Skip to main content
SpringerLink
Log in

Biometrics for Electronic Health Records

  • Original Paper
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Securing electronic health records, in scenarios in which the provision of care services is share among multiple actors, could become a complex and costly activity. Correct identification of patients and physician, protection of privacy and confidentiality, assignment of access permissions for healthcare providers and resolutions of conflicts rise as main points of concern in the development of interconnected health information networks. Biometric technologies have been proposed as a possible technological solution for these issues due to its ability to provide a mechanism for unique verification of an individual identity. This paper presents an analysis of the benefit as well as disadvantages offered by biometric technology. A comparison between this technology and more traditional identification methods is used to determine the key benefits and flaws of the use biometric in health information systems. The comparison as been made considering the viability of the technologies for medical environments, global security needs, the contemplation of a share care environment and the costs involved in the implementation and maintenance of such technologies. This paper also discusses alternative uses for biometrics technologies in health care environments. The outcome of this analysis lays in the fact that even when biometric technologies offer several advantages over traditional method of identification, they are still in the early stages of providing a suitable solution for a health care environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Agrawala, R., and Johnson, C., Securing electronic health records without impeding the flow of information. Int. J. Med. Inform. 76:471–479, 2007. doi:10.1016/j.ijmedinf.2006.09.015.

    Article  Google Scholar 

  2. Anderson, J. G., Social, ethical and legal barriers to E-health. Int. J. Med. Inform. 76:480–483, 2007. doi:10.1016/j.ijmedinf.2006.09.016.

    Article  Google Scholar 

  3. Atkins, W., A bill of health for biometrics. Biometric Technol. Today. 8 (9)8–11, 2000. doi:10.1016/S0969-4765(00)09010-X.

    Article  Google Scholar 

  4. Au, M., Huang, Q., Liu, J., Susilo, W., Wong, D., and Yang, G., Traceable and retrievable identity-based encryption. Applied Cryptography and Network Security, 2008, pp. 94–110.

  5. Bakker, A., Access to EHR and access control at a moment in the past: a discussion of the need and an exploration of the consequences. Int. J. Med. Inform. 73:267–270, 2004. doi:10.1016/j.ijmedinf.2003.11.008.

    Article  Google Scholar 

  6. Blobel, B., Application of the component paradigm for analysis and design of advanced health system architectures. Int. J. Med. Inform. 60 (3)281–301, 2000. doi:10.1016/S1386-5056(00)00104-0.

    Article  Google Scholar 

  7. Blobel, B., Authorisation and access control for electronic health record systems. Int. J. Med. Inform. 73 (3)251–257, 2004. doi:10.1016/j.ijmedinf.2003.11.018.

    Article  Google Scholar 

  8. Blobel, B., Comparing approaches for advanced e-health security infrastructures. Int. J. Med. Inform. 76 (5–6)442–448, 2007. doi:10.1016/j.ijmedinf.2006.09.012.

    Google Scholar 

  9. Blobel, B., Nordberg, R., Davis, J. M., and Pharow, P., Modelling privilege management and access control. Int. J. Med. Inform. 75 (8)597–623, 2006. doi:10.1016/j.ijmedinf.2005.08.010.

    Article  Google Scholar 

  10. Blobel, B., and Roger-France, F., A systematic approach for analysis and design of secure health information systems. Int. J. Med. Inform. 62 (1)51–78, 2001. doi:10.1016/S1386-5056(01)00147-2.

    Article  Google Scholar 

  11. CEN-ENV. Health informatics—Security for healthcare communication—Part 1: Concepts and terminology. Published Standard CEN ENV 13608-1:2000: European Committee for Standardization; 2000.

  12. CEN-ENV. Health informatics—Security for healthcare communication—Part 2: Secure data objects. Published Standard CEN ENV 13608-2:2000: European Committee for Standardization; 2000.

  13. CEN-ENV. Health informatics—Security for healthcare communication—Part 3: Secure data channels. Published Standard CEN ENV 13608-3:2000: European Committee for Standardization; 2000.

  14. Chen, Y.-C., Chen, L.-K., Tsai, M.-D., Chiu, H.-C., Chiu, J.-S., and Chong, C.-F., Fingerprint verification on medical image reporting system. Comput. Methods Programs Biomed. 89 (3)282–288, 2008. doi:10.1016/j.cmpb.2007.11.007.

    Article  Google Scholar 

  15. Choe, J., and Yoo, S. K., Web-based secure access from multiple patient repositories. Int. J. Med. Inform. 77 (4)242–248, 2008. doi:10.1016/j.ijmedinf.2007.06.001.

    Article  Google Scholar 

  16. Choi, Y. B., Capitan, K. E., Krause, J. S., and Streeper, M. M., Challenges associated with privacy in health care industry: implementation of HIPAA and the security rules. J. Med. Syst. 30 (1)57–64, 2006. doi:10.1007/s10916-006-7405-0.

    Article  Google Scholar 

  17. Conrick, M., and Newell, C., Issues of ethics and law. In: Conrick, M. (Ed.), Health informatics: transforming healthcare with technologyThomson Social Science Press, Melbourne, 2006.

    Google Scholar 

  18. Delac, K., and Grgic, M., A survey of biometric recognition methods. 46th International SymPoSium Electronic in Marine. ELMAR 2004, Zadar, 2004.

  19. Garson, K., and Adams, C., Security and privacy system architecture for an e-hospital environment. Proceedings of the 7th Symposium on Identity and Trust on the Internet. ACM, Gaithersburg, Maryland, 2008.

  20. Gates, M. A., Biometrics—passing on using passwords. Radiol. Today. 8 (17)28–31, 2007.

    Google Scholar 

  21. Grain, H., Consumer issues in Informatics. In: Conrick, M. (Ed.), Health informatics: transforming healthcare with technologyThomson Social Science Press, Melbourne, 2006.

    Google Scholar 

  22. Gritzalis, D., and Lambrinoudakis, C., A security architecture for interconnecting health information systems. Int. J. Med. Inform. 73 (3)305–309, 2004. doi:10.1016/j.ijmedinf.2003.12.011.

    Article  Google Scholar 

  23. Heckle, R. R., and Lutters, W. G., Privacy implications for single sign-on authentication in a hospital environment. Proceedings of the 3rd Symposium on Usable Privacy and Security. ACM, Pittsburgh, Pennsylvania, 2007.

  24. Hoque, S., Fairhurst, M. C., Deravi, F., and Howells, W. G. J., On the feasibility of generating biometric encryption keys. IEEE Electron. Lett. 41 (6)309–311, 2005. doi:10.1049/el:20057524.

    Article  Google Scholar 

  25. IBG, Biometric Basics: What are the Benefits of Biometric Technology? In International Biometric Group Reports and Research International Biometric Group <http://www.biometricgroup.com/reports/public/reports_and_research.html>. Accessed, 2008

  26. Liu, S.-L., Guo, B.-A., and Zhang, Q.-A., An identity-based encryption scheme with compact ciphertexts. J. Shanghai Jiaotong Univ. Sci. 14 (1)86–89, 2009. doi:10.1007/s12204-009-0086-3.

    Article  MathSciNet  Google Scholar 

  27. Lusignan, S. D., Chan, T., Theadom, A., and Dhoul, N., The roles of policy and professionalism in the protection of processed clinical data: a literature review. Int. J. Med. Inform. 76:261–268, 2007. doi:10.1016/j.ijmedinf.2005.11.003.

    Article  Google Scholar 

  28. Marohn, D., Biometrics in healthcare. Biometric Technol. Today. 14 (9)9–11, 2006. doi:10.1016/S0969-4765(06)70592-6.

    Article  Google Scholar 

  29. Ohno-Machadoa, L., Silveira, P. S. P., and Vinterbo, S., Protecting patient privacy by quantifiable control of disclosures in disseminated databases. Int. J. Med. Inform. 73 (7–8)599–606, 2004. doi:10.1016/j.ijmedinf.2004.05.002.

    Article  Google Scholar 

  30. Pierce, F. S., Biometric identification. Health Manag. Technol. 24 (5)38, 2003.

    Google Scholar 

  31. Pons, A. P., and Polak, P., Understanding user perspectives on biometric technology. Commun. ACM. 51 (9)115–118, 2008. doi:10.1145/1378727.1389971.

    Article  Google Scholar 

  32. Rash, M. C., Privacy concerns hinder electronic medical records. The Business Journal of the Greater Triad Area 2005 April 4.

  33. Reynolds, P., The keys to identity: as healthcare organizations strive for greater security, some are using a very personal approach in the form of biometrics.(Security/Authentication) (Cover Story). Health Manag. Technol. 25(12):12(14), 2004.

    Google Scholar 

  34. Safran, C., Bloomrosen, M., Hammond, W. E., Labkoff, S., Markel-Fox, S., Tang, P. C., and Detmer, D. E., Toward a national framework for the secondary use of health data: an American medical informatics association white paper. J. Am. Med. Inform. Assoc. 14 (1)1–9, 2007. doi:10.1197/jamia.M2273.

    Article  Google Scholar 

  35. Sahai, A., and Waters, B., Fuzzy identity-based encryption. Advances in Cryptolog EUROCRYPT 2005, 2005, pp. 457–473.

  36. Schneier, B., Security engineering: a guide to building dependable distributed systems. Wiley, New York, 2001.

    Google Scholar 

  37. Shamir, A., Identity-based cryptosystems and signature schemes. Advances in Cryptology, 1985, pp. 47–53.

  38. Shin, Y. N., Lee, Y. J., Shin, W., and Choi, J., 110 P.s.-. and 10.1109/WAINA.2008.289 D.O.I. Designing Fingerprint-Recognition-Based Access Control for Electronic Medical Records Systems. INAW 2008—2nd International Conference on Advanced Information Networking and Applications—Workshops, Okinawa, Japan, 2008.

  39. Stamp, M., Information security: principles and practice. Wiley, Hoboken, 2006.

    Google Scholar 

  40. van der Linden, H., Kalra, D., Hasman, A., and Talmon, J., Inter-organizational future proof EHR systems: a review of the security and privacy related issues. Int. J. Med. Inform. 78 (3)141–160, 2009. doi:10.1016/j.ijmedinf.2008.06.013.

    Article  Google Scholar 

Download references

Acknowledgements

The authors acknowledge the Government of Chile and University of Talca (Chile) for the support of this research.

Author information

Authors and Affiliations

  1. Faculty of Informatics, University of Wollongong, Wollongong, NSW, Australia

    Alejandro Enrique Flores Zuniga, Khin Than Win & Willy Susilo

Authors
  1. Alejandro Enrique Flores Zuniga
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Khin Than Win
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Willy Susilo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alejandro Enrique Flores Zuniga.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Flores Zuniga, A.E., Win, K.T. & Susilo, W. Biometrics for Electronic Health Records. J Med Syst 34, 975–983 (2010). https://doi.org/10.1007/s10916-009-9313-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10916-009-9313-6

Keywords

Search

Navigation