Existing enabling technologies and solutions to maintain privacy and security in healthcare records

Abstract

Electronic health record (EHR) is a repository of a patient medical record stored in digital format. MR is accessible by different healthcare professionals, administrative staffs, patients, and their relatives. The key highlight of EHR is that it is possible to exchange health information of patients between different healthcare providers. This MR property supports patients with efficient and high -quality healthcare delivery. MR has several advantages in improving efficiency, lowering costs, and medical errors. Usually, MR is outsourced to the third party such as cloud or fog. These third party service providers facilitate unlimited resources for storage and computing. This information technology infrastructure enables the medical record of a person to be stored in one place is accessed from any part of the world. Despite EBR's numerous advantages, it poses many security issues because EHR is exposed to third -party service providers and users of different kinds. Infringement of data privacy, data integrity, and user privacy are the main security issues. Researchers have come up with many ideas since 1982 to improve EHR's security. Then they concluded that these breaches of security might be confined by encrypting EHR before being out sourced to the third party. Researchers have used different encryption techniques to encrypt EHR, such as symmetric key encryption, public key encryption, and identity based encryption. All of the above techniques of encryption fall with their common disadvantages. Currently, researchers apply attribute -based encryption (ABE) in EHR because it provides additional security requirement of fl exibility and control unauthorized access. The ABE scheme allows the MR owner to choose authorized users to access various parts of the MR, and the MR owner can enforce write access control and read user access control policies. Multiauthority ABE is developed to provide efficient key management and to avoid key escrow. Authentication of users can also maintain EHR's privacy and security. We discuss existing encryption techniques and authentication techniques in this chapter to maintain the privacy and security of EHR being outsourced to the third party. In addition, the advantage of enabling blockchain technology is also discussed in securing EHR