The electronic health record (eHR) system has recently been considered one of the biggest advancements in healthcare services. A personally controlled electronic health record (PCEHR) system is proposed by the Australian government to make the health system more agile, secure, and sustainable. Although the PCEHR system claims the electronic health records can be controlled by the patients, healthcare professionals and database/system operators may assist in disclosing the patientsÃ¢Â€Â™ eHRs for retaliation or other ill purposes. As the conventional methods for preserving the privacy of eHRs solely trust the system operators, these data are vulnerable to be exploited by the authorised personnel in an immoral/unethical way. Furthermore, issues such as the sheer number of eHRs, their sensitive nature, flexible access, and efficient user revocation have remained the most important challenges towards fine-grained, cryptographically enforced data access control. In this paper we propose a patient centric cloud-based PCEHR framework, which employs a homomorphic encryption technique in storing the eHRs. The proposed system ensures the control of both access and privacy of eHRs stored in the cloud database.
|Title of host publication||2nd Australian eHealth Informatics and Security Conference|
|Place of Publication||Australia|
|Publisher||Security Research Institute, ECU|
|Number of pages||10|
|Publication status||Published - 2013|
|Event||Security Research Institute (SRI) Conference - ECU, Perth, WA, Australia|
Duration: 02 Dec 2013 → 04 Dec 2013
|Conference||Security Research Institute (SRI) Conference|
|Period||02/12/13 → 04/12/13|
Begum, M., Mamun, Q., & Kaosar, M. (2013). A Privacy-Preserving Framework for Personally Controlled Electronic Health Record (PCEHR) System. In 2nd Australian eHealth Informatics and Security Conference (pp. 1-10). Security Research Institute, ECU.