Strategies for health data exchange for secondary, cross-institutional clinical research

Elger, Bernice Simone; Iavindrasana, Jimison; Iacono, Luigi Lo; Müller, Henning; Roduit, Nicolas; Summers, Paul; Wright, Jessica

doi:10.1016/j.cmpb.2009.12.001

Cited by 78 publications

(47 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…However, this is only possible if P trusts C i to check this (i.e., if P gave C i an access to the K S P,Cj -key shared between P and C j ). If SearchOver procedure returns a single pseudonym, C i will update RSDB with the P' data with gnrlQID that corresponds to PS j P (lines [8][9][10]. If the result of SearchOver contains more than one pseudonym, C i checks whether there is a possibility to merge the pseudonyms related to P by applying MergePseud procedure (line 12 ).…”

Section: Anonymization Of Patients' Data For Research Purposesmentioning

confidence: 99%

“…Using encryption combined with pseudonymization techniques [9,17,26] has been proposed recently for building eHealth system in the cloud. There exists also a number of architectures that employ Attribute-Based encryption (ABE) scheme [14][15][16]19,27].…”

Section: Existing Approachesmentioning

confidence: 99%

“…Even if the data are locally anonymized, their aggregation can still reveal sensitive information, especially if the data about an individual are distributed between different local databases [2,3]. Several models in the area of distributed privacy-preserving data publishing have already been proposed (i.e., pseudonymization [9,26], secure multi-party computations (SMC) [6], microaggregation [22], cloning [2]). However, those models significantly affect the utility of the data, and, therefore, an efficient independent release of the data from multiple sources and their aggregation without violation of privacy remains an open problem [10].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Cloud-Based eHealth Architecture for Privacy Preserving Data Integration

Dubovitskaya

Urovi

Vasirani

et al. 2015

ICT Systems Security and Privacy Protection

View full text Add to dashboard Cite

Abstract. In this paper, we address the problem of building an anonymized medical database from multiple sources. Our proposed solution defines how to achieve data integration in a heterogeneous network of many clinical institutions, while preserving data utility and patients' privacy. The contribution of the paper is twofold: Firstly, we propose a secure and scalable cloud eHealth architecture to store and exchange patients' data for the treatment. Secondly, we present an algorithm for efficient aggregation of the health data for the research purposes from multiple sources independently.

show abstract

Section: Anonymization Of Patients' Data For Research Purposesmentioning

confidence: 99%

Section: Existing Approachesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Cloud-Based eHealth Architecture for Privacy Preserving Data Integration

Dubovitskaya

Urovi

Vasirani

et al. 2015

ICT Systems Security and Privacy Protection

View full text Add to dashboard Cite

show abstract

“…Aiming at allowing physicians to access patients' health data without disclosing patients' personal data, the pseudo anonymity technique has been applied in several works [31][32] [8]. Of these, [8] used an approach for reversible pseudonym generation; [32] proposed the possibility of sharing pseudonyms based on Shamir secret sharing [35]. Besides anonymize identity, many works (e.g., [2][9] [13][14] [15] to list a few) suggested that EHR data should also be encrypted in order to increase security.…”

Section: Electronic Health Record Systemmentioning

confidence: 99%

Designing cloud-based electronic health record system with attribute-based encryption

Xhafa

Zhao

et al. 2014

Multimed Tools Appl

View full text Add to dashboard Cite

Aquesta és una còpia de la versió author's final draft d'un article publicat a la revista Multimedia tools and applications.La publicació final està disponible a Springer a través de http://dx.doi.org/10.1007/s11042- 013-1829-6 This is a copy of the author 's final draft version of an article published in the journal Multimedia tools and applications.The final publication is available at Springer via http://dx.doi.org/10.1007/s11042-013-1829-6Article publicat / Published article: Xhafa, F., Li, Jingwei, Zhao, G., Li, Jin, Chen, X., Wong, D.S., F. Abstract With the development of cloud computing, electronic health record (EHR) system has appeared in the form of patient-centric, in which patients store their personal health records (PHRs) at a remote cloud server and selectively share them with physicians for convenient medical care. Although the newly emerged form has many advantages over traditional client-server model, it inevitably introduces patients' concerns on the privacy of their PHRs due to the fact that cloud servers are very likely to be in a different trusted domain from that of the patients.In this paper, aiming at allowing for efficient storing and sharing PHRs and also eliminating patients' worries about PHR privacy, we design a secure cloud-based EHR system, which guarantees security and privacy of medical data stored in the cloud, relying on cryptographic primitive but not the full trust over cloud servers. Based on our proposed basic EHR system, we provide several extensions including adding searchability, supporting revocation functionality and enabling efficient local decryption, which fills the gap between theoretical proposal and practical application.

show abstract

“…RELATED WORK In the literature, to de-identify (or anonymise) patients' records, two types of pseudonyms can be, namely, irreversible and reversible pseudonyms [7]. Irreversible pseudonyms are pseudonyms that cannot be reversed back to the patient's real identity.…”

Section: Introductionmentioning

confidence: 99%

An Enhanced Linkable Anonymous Access Protocol of the Distributed Electronic Patient Records

Addas

Zhang

2014

2014 Ninth International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Abstract-This paper describes the growing concern of privacy and security in e-health applications. Sharing sensitive patient data in a distributed environment introduces security and privacy risks. Therefore, there are increasing demands to provide secure access to distributed Electronic Patient Records (EPRs) but without compromising performance. The aim of this paper is to respond to such demands and to support secure and efficient access to distributed EPRs. In this paper, we enhance the Linkable Anonymous Access Protocol while supporting security and performance. To achieve this, we have designed a secure protocol called the Enhanced Linkable Anonymous Access (ELAA) protocol. To show that the ELAA protocol is secure and efficient, (1) we formally verify and analyse it against security properties using the Casper/FDR2 verification tool. In addition, (2) we build a prototype using the Java technology to demonstrate the performance of the enhanced protocol. By doing this, we prove that the ELAA protocol maintains a good balance between security and performance while supporting distributed access to EPRs.

show abstract

Strategies for health data exchange for secondary, cross-institutional clinical research

Cited by 78 publications

References 26 publications

A Cloud-Based eHealth Architecture for Privacy Preserving Data Integration

A Cloud-Based eHealth Architecture for Privacy Preserving Data Integration

Designing cloud-based electronic health record system with attribute-based encryption

An Enhanced Linkable Anonymous Access Protocol of the Distributed Electronic Patient Records

Contact Info

Product

Resources

About