Security Framework for eHealth Services: A Study

—Patient health record (PHR) is a rising patient centric model which is frequently outsourced to store at third party. This addresses the issue in privacy such as hiding the sensitive health data of a patient which can be assessed by unauthorized users. In this paper, a new secured e-health framework has proposed. In this framework, patient centric personal data and access control scheme with enhanced encryption method has been considered. Security and privacy of personal health information have been identified by digital signature and patient pseudo identity as well as. This paper address the enhanced security model for more authentication and authorization functionality and expects to discover the new technique that can be utilized to build the efficiency in e-health care system based on security, privacy and user satisfaction. The survey has been conducted to test the proposed e-health framework. The data has been analyzed using SPSS tool. Keywords—Patient health record (PHR), e-health framework, authentication and authorization

2006

The development of information technology has eased the medical services and provided the electronic health service in a way that a doctor can keep the records of patients in an information system and be informed of changes of status of patients, and make decisions promptly. However, there are increasing challenges over the privacy of patients due to the exposition of clinic information patients to ubiquitous networks. This paper introduces a framework for authentication and authorization in e-health services. It aims to build the architecture for authentication and authorisation within an e-health service system. The architecture will help to build a secure and privacyprotection e-health service system. The authors hope that understanding the underlying framework will not only inform researchers of a better design for e-health service, but also assist e-health systems developers in the understanding of intricate constructions within authentication and authorisation. Further, our paper highlights the importance of protecting the privacy of medical records of patients in terms of information privacy.

2008

⎯ This paper presents an alternative way to secure communications in e-health. During the communication processes, users exchange different types of information with different levels of sensitivities. For example, communications between a doctor and a patient contain data of higher levels of sensitivities than communications between a social worker and a nurse. The different levels of the sensitivities of the information are secured by using different types of security processes. In this paper, these different communication types and different levels of data sensitivities in e-health are explained, the requirements for each type for communications are described and the use of the cryptography to secure the communication is discussed.

e-Technology, e-Commerce …, 2004

Advances in Enterprise Information Technology Security, 2007

This chapter presents security solutions in integrated patient-centric Web-based health-care information systems, also known as electronic healthcare record (EHCR). Security solutions in several projects have been presented and in particular a solution for EHCR integration from scratch. Implementations of Public key infrastructure, privilege management infrastructure, role based access control and rule based access control in EHCR have been presented. Regarding EHCR integration from scratch architecture and security have been proposed and discussed. This integration is particularly suitable for developing countries with wide spread Internet while at the same time the integration of heterogeneous systems is not needed. The chapter aims at contributing to initiatives for implementation of national and transnational EHCR in security aspect.

2013 9th International Conference on Information Assurance and Security (IAS), 2013

The inclusion of information technology in health sector has initiated a promising revolution in the area of health care. However, like in all other IT sectors, security issues are of primary concern in e-health care systems. In the present study, considering the Indian e-health scenario we have proposed a model, which integrates the authorization (role based and attribute based) and authentication techniques simultaneously. The suggested model utilizes "Aadhaar" an upcoming identification proof provided by UIDAI (Unique Identification Authority of India) an agency of Government Of India along with spatial &Temporal constraints for the purpose of authentication. Further we have also designed an algorithm for the implementation of same.

Proceedings of 7th International Workshop on Enterprise networking and Computing in Healthcare Industry, 2005. HEALTHCOM 2005., 2005

Absirrrct-The current healthcare enviroiiinent has embraced Electronic Health Records (EHRs) as evidenced by the mmerous standards both formal atid proprietary that have arisen. However, the issues of security and privacy i n this new landscape has not been adequately addressed. Legislation has attempted to ameliorate the sltuation by mandating a minimuin level of protection for the healthcare consumer. However, the leading standards lack technical specificity that would ensure security and privacy in a modem distributed system of EHRs. The research presented in this paper presents a means to address some of these issues by using a service orientated architecture.

Procedia Technology, 2013

Potential benefits of the e-health system do not ignore the challenges that prevent the system from being fairly used. Security and privacy challenges of the e-health system need to be understood and resolved. The aim of this paper is to explore and analyze the current state of e-health systems security and privacy of patient records. Main focus is on security at the policy level in order to protect electronic patient record.

The e-Healthcare information offers unique security, privacy and confidentiality challenges that require a fresh examination of the mainstream concepts and approaches to information security. The significance of security and privacy in e- Healthcare information raised the issues of individual consent, confidentiality and privacy, which are the main determinants in adopting and successful utilising the e-Healthcare information. Current trends in the domain of e-Healthcare information management point to the need for comprehensive incorporation of security, privacy and confidentiality safeguards within the review of e-Healthcare information management frameworks and approaches. This raises major challenges that demands holistic approaches spanning a wide variety of legal, ethical, psychological, information and security engineering. This introductory chapter explores information security and challenges facing e-Healthcare information management.

Many different applications in health care have some common characteristics. We used these characteristics to develop a framework with which it is possible to rapidly develop and deploy secure mobile applications in the Austrian eHealth context. We implemented mechanisms to be able to securely connect and process medical data according to current legal regulations via a secured communication server acting as a relay between mobile devices and the protected data storage. Additionally, the development of new applications is reduced to the writing of a single configuration file.