Advanced search
Publication Cover
Medical Informatics and the Internet in Medicine Volume 30, 2005 - Issue 3
Journal homepage
44
Views
9
CrossRef citations to date
0
Altmetric
Original Article

A patient-identity security mechanism for electronic medical records during transit and at rest

Hui-Mei Chao Department of Electrical Engineering, Chung Yuan Christian University, Chung-Li, 32023, Taiwan, ROC; Department of Electronic Engineering, Kao Yuan University of Technology, Kao-Hsiung County, 821, Taiwan, ROCCorrespondence[email protected]
,
Shih-Hsiung Twu Department of Electrical Engineering, Chung Yuan Christian University, Chung-Li, 32023, Taiwan, ROC
&
Chin-Ming Hsu Department of Electronic Engineering, Kao Yuan University of Technology, Kao-Hsiung County, 821, Taiwan, ROC
Pages 227-240 | Received 01 Jul 2004, Accepted 01 Jul 2005, Published online: 12 Jul 2009

References

  • Matejkovic JE, Lahey KE. Identity theft: no help for consumers. Financial Services Review 2001;10:221–235.
  • Wales E. Identity theft. Computer Fraud & Security 2003;2:5–7.
  • Benner J, Givens B, Mierzwinski E. Nowhere to turn: Victims speak out on identity theft. CALPIRG/Privacy Rights Clearinghouse Report, 2000.
  • RSA Security Inc. Consumer perceptions about security. 2003. Available from: http://www.rsasecurity.com/solutions/topics/whitepapers/CSPS_WP_0903.pdf
  • RSA Security Inc. An enterprise perspective on identity theft. 2003. Available from: http://www.rsasecurity.com/solutions/idmgt/whitepapers/IDT_WP_1003.pdf
  • Committee on Maintaining Privacy and Security in Health Care Applications of the National Information Infrastructure. For the record: Protecting electronic health information. Washington, DC: National Academy Press. 1997. Available from: http://www.nap.edu/readingroom/books/ftr/52e6.html
  • Office for Civil Rights—HIPAA, Medical privacy—national standards to protect the privacy of personal health Information. 2003. Available from: http://www.os.dhhs.gov/ocr/hipaa/finalreg.html
  • Chao HM, Hsu CM, Miaou SG. A data hiding technique with authentication, integration, and confidentiality for electronic patient records. IEEE Transactions on Information Technology in Biomedicine 2002;6:46–53.
  • Lees PJ, Chronaki CE, Simantirakis EN, Kostomanolakis SG, Orphanoudakis SC, Vardas PE. Remote access to medical records via the Internet: feasibility, security and multilingual considerations. Computers in Cardiology 1999;26:89–92.
  • Rafiq A, Zhao X, Cone S, Merrell R. Electronic multimedia data management for remote population in Ecuador. International Congress Series 2004;1268:301–306.
  • Zhang M. Analysis of the SPEKE password-authenticated key exchange protocol. IEEE Communications Letters 2004;8:63–65.
  • Frischholz RW, Dieckmann U. BioID: A multimodal biometric identification system. Computer 2000;33:64–68.
  • Ortega-Garcia J, Gonzalez-Rodriguez J, Marrero-Aguiar V, Diaz-Gomez CJJ, Garcia-Jimenez CR, Lucena-Molina CJ, Sanchez-Molero TJAG. AHUMADA: A large speech corpus in Spanish for speaker identification and verification. Proceedings of IEEE International Conference. Acoustics, Speech and Signal Processing 1998;2:773–776.
  • Bleha SA, Obaidat MS. Dimensionality reduction and feature extraction applications in identifying computer users. IEEE Transactions on Systems, Man, and Cybernetics 1991;21:452–456.
  • Bolle RM, Connell JH, Ratha NK. Biometric perils and patches. Pattern Recognition 2002;35:2727–2738.
  • Jain AK, Ross A, Prabhakar S. An introduction to biometric recognition. IEEE Transactions on Circuits and Systems for Video Technology 2004;14:4–20.
  • Jain AK. Biometric recognition: how do I know who you are? Proceedings of the IEEE 12th Signal Processing and Communications Applications Conference 2004;28–30, 3–5.
  • Johnson ML. Biometrics and the threat to civil liberties. Computer 2004;37:90–92.
  • McKee G. Biometric identity theft [Letters]. Computer 2000;33:5–10.
  • Menasce DA. Security performance. IEEE Internet Computing 2003;7:84–87.
  • Calcote S. Developing a secure healthcare information network on the Internet. Healthcare Financial Management 1997;51:68.
  • Louwerse K. The electronic patient record: The management of access—case study: Leiden University Hospital. International Journal of Medical Informatics 1998;49:39–44.
  • Dwivedi A, Bali RK, Belsis MA, Naguib RNG, Every P, Nassar NS. Towards a practical healthcare information security model for healthcare institution. The 4th International IEEE EMBS Special Topic Conference on Information Technology Applications in Biomedicine 2003. p 114–117.
  • Takeda H, Matsumura Y, Kuwata S, Nakano H, Sakamoto N, Yamamoto R. Architecture for networked electronic patient record systems. International Journal of Medical Informatics 2000;60:161–167.
  • Cox JL…. As well as developers. Health Management Technology 2000;21:27.
  • Hemmings T. PKI: Up close and personal. Health Management Technology 2000;21:20–23.
  • Etheridge Y. PKI—how and why it works. Health Management Technology, 2001;22:20–21.
  • Lynch JT, Lassus B. Mega enterprise chooses smart cards. Health Management Technology 2000;21:50–52.
  • Lovorn J. The power of PKI. Health Management Technology. 2001. Available from: http://www.healthmgttech.com/archives/h1201power.htm
  • Lancaster S, Yen DC, Huang SM. Public key infrastructure: A micro and macro analysis. Computer Standards & Interfaces 2003;25:437–446. Available from: http://www.elsevier.com/locate/csi
  • What’s a PKI? Available from: http://www.entrust.com/resources/pdf/whatsapki.pdf
  • Bobbitt M. PKI policy pitfalls. Information Security Magazine 2001;July. Available from: http://www.infosecuritymag.com/articles/july01/features_pki.shtml
  • Vawdrey DK, Sundelin TL, Seamons KE, Knutson CD. Trust negotiation for authentication and authorization in healthcare information systems. Proceedings of the 25th IEEE Annual International Conference on Engineering in Medicine and Biology Society 2003, 2, p 1406–1409.
  • Cimino JJ, Patel VL, Kushniruk AW. The patient clinical information system (PatCIS): technical solutions for and experience with giving patients access to their electronic medical records. International Journal of Medical Informatics 2002;68:113–127.
  • Gurgens S, Ochsenschlager P, Rudolph C. Role based specification and security analysis of cryptographic protocols using asynchronous product automata. Proceedings of 13th International Workshop on Database and Expert Systems Applications; 2002. p 473–479.
  • Menezes A, van Oorschot P, Vanstone S. Handbook of applied cryptography. Boca Raton, FL: CRC Press; 1996. Available from: http://www.cacr.math.uwaterloo.ca/hac/about/chap10.pdf
  • Zieschang T. Combinatorial properties of basic encryption operations. Berlin: Springer; 1998. p 14–26.
  • Motta GHMB, Furuie SS. A contextual role-based access control authorization model for electronic patient record. IEEE Transactions on Information Technology in Biomedicine 2003;7:202–207.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.