Research on E-healthcare Security Evaluation in Cloud-Based System

Abstract

As healthcare adopts electronic methods of storing patient health records, cloud technology allows mining and analyzing this data and accessing the general public health information. Patient’s privacy and security of personal information is crucial when considering using electronic health records in the healthcare industry (E-Healthcare). The need of the hour is to be able to store and recover patient’s data efficiently. However, moving patient’s medical information to the Cloud involves major security risks and destructs robust data privacy of health records. The threat of data breaches and the need to manage huge amounts of data are issues that have affected the healthcare industry for years. The privacy issues and threats faced by E-healthcare systems include network attacks and threats to hosts and unsanctioned access to EHR records. The major EHR system functions such as appointment scheduling, dietary planning, admission and discharge, transfer radiology/lab orders and prescription order entry are vulnerable to security threats. Security issues need to be assessed thoroughly in order for hospitals and other such medical institutions to shift to electronic standards of maintaining patient's data. Before moving to a cloud-based architecture, health organizations should perform a risk assessment. This will help to identify the security measures required to mitigate these risks. This approach provides a valid assessment of the security risk management procedure approved by field experts. It not only identifies threats to E-healthcare but also allows for a structured flow in risk management. The risk management process is documented and reported in an efficient and easy way for concerned stakeholders of the E-healthcare to understand. It will compare existing solutions on how to protect the confidentiality of patient information. Some of these methods include implementation of a Role-Based Access Control (RBAC) model, digital encryption and signature for cloud security and EHR service continuity management. Moreover, it will consider security matters that CSP’s should look into while storing patient’s record. Ultimately, it will come up with the most suitable solution to make E-Healthcare systems more secure. In this paper, the focus will be on identifying security encounters that E-health systems face by discussing means in which these systems are susceptible to attacks.