Developing technologies to protect security and privacy of electronic health information

May 31, 2012 By Abby Robinson

Information sharing requires that partners establish broad electronic trust among the caretakers of critical information and those who need and are authorized to use that information.

Researchers from Georgia Tech teamed with Children’s Healthcare of Atlanta and Emory University’s Center for Comprehensive Informatics to develop technologies that will protect the security and privacy of electronic health .

“Storing medical records in electronic format and sharing them among different organizations has the potential to produce enormous improvements in the quality and efficiency of the health care system, but unauthorized disclosure of the information has the potential to damage lives and harm careers,” said Douglas Blough, a professor in the School of Electrical and Computer Engineering at Georgia Tech.

Through a project called MedVault, Blough and professors Mustaque Ahamad and Ling Liu of the School of Computer Science at Georgia Tech are developing a broad set of information security and privacy tools that can be integrated with records systems and work flows. MedVault is supported by the National Science Foundation and the Atlanta Clinical and Translational Science Institute.

With exchanges popping up across the country, individuals will begin sharing health documents with various health care system entities, which will need to verify the source and trustworthiness of the documents. MedVault researchers developed a system that uses redactable signature technology for source-verifiable, patient-controlled information sharing. The system enables documents digitally signed by a health care provider to be authenticated, while at the same time invisibly deleting information a patient wants to keep confidential.

“This technology could be especially valuable, for example, to parents who need certified health records to enroll a child in school, college, summer camp or other activity because parents would just need this one digitally signed document and could use it in many different ways,” explained Blough.

The research team also designed a policy combination and conflict resolution system that can examine the policies of multiple health care entities and ensure they are all followed.

“Each organization with a health information exchange may have a different policy about what information in their system can be disclosed under specific circumstances and patients might want to set their own disclosure controls, and all of these policies must be enforced. Our system combines these multiple policies and resolves any conflicts,” added Blough.

The MedVault team is working to ensure that these technologies are seamlessly integrated with the overall health system and its medical processes to provide strong security and privacy while assuring patient safety. 

Explore further: Chinese man brings gay conversion therapy lawsuit

add to favorites email to friend print save as pdf

Related Stories

Researchers say e-health must be a priority

Feb 24, 2011

An electronic health record system should be the backbone of health care reform in Canada and more must be done to speed up the implementation of this initiative across the country. Furthermore, for this system to be put ...

Challenges to the NHS from 'health tourism' going unrecognized

Feb 13, 2012

The rise of medical tourism presents significant challenges for the NHS according to new work from academics at the Universities of Birmingham and York. They argue that policy makers have so far failed to address the implications ...

Recommended for you

Taking great ideas from the lab to the fab

3 hours ago

A "valley of death" is well-known to entrepreneurs—the lull between government funding for research and industry support for prototypes and products. To confront this problem, in 2013 the National Science ...

SR Labs research to expose BadUSB next week in Vegas

4 hours ago

A Berlin-based security research and consulting company will reveal how USB devices can do damage that can conduct two-way malice, from computer to USB or from USB to computer, and can survive traditional ...

US warns retailers on data-stealing malware

6 hours ago

US government cybersecurity watchdogs warned retailers Thursday about malware being circulated that allows hackers to get into computer networks and steal customer data.

User comments : 0