Abstract
BackgroundPatient-centered health care information systems (PHSs) enable patients to take control and become knowledgeable about their own health, preferably in a secure environment. Current and emerging PHSs use either a centralized database, peer-to-peer (P2P) technology, or distributed ledger technology for PHS deployment. The evolving COVID-19 decentralized Bluetooth-based tracing systems are examples of disease-centric P2P PHSs. Although using P2P technology for the provision of PHSs can be flexible, scalable, resilient to a single point of failure, and inexpensive for patients, the use of health information on P2P networks poses major security issues as users must manage information security largely by themselves.ObjectiveThis study aims to identify the inherent security issues for PHS deployment in P2P networks and how they can be overcome. In addition, this study reviews different P2P architectures and proposes a suitable architecture for P2P PHS deployment.MethodsA systematic literature review was conducted following PRISMA (Preferred Reporting Items for Systematic Reviews and Meta-Analyses) reporting guidelines. Thematic analysis was used for data analysis. We searched the following databases: IEEE Digital Library, PubMed, Science Direct, ACM Digital Library, Scopus, and Semantic Scholar. The search was conducted on articles published between 2008 and 2020. The Common Vulnerability Scoring System was used as a guide for rating security issues.ResultsOur findings are consolidated into 8 key security issues associated with PHS implementation and deployment on P2P networks and 7 factors promoting them. Moreover, we propose a suitable architecture for P2P PHSs and guidelines for the provision of PHSs while maintaining information security.ConclusionsDespite the clear advantages of P2P PHSs, the absence of centralized controls and inconsistent views of the network on some P2P systems have profound adverse impacts in terms of security. The security issues identified in this study need to be addressed to increase patients’ intention to use PHSs on P2P networks by making them safe to use.
Highlights
MotivationPatients require access to their health information with the same ease as with other web-based activities such as banking or shopping; patients are often only one part of the current health care processes and not the focus of attention [1]
peer-to-peer Pan-European Privacy-Preserving-Proximity-Tracing (PEPP-PT) (P2P) patient-centered health care information system pure random scan (PRS) (PHS) raise challenging information security–related questions: How can reliable data backups be implemented? If credentials are lost or compromised, how can they be replaced or blocked? How well is the system protected against unauthorized access? P2P PHSs that are not distributed ledger technology (DLT)-based are an emerging phenomenon that will become more relevant in the future as they are aligned well with large-scale efforts to re-decentralize the internet and support patients in taking ownership of their health data [1,10]
On the basis of the discussion of the different forms of P2P PHS architectures in the previous section, the combination of multitier structure and hybrid P2P architecture appears to be most appropriate for P2P PHSs; we propose an architecture with the following abilities (Figure 3): (1) enforcement of data protection requirements similar to that of Health Insurance Portability and Accountability Act (HIPAA) and semantic compliance through super peers as central index servers; (2) registration and identity verification; (3) higher scalability and availability of resources and lack of single points of failure; (4) association of patients with their respective PHS providers and practitioners; and (5) faster PHS updates with security patches through the super peer networks
Summary
Patients require access to their health information with the same ease as with other web-based activities such as banking or shopping; patients are often only one part of the current health care processes and not the focus of attention [1]. Patient-centered health care information systems (PHSs) enable patients to take control and become knowledgeable about their own health, preferably in a secure environment. The evolving COVID-19 decentralized Bluetooth-based tracing systems are examples of disease-centric P2P PHSs. using P2P technology for the provision of PHSs can be flexible, scalable, resilient to a single point of failure, and inexpensive for patients, the use of health information on P2P networks poses major security issues as users must manage information security largely by themselves. The security issues identified in this study need to be addressed to increase patients’ intention to use PHSs on P2P networks by making them safe to use
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.