Privacy‐ensuring electronic health records in the cloud

Abstract

SummaryDespite the evident benefits of the access to virtually unlimited computational resources in cloud environments, enterprises and researchers still face upending challenges when deploying applications that deal with sensitive information to the cloud. That is specially true for medical or tax records, for which there are strong legal restrictions to data escrow. In these cases one must be certain that a third party, such as the cloud provider, will never have access to the data. This work presents a solid access control framework that uses hybrid cryptography at client‐side and a two‐factor authentication technique to guarantee a secure key management protocol. We also demonstrate the use of homomorphic and order‐preserving encryption as a viable solution for the computation of regular searches over electronic health records in the cloud, while preserving the confidentiality of clinical data and the privacy of patients, even in the face of a semi‐honest, or “honest, but curious,” cloud provider. We introduce a trusted element, a browser extension, to prevent attacks from malicious cloud providers. The result is evaluated through a full‐featured prototype that manages health records modeled with a few OpenEHR archetypes. The prototype can be easily extended to handle any data structure modeled with OpenEHR.