Skip to main content
placeholder image

Secure exchange of electronic health records

Chapter


Abstract


  • Protecting the confidentiality of a patient's information in a shared care environment could become a complex task. Correct identification of users, assigning of access permissions, and resolution of conflict rise as main points of interest in providing solutions for data exchange among health care providers. Traditional approaches such as Mandatory Access Control, Discretionary Access control and Role-Based Access Control policies do not always provide a suitable solution for health care settings, especially for shared care environments. The core of this contribution consists in the description of an approach which uses attribute-based encryption to protect the confidentiality of patients' information during the exchange of electronic health records among healthcare providers. Attribute-based encryption allows the reinforcing of access policies and reduces the risk of unauthorized access to sensitive information; it also provides a set of functionalities which are described using a case study. Attribute-based encryption provides an answer to restrictions presented by traditional approaches and facilitate the reinforcing of existing security policies over the transmitted data. © 2011, IGI Global.

Publication Date


  • 2010

Citation


  • Flores, A. E., Win, K. T., & Susilo, W. (2010). Secure exchange of electronic health records. In Certification and Security in Health-Related Web Applications: Concepts and Solutions (pp. 1-22). doi:10.4018/978-1-61692-895-7.ch001

International Standard Book Number (isbn) 13


  • 9781616928957

Scopus Eid


  • 2-s2.0-84899371606

Book Title


  • Certification and Security in Health-Related Web Applications: Concepts and Solutions

Start Page


  • 1

End Page


  • 22

Abstract


  • Protecting the confidentiality of a patient's information in a shared care environment could become a complex task. Correct identification of users, assigning of access permissions, and resolution of conflict rise as main points of interest in providing solutions for data exchange among health care providers. Traditional approaches such as Mandatory Access Control, Discretionary Access control and Role-Based Access Control policies do not always provide a suitable solution for health care settings, especially for shared care environments. The core of this contribution consists in the description of an approach which uses attribute-based encryption to protect the confidentiality of patients' information during the exchange of electronic health records among healthcare providers. Attribute-based encryption allows the reinforcing of access policies and reduces the risk of unauthorized access to sensitive information; it also provides a set of functionalities which are described using a case study. Attribute-based encryption provides an answer to restrictions presented by traditional approaches and facilitate the reinforcing of existing security policies over the transmitted data. © 2011, IGI Global.

Publication Date


  • 2010

Citation


  • Flores, A. E., Win, K. T., & Susilo, W. (2010). Secure exchange of electronic health records. In Certification and Security in Health-Related Web Applications: Concepts and Solutions (pp. 1-22). doi:10.4018/978-1-61692-895-7.ch001

International Standard Book Number (isbn) 13


  • 9781616928957

Scopus Eid


  • 2-s2.0-84899371606

Book Title


  • Certification and Security in Health-Related Web Applications: Concepts and Solutions

Start Page


  • 1

End Page


  • 22