Secure Sharing of Personal Health Record in Server with On-track ECG Monitoring

Abstract

Personal Health Record (PHR) paved the way to the patient centric model of health information exchange. This service allows a patient to create, manage, and control her personal health data in one place through the web, which has made the storage, retrieval, and sharing of the medical information more efficient. But there have been wide privacy concerns about whether the patients could actually control the sharing of their sensitive Personal Health Information (PHI). This paper proposes a new patient centric framework and mechanisms for data access control to PHRs stored in semi-trusted servers using Attribute Based Encryption (ABE) technique. It focuses on the multiple data owner scenario, and divides the users in the PHR system into multiple security domain that greatly reduces the key management complexity for owners and users. It also proposes a new application for the on-track monitoring of patient's health data with the help of ECG device where communication between client and server is achieved through the GPRS network. The utilization of electrocardiogram transmission will improve efficiency of medical care and service for patients if they could be monitored constantly by health care providers. AES and ABE encryption techniques are used in my work. Keywords: Attribute based encryption (ABE), ECG, GPRS, Personal health record (PHR), secure sharing.