting access to healthcare systems. Joint security and privacy committee nema/cocir/jira, international medical informatics. Retrieved from http://www.nema.org/prod/med/security/upload/break-glass_-_emergency_access_to_healthcare_systems.pdf.

  15. Mashima, D., & Ahamad, M. (2012). Enabling robust information accountability in e-healthcare systems. In 3rd USENIX Workshop on Health Security and Privacy, HealthSec’12, Bellevue, WA, USA, 6–7 Aug 2012.

    Google Scholar 

  16. Foundation, M. Connecting for health. The personal health working group final report.

    Google Scholar 

  17. Law, U. P. (1996). Health insurance portability and accountability act of 1996. In 104th Congress (pp. 104–191).

    Google Scholar 

  18. Szolovits, P., Doyle, J., Long, W. J., Kohane, I., & Pauker, S. G. (1994). Guardian angel: Patient-centered health information systems, Technical report, Cambridge, MA, USA.

    Google Scholar 

  19. Mandl, K. D., Simons, W. W., Crawford, W. C. R., & Abbett, J. M. (2007). Indivo: a personally controlled health record for health information exchange and communication. BMC Medical Informatics and Decision Making, 7, 25.

    Article  Google Scholar 

  20. Chen, Y.-Y., Lu, J.-C., & ke Jan, J. (2012). A secure EHR system based on hybrid clouds. Journal of Medical Systems 36(5), 3375–3384.

    Google Scholar 

  21. Hu, J., Chen, H.-H., & Hou, T.-W. (2010). A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations. Computer Standards and Interfaces, 32(5–6), 274–280.

    Article  Google Scholar 

  22. Huang, H.-F., & Liu, K.-C. (2011). Efficient key management for preserving HIPAA regulations. Journal of Systems and Software, 84(1), 113–119.

    Article  Google Scholar 

  23. Lee, W.-B., & Lee, C.-D. (2008). A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Transactions on Information Technology in Biomedicine, 12(1), 34–41.

    Article  Google Scholar 

  24. Lee, W.-B., Lee, C.-D., & Ho, K. I.-J. (2014). A HIPAA-compliant key management scheme with revocation of authorization. Computer Methods and Programs in Biomedicine, 113(3), 809–814.

    Article  Google Scholar 

  25. Yu, W. D., & Chekhanovskiy, M. A. (2007). An electronic health record content protection system using smartcard and PMR. In e-Health Networking: Application and Services (pp. 11–18).

    Google Scholar 

  26. Odelu, V., Das, A. K., & Goswami, A. (2013). An effective and secure key-management scheme for hierarchical access control in e-medicine system. Journal of Medical Systems, 37, 2.

    Article  Google Scholar 

  27. Keoh, S. L., Asim, M., Kumar, S. S., & Lenoir, P. (2011). Secure spontaneous emergency access to personal health record. In 3rd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use.

    Google Scholar 

  28. Narayan, S., Gagné, M., & Safavi-Naini, R. (2010). Privacy preserving EHR system using attribute-based infrastructure. In CCSW (pp. 47–52).

    Google Scholar 

  29. Benaloh, J., Chase, M., Horvitz, E., & Lauter, K. (2009). Patient controlled encryption: Ensuring privacy of electronic medical records. In CCSW (pp. 103–114).

    Google Scholar 

  30. Liu, C.-H., Chen, T.-S., Chen, T.-L., Chen, C.-S., Bau, J.-G., & Lin, T.-C. (2012). Secure dynamic access control scheme of PHR in cloud computing. Journal of Medical Systems 36(6), 4005–4020.

    Google Scholar 

  31. Thilakanathan, D., Chen, S., Nepal, S., Calvo, R., & Alem, L. (2014). A platform for secure monitoring and sharing of generic health data in the cloud. Future Generation Computer Systems, 35, 102–113.

    Article  Google Scholar 

  32. Dekker, M. A. C., & Etalle, S. (2007). Audit-based access control for electronic health records. Electronic Notes in Theoretical Computer Science, 168, 221–236.

    Article  Google Scholar 

  33. Beedham, H., & Wilson-Barnett, J. (1995). Hiv and aids care: Consumers’ views on needs and services. Journal of Advanced Nursing, 22(4), 677–86.

    Article  Google Scholar 

  34. Ford, C. A., Millstein, S. G., Halpern-Felsher, B. L., & Irwin Jr, C. E. (1997). Influence of physician confidentiality assurances on adolescents’ willingness to disclose information and seek future health care. A randomized controlled trial. JAMA, 278(12), 1029–1034.

    Google Scholar 

  35. Rodriguez, M. A., Craig, A. M., Mooney, D. R., & Bauer, H. M. (1998). Patient attitudes about mandatory reporting of domestic violence. implications for health care professionals. Western Journal of Medicine, 169(6), 337–341.

    Google Scholar 

  36. Applebaum, P. S. (2002). Privacy in psychiatric treatment: Threats and response. American Journal of Psychiatry, 159.

    Google Scholar 

  37. Bass, A. (1995). Hmo puts confidential records on-line: Critics say computer file-keeping breaches privacy of mental health patients. Boston Globe.

    Google Scholar 

  38. Sweeney, L. (2002). k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(5), 557–570.

    Article  MathSciNet  MATH  Google Scholar 

  39. Machanavajjhala, A., Kifer, D., Gehrke, J., & Venkitasubramaniam, M. (2007). L-diversity: Privacy beyond k-anonymity. TKDD, 1, 1.

    Article  Google Scholar 

  40. Li, N., Li, T., & Venkatasubramanian, S. (2007). t-closeness: Privacy beyond k-anonymity and l-diversity. In ICDE (pp. 106–115).

    Google Scholar 

  41. Heurix, J., Karlinger, M., Schrefl, M., & Neubauer, T. (2011). A hybrid approach integrating encryption and pseudonymization for protecting electronic health records. In Proceedings of the Eighth IASTED International Conference on Biomedical Engineering (2011).

    Google Scholar 

  42. Aamot, H., Kohl, C. D., Richter, D., & Knaup-Gregori, P. (2013). Pseudonymization of patient identifiers for translational research. BMC Medical Informatics and Decision Making, 13, 75.

    Article  Google Scholar 

  43. Chaum, D. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), 84–88.

    Article  Google Scholar 

  44. Blanchet, B. (2001). An, & efficient cryptographic protocol verifier based on prolog rules. In 14th IEEE Computer Security Foundations Workshop (CSFW-14) (pp. 82–96), 11–13 June 2001. Cape Breton, Nova Scotia, Canada.

    Google Scholar 

  45. Neubauer, T., & Heurix, J. (2011). A methodology for the pseudonymization of medical data. International Journal of Medical Informatics, 80(3), 190–204.

    Article  Google Scholar 

  46. Meyer, F. D., Moor, G. D., & Fourquet, R. (2008). Privacy protection through pseudonymisation in eHealth. Studies in Health Technology and Informatics, 141, 111–118.

    Google Scholar 

  47. Pommerening, K. et al. (2006). Pseudonymization service and data custodians in medical research networks and biobanks. In GI Jahrestagung (1) (pp. 715–721).

    Google Scholar 

  48. Kim, E., Mayani, A., Modi, S., Kim, Y., & Soh, C. (2005). Evaluation of patient-centered electronic health record to overcome digital divide. In Annual International Conference of the IEEE Engineering in Medicine and Biology Society (Vol. 2), pp. 1091–1094.

    Google Scholar 

  49. Archer, N., Fevrier-Thomas, U., Lokker, C., McKibbon, K. A., & Straus, S. E. (2011). Personal health records: A scoping review. JAMIA, 18(4), 515–522.

    Google Scholar 

  50. Kim, E. H., Stolyar, A., Lober, W. B., Herbaugh, A. L., Shinstrom, S. E., Zierler, B. K., et al. (2009). Challenges to using an electronic personal health record by a low-income elderly population. JMIR, 11, 4.

    Google Scholar 

  51. Lober, W. B., Zierler, B., Herbaugh, A., Shinstrom, S. E., Stolyar, A., Kim, E. H., & Kim, Y. (2006). Barriers to the use of a personal health record by an elderly population. In AMIA Annual Symposium Proceedings/AMIA Symposium.

    Google Scholar 

  52. Yamin, C. K., Emani, S., Williams, D. H., Lipsitz, S. R., Karson, A. S., Wald, J. S., et al. (2011). The digital divide in adoption and use of a personal health record. Archives of Internal Medicine, 171(6), 568–574.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IIIT Vadodara, Gandhinagar, India

    Naveen Kumar

  2. DA-IICT Gandhinagar, Gandhinagar, India

    Anish Mathuria

Authors
  1. Naveen Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anish Mathuria
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Naveen Kumar .

Editor information

Editors and Affiliations

  1. School of Engineering and Applied Science, Ahmedabad University, Ahmedabad, Gujarat, India

    Sanjay Chaudhary

  2. Department of Computer Science and Engineering, Central University of Rajasthan, Ajmer, Rajasthan, India

    Gaurav Somani

  3. School of Computing and Information Systems, The University of Melbourne, Melbourne, Victoria, Australia

    Rajkumar Buyya

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Kumar, N., Mathuria, A. (2017). Security and Privacy Issues in Outsourced Personal Health Record. In: Chaudhary, S., Somani, G., Buyya, R. (eds) Research Advances in Cloud Computing. Springer, Singapore. https://doi.org/10.1007/978-981-10-5026-8_17

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-5026-8_17

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-5025-1

  • Online ISBN: 978-981-10-5026-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation