By Topic

Augmenting security and accountability within the eHealth Exchange

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $33
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
M. Ahmed ; Georgia Tech Information Security Center, Georgia Institute of Technology , Atlanta, GA, USA ; M. Ahamad ; T. Jaiswal

The increased use of electronic medical records and online sharing of such records is motivated by improved quality of healthcare delivery. However, this use has raised security and privacy concerns because sensitive medical data could be exposed to a variety of threats that exist in the online world, leading to problems such as medical identity theft and billing fraud. If not addressed, such concerns could become a barrier to the large-scale adoption and sharing of electronic medical records. To ease such concerns, we argue that the eHealth Exchange, which is a federal initiative for online exchange of healthcare information, needs to be augmented to provide greater patient awareness and control. We take an approach that informs the patient when her health data is accessed by a healthcare enterprise that is not already trusted by the patient. Such awareness is ensured even when some systems in the health information sharing environment become compromised. We enhance accountability support within eHealth Exchange by using digitally signed logs of sharing records that cannot be modified or refuted. We implement and evaluate these mechanisms in the open-source CONNECT system that follows the eHealth Exchange specifications.

Note: The Institute of Electrical and Electronics Engineers, Incorporated is distributing this Article with permission of the International Business Machines Corporation (IBM) who is the exclusive owner. The recipient of this Article may not assign, sublicense, lease, rent or otherwise transfer, reproduce, prepare derivative works, publicly display or perform, or distribute the Article.  

Published in:

IBM Journal of Research and Development  (Volume:58 ,  Issue: 1 )