Abstract
The privacy and the security regulations are two essential requirements of Health Insurance Portability and Accountability Act (HIPAA), recognized by US congress in 1996 as the US Federal Law followed by global e-health industry, in the protection of healthcare privacy. In this paper, a certificate authority (CA) based duality solution has been proposed to fulfill the HIPAA privacy and security regulations that supports both contract and smart card based systems. It presents a patient-centric e-health system based on RSA based public key certificate that allows secure sharing of healthcare information through internet. Doctors and relevant medical staff must have to take patients’ permission for online access to patients’ PHI data stored in the national medical center server (MCS). A copy of PHI text-data is stored in patients’ e-health smart card to support the duality. A random session key is generated in each appointment after prior authentication to upload and retrieve patients’ PHI data to or from MCS. One advantage is that the proposed CA based e-health system is easy implementable using existing security standards, tools and products. Discussions regarding the fulfillment of HIPAA regulations and comparison with the existing schemes have been provided to show the better performance of our scheme.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
