A hybrid approach integrating encryption and pseudonymization for protecting electronic health records
Date
2011
Authors
Heurix, J.
Karlinger, M.
Schrefl, M.
Neubauer, T.
Editors
Baumgartner, C.
Advisors
Journal Title
Journal ISSN
Volume Title
Type:
Conference paper
Citation
Biomedical engineering, 2011 / Baumgartner, C. (ed./s), pp.483-490
Statement of Responsibility
Conference Name
IASTED International Conference on Biomedical Engineering, Biomed 2011 (16 Feb 2011 - 18 Feb 2011 : Innsbruck, Austria)
Abstract
Federated Health Information Systems (FHIS) integrate autonomous information systems of participating health care providers to facilitate the exchange of Electronic Health Records (EHR), which improve the quality and efficiency of patients' care. However, the main problem with collecting and maintaining the sensitive data in electronic form is the issue of preserving data confidentiality and patients' privacy. Although multiple technical measures to restrict access to only authorized persons are implemented, they are usually aimed against external attackers. In this work, we propose to integrate pseudonymization and encryption to a hybrid approach which not only protects against external attackers, but also ensures that even potential internal attackers with full data access, like administrators, cannot gain any useful information.