HOW TO PRESERVE PATIENT’S PRIVACY AND ANONYMITY IN WEB-BASED ELECTRONIC HEALTH RECORDS

Daniel Slamanig, Christian Stingl

Abstract

In recent years, demographic change and increasing treatment costs demand the adoption of more cost efficient, highly qualitative and integrated health care processes. The rapid growth and availability of the Internet facilitate the development of eHealth services and especially of electronic health records (EHRs) which are promising solutions to meet the aforementioned requirements. Considering actual web-based EHR systems, patient-centric and patient moderated approaches are widely deployed. Besides these initiatives there is an emerging market of so called personal health record platforms, e.g. Google Health. Both concepts provide a central and web-based access to highly sensitive data of EHRs. Additionally, the fact that these EHR systems may be hosted by not fully trustworthy providers necessitates to thoroughly consider privacy issues. In this paper we define security and privacy objectives that play an important role in context of web-based EHRs. Furthermore, we discuss deployed solutions as well as concepts proposed in the literature with respect to this objectives and point out several weaknesses. Finally, we introduce a system which overcomes the drawbacks of existing solutions by considering an holistic approach to preserve patient’s privacy and discuss the applied methods in detail.

References

  1. Ateniese, G., Camenisch, J., Joye, M., and Tsudik, G. (2000). A Practical and Provably Secure CoalitionResistant Group Signature Scheme. In Advances in Cryptology - CRYPTO 7800, pages 255-270. Springer.
  2. Bishop, M. (2002). Computer Security: Art and Science. Addison-Wesley.
  3. Boneh, D. and Franklin, M. (1999). Anonymous authentication with subset queries. In Proc. of the 6th ACM conference on Computer and communications security, pages 113-119.
  4. Chaum, D. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84-90.
  5. Chaum, D. and van Heyst, E. (1991). Group signatures. In Advances in Cryptology - EUROCRYPT 7891, LNCS, pages 257-265.
  6. CSI (2007). Computer Crime and Security Survey 2007, Computer Security Institute. http://www.gocsi.com/forms/csi survey.jhtml.
  7. Danezis, G. and Diaz, C. (2008). A Survey of Anonymous Communication Channels. Technical Report MSRTR-2008-35, Microsoft Research.
  8. Danezis, G., Dingledine, R., and Mathewson, N. (2003). Mixminion: Design of a Type III Anonymous Remailer Protocol. In SP 7803: Proceedings of the 2003 IEEE Symposium on Security and Privacy, pages 2- 15, Washington, DC, USA. IEEE Computer Society.
  9. Demuynck, L. and Decker, B. D. (2005). PrivacyPreserving Electronic Health Records. In Communications and Multimedia Security, 9th IFIP TC-6 TC-11 International Conference (CMS 2005), volume 3677 of LNCS, pages 150-159. Springer-Verlag.
  10. Dingledine, R., Mathewson, N., and Syverson, P. (2004). Tor: The Second-Generation Onion Router. In Proceedings of the 13th USENIX Security Symposium, pages 21-21.
  11. Dodis, Y., Kiayias, A., Nicolosi, A., and Shoup, V. (2004). Anonymous Identification in Ad Hoc Groups. In Advances in Cryptology - EUROCRYPT'04, volume 3027 of LNCS, pages 609-626.
  12. Federrath, H. (2005). Privacy Enhanced Technologies: Methods, Markets, Misuse. In Proceedings of the 2nd International Conference on Trust, Privacy, and Security in Digital Business (TrustBus 7805), volume 3592 of LNCS, pages 1-9. Springer-Verlag.
  13. HI (2004). Harris Interactive, Survey on Medical Privacy. http://www.harrisinteractive.com/news/newsletters/ healthnews/HI HealthCareNews2004Vol4 Iss13.pdf.
  14. Lindell, Y. (2007). Anonymous Authenticaion. Whitepaper Aladdin Knowledge Systems, 2007, http://www.aladdin.com/blog/pdf/Anonymous Authentication.pdf.
  15. Naor, M. (2002). Deniable Ring Authentication. In CRYPTO 7802: Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, LNCS, pages 481-498. Springer-Verlag.
  16. Pfitzmann, A. and Köhntopp, M. (2000). Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology. In Workshop on Design Issues in Anonymity and Unobservability, pages 1-9.
  17. Pyper, C., Amery, J., Watson, M., and Crook, C. (2004). Access to Electronic health records in primary care - a survey of patients views. Med Sci Monit, 10(11):17- 22.
  18. Riedl, B., Grascher, V., and Neubauer, T. (2008). A Secure e-Health Architecture based on the Appliance of Pseudonymization. Journal of Software, 3(2):23-32.
  19. Riedl, B., Neubauer, T., Goluch, G., Boehm, O., Reinauer, G., and Krumboeck, A. (2007). A Secure Architecture for the Pseudonymization of Medical Data. In Proceedings of the The Second International Conference on Availability, Reliability and Security (ARES 2007), pages 318-324. IEEE Computer Society.
  20. Rivest, R. L., Shamir, A., and Tauman, Y. (2001). How to Leak a Secret. In Advances in Cryptology - ASIACRYPT 7801, LNCS, pages 552-565. Springer.
  21. Schechter, S., Parnell, T., and Hartemink, A. (1999). Anonymous Authentication of Membership in Dynamic Groups. In Proc. International Conference on Financial Cryptography 99, volume 1648 of LNCS, pages 184-195. Springer-Verlag.
  22. Slamanig, D. and Stingl, C. (2008a). Anonymous Authentication - Principles and Application (German). In Horster, P., editor, Proceedings of DACH-Security 2008, pages 123-134. IT-Verlag.
  23. Slamanig, D. and Stingl, C. (2008b). Privacy Aspects of eHealth. In Proceedings of the The Third International Conference on Availability, Reliability and Security (ARES 2008), pages 1226-1233. IEEE Computer Society.
  24. Slamanig, D., Stingl, C., Lackner, G., and Payer, U. (2007). Preserving Privacy in a Web-based Multiuser-System (German). In Horster, P., editor, Proceedings of DACH-Security 2007, pages 98-110. IT-Verlag.
  25. Steinbrecher, S. and Köpsell, S. (2003). Modelling Unlinkability. In Proceedings of Privacy Enhancing Technologies workshop (PET 2003), volume 2760 of LNCS, pages 32-47. Springer-Verlag.
  26. Stingl, C., Slamanig, D., Rauner-Reithmayer, D., and Fischer, H. (2006). Realization of a Secure and Centralized Data Repository (German). In Horster, P., editor, Proceedings of DACH Security 2006, pages 32-45. ITVerlag.
Download


Paper Citation


in Harvard Style

Slamanig D. and Stingl C. (2009). HOW TO PRESERVE PATIENT’S PRIVACY AND ANONYMITY IN WEB-BASED ELECTRONIC HEALTH RECORDS . In Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2009) ISBN 978-989-8111-63-0, pages 257-264. DOI: 10.5220/0001547502570264


in Bibtex Style

@conference{healthinf09,
author={Daniel Slamanig and Christian Stingl},
title={HOW TO PRESERVE PATIENT’S PRIVACY AND ANONYMITY IN WEB-BASED ELECTRONIC HEALTH RECORDS},
booktitle={Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2009)},
year={2009},
pages={257-264},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001547502570264},
isbn={978-989-8111-63-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2009)
TI - HOW TO PRESERVE PATIENT’S PRIVACY AND ANONYMITY IN WEB-BASED ELECTRONIC HEALTH RECORDS
SN - 978-989-8111-63-0
AU - Slamanig D.
AU - Stingl C.
PY - 2009
SP - 257
EP - 264
DO - 10.5220/0001547502570264