Electronic health is one of the most popular applications of information and communication technologies and it has contributed immensely to health delivery through the provision of quality health service and ubiquitous access at a lower cost. Even though this mode of health service is increasingly becoming known or used in developing nations, these countries are faced with a myriad of challenges when implementing and deploying e-health services on both small and large scale. It is estimated that the Africa population alone carries the highest percentage of the world’s global diseases despite its certain level of e-health adoption. This paper aims at analyzing the progress so far and the current state of e-health in developing countries particularly Africa and propose a framework for further improvement.
Cryptography has been widely accepted for security and partly for privacy control as discovered from past works. However, many of these works did not provide a way to manage cryptographic keys effectively especially in EHR applications, as this is the Achilles heel of cryptographic techniques currently proposed. The issue of accountability for legitimate users also has not been so popular and only a few considered it in EHR. Unless a different approach is used, the reliant on cryptography and password or escrow based system for key management will impede trust of the system and hence its acceptability. Also users with right access should also be monitored without affecting the clinician workflow. This paper presents a detailed review of some selected recent approaches to ensuring security, privacy and accountability in EHR and gaps for future research were also identified.
General TermsSecurity, eHealth
Several recent works have proposed and implemented cryptography as a means to preserve privacy and security of patient's health data. Nevertheless, the weakest point of electronic health record (EHR) systems that relied on these cryptographic schemes is key management. Thus, this paper presents the development of privacy and security system for cryptography-based-EHR by taking advantage of the uniqueness of fingerprint and iris characteristic features to secure cryptographic keys in a bio-cryptography framework. The results of the system evaluation showed significant improvements in terms of time efficiency of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood of imposters gaining successful access to the keys protecting patients' protected health information. This result also justifies the feasibility of implementing fuzzy key binding scheme in real applications, especially fuzzy vault which demonstrated a better performance during key reconstruction.
Patients want the assurance that the confidentiality of their records accessed through Electronic Health Records (EHR) are safe. With increasing implementation of EHR for health care, privacy concern remains a barrier that limits patients' favorable judgment of this technology. Sensitive records can be compromised and this represents problems in EHRs, which are considered to be more efficient, less error prone, and of higher availability compared to traditional paper health records. In this article, a session based hierarchical key encryption system was developed that allows patient to have full control over certain nodes of their health records. Health records were organized in a hierarchical structure with records further broken down into subcategories. Cryptography was used to encrypt the health records in their different subcategories. Patients' generate a root keys using Blum Blum Shub Algorithm for pseudorandom number generator from which the session-based subkeys were derived, and only authorize users can access these records within a designated period marked as session. The system development demonstrates one way patients' privacy and security can improve using session based hierarchical key encryption system for EHR.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.