Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records Systems

Rodrigues, Joel J. P. C.; Díez, Isabel de la Torre; Fernández, Gonzalo; López-Coronado, Miguel

doi:10.2196/jmir.2494

Cited by 157 publications

(101 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In the process of migrating healthcare data to a cloud system, there are security precautions to be taken which include data encryption [8]. While data encryption seems be the most secure method for handling patients data, however not all EHR systems are compatible with standard encryption methods.…”

Section: Security and Privacy Of Healthcare Data With Cloud Computingmentioning

confidence: 99%

See 1 more Smart Citation

Cloud Computing and Healthcare Services

Aziz¹,

Guled²

2016

J Biosens Bioelectron

View full text Add to dashboard Cite

There is a significant volume of healthcare data generated daily. The data are important and vital for decision making and delivering the best care for patients. Cloud computing is a cost effective method that facilitates real-time data collection, data storage and exchange between healthcare organizations. Cloud infrastructure is characterized with a high throughput and a high volume storage; two important factors for efficient data analysis of large patients' population. Security and privacy are of the major concerns for using cloud-based healthcare services. Healthcare organization should have electronic medical records in order to use the cloud infrastructure. In order to cope with the rapid advancements in information technology and the utilization of cloud based services, efforts should be dedicated to move healthcare data form the traditional paper based to the electronic format. Then, regional legislation and policies should be enacted to regulate and control the usage of healthcare data.

show abstract

Section: Security and Privacy Of Healthcare Data With Cloud Computingmentioning

confidence: 99%

“…Cloud network security is a must for a secure transfer of data. Digital signature is another method that helps in the process of data security, in addition to having a backup server for the data saved in a cloud as a security measure in case the server is hacked or damaged [8].…”

Section: Security and Privacy Of Healthcare Data With Cloud Computingmentioning

confidence: 99%

Cloud Computing and Healthcare Services

Aziz¹,

Guled²

2016

J Biosens Bioelectron

View full text Add to dashboard Cite

show abstract

“…In particular, we explore the adoption of location information provided by LCS as a second factor of web server authentication. This is motivated by the fact that security-critical online services (e.g., financial services [43,68], e-health services [59]) are often hosted at dedicated and physically-protected locations. The on-site protection makes it difficult or expensive for an adversary to infiltrate such data centers.…”

Section: Introductionmentioning

confidence: 99%

Salve

Ranganathan

Masti

et al. 2016

Proceedings of the 22nd Annual International Conference on Mobile Computing and Networking

View full text Add to dashboard Cite

The Location Service (LCS) proposed by the telecommunication industry is an architecture that allows the location of mobile devices to be accessed in various applications. We explore the use of LCS in location-enhanced server authentication, which traditionally relies on certificates. Given recent incidents involving certificate authorities, various techniques to strengthen server authentication were proposed. They focus on improving the certificate validation process, such as pinning, revocation, or multi-path probing. In this paper, we propose using the server's geographic location as a second factor of its authenticity. Our solution, SALVE, achieves location-based server authentication by using secure DNS resolution and by leveraging LCS for location measurements. We develop a TLS extension that enables the client to verify the server's location in addition to its certificate. Successful server authentication therefore requires a valid certificate and the server's presence at a legitimate geographic location, e.g., on the premises of a data center. SALVE prevents server impersonation by remote adversaries with mis-issued certificates or stolen private keys of the legitimate server. We develop a prototype implementation and our evaluation in real-world settings shows that it incurs minimal impact to the average server throughput. Our solution is backward compatible and can be integrated with existing approaches for improving server authentication in TLS.

show abstract

“…Namun, kondisi yang ada saat ini menunjukkan bahwa penyedia layanan kesehatan menyimpan EHR sendiri-sendiri. Hal ini berdampak pada sulitnya mekanisme integrasi dan pertukaran EHR antar penyedia layanan kesehatan [2].Cloud Computing telah menjadi paradigma yang menjanjikan serta mendapat perhatian yang lebih dari akademisi dan industri. Paradigma ini menggeser lokasi dari infrastruktur komputer ke pihak ketiga.…”

unclassified

Implementasi Algoritme 3DES pada Sistem Sharing Electronic Health Record (EHR) Berbasis Cloud

Darwito¹,

Yuliana²,

Soelistijorini³

2017

Jurnal Nasional Teknik Elektro dan Teknologi Informasi (JNTETI)

View full text Add to dashboard Cite

Abstract-Electronic Health Record (EHR) or medical history has been widely adopted to enable healthcare providers such as hospitals, insurance companies, and patients, to create, organize, and access EHR information from anywhere and at any time. From a health standpoint, to improve the quality of patient care, an EHR storage center is needed to ensure the EHR's novelty at all times. This underlies the need for an efficient, safe, and inexpensive mechanism for sharing EHR among health care providers. Cloud Computing has become a promising paradigm and gains more attention from academia and industry. This paradigm shifts the location of the computer infrastructure to third parties. Cloud computing not only increases the efficiency of storage and exchange of medical data but also allows accessing medical data from anywhere and anytime. In this paper, a mechanism of cloud-based sharing system equipped with the 3DES algorithm to secure health history data and the use of the smart card as a medium for controlling patient information access is proposed. The results of the tests indicate that the built system has fulfilled the security requirements such as privacy, authentication, confidentiality and integrity.Intisari-Electronic Health Record (EHR), atau dikenal dengan riwayat kesehatan, telah diadopsi secara luas untuk memungkinkan penyedia layanan kesehatan seperti puskesmas, rumah sakit, perusahaan asuransi, dan pasien menciptakan, mengatur, dan mengakses informasi EHR dari mana saja dan kapan saja. Dari sudut pandang kesehatan, untuk meningkatkan kualitas perawatan pasien, diperlukan sebuah pusat penyimpanan EHR yang dapat memastikan kebaruan EHR setiap waktu. Hal inilah yang mendasari diperlukannya mekanisme yang efisien, aman, dan murah untuk berbagi EHR antara penyedia layanan kesehatan. Cloud Computing telah menjadi paradigma yang menjanjikan serta mendapat perhatian yang lebih dari akademisi dan industri. Paradigma ini menggeser lokasi dari infrastruktur komputer ke pihak ketiga. Cloud computing tidak hanya meningkatkan efisiensi dari penyimpanan serta pertukaran data medis, tetapi juga memungkinkan pengaksesan data medis dari mana saja dan kapan saja. Pada makalah ini diusulkan sebuah mekanisme sistem sharing berbasis cloud yang dilengkapi dengan algoritme 3DES untuk mengamankan data riwayat kesehatan serta penggunaan smart card sebagai media pengontrolan akses informasi pasien. Hasil pengujian yang dilakukan menunjukkan bahwa sistem yang dibuat telah memenuhi persyaratan keamanan seperti privasi, autentikasi, kerahasiaan, dan keutuhan.Kata Kunci-EHR, Cloud Computing, sharing, 3DES, smart card.I. PENDAHULUAN Di era lingkungan kesehatan modern, EHR, atau dikenal dengan riwayat kesehatan, telah diadopsi secara luas untuk memungkinkan penyedia layanan kesehatan seperti puskesmas, rumah sakit, perusahaan asuransi, dan pasien untuk menciptakan, mengatur, dan mengakses informasi EHR dari mana saja dan kapan saja. Dari sudut pandang kesehatan, untuk meningkatkan kualitas perawatan pasien diperlukan sebuah pusat pen...

show abstract

Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records Systems

Cited by 157 publications

References 22 publications

Cloud Computing and Healthcare Services

Cloud Computing and Healthcare Services

Salve

Implementasi Algoritme 3DES pada Sistem Sharing Electronic Health Record (EHR) Berbasis Cloud

Contact Info

Product

Resources

About