A Certificate Authority (CA) Based Cryptographic Solution For HIPAA Privacy Security Regulations
| المصدر: | مجلة جامعة الملك سعود - علوم الحاسب والمعلومات |
|---|---|
| الناشر: | جامعة الملك سعود |
| المؤلف الرئيسي: | Ray, Sangram (Author) |
| مؤلفين آخرين: | Biswas, G.P. (Co-Author) |
| المجلد/العدد: | مج26, ع2 |
| محكمة: | نعم |
| الدولة: |
السعودية |
| التاريخ الميلادي: |
2014
|
| الصفحات: | 170 - 180 |
| DOI: |
10.33948/0584-026-002-002 |
| ISSN: |
1319-1578 |
| رقم MD: | 973074 |
| نوع المحتوى: | بحوث ومقالات |
| اللغة: | الإنجليزية |
| قواعد المعلومات: | science |
| مواضيع: | |
| كلمات المؤلف المفتاحية: |
Health Insurance Portability And Accountability Act (HIPAA) | Certificate Authority (CA) | Protected Health Information (PHI) | E-health Security | Medical Center Server (MCS) | Public Key Infrastructure (PKI)
|
| رابط المحتوى: |
| المستخلص: |
The Health Insurance Portability and Accountability Act (HIPAA) passed by the US Congress establishes a number of privacy/security regulations for e-healthcare systems. These regulations support patients’ medical privacy and secure exchange of PHI (protected health information) among medical practitioners. Three existing HIPAA-based schemes have been studied but appear to be ineffective as patients’ PHI is stored in smartcards. Moreover, carrying a smartcard during a treatment session and accessing PHI from different locations results in restrictions. In addition, authentication of the smartcard presenter would not be possible if the PIN is compromised. In this context, we propose an MCS (medical center server) should be located at each hospital and accessed via the Internet for secure handling of patients’ PHI. All entities of the proposed e-health system register online with the MCS, and each entity negotiates a contributory registration key, where public-key certificates issued and maintained by CAs are used for authentication. Prior to a treatment session, a doctor negotiates a secret session key with MCS and uploads/ retrieves patients’ PHI securely. The proposed scheme has five phases, which have been implemented in a secure manner for supporting HIPAA privacy/security regulations. Finally, the security aspects, computation and communication costs of the scheme are analyzed and compared with existing methods that display satisfactory performance. |
|---|---|
| ISSN: |
1319-1578 |
عناصر مشابهة
-
التأمين الصحي الأميركي للجميع قد يزيد تنافسية اليد العاملة
بواسطة: عبدالحسين، حسين منشور: (2014) -
The Impact of Information Privacy and Security on Patients' Trust in Iraqi Health Care Information System
بواسطة: عبدالحسن، عمار عبدالحمزة منشور: (2022) -
Utilizing Blockchain to Measure Privacy and Security in a Healthcare System: Jordan Healthcare System as a Case Study
بواسطة: الدلابيح، أحمد محمد علي منشور: (2023) -
Security metric for cryptographic systems based upon DPA
بواسطة: Al Bishry, Nabeel Hamad منشور: (2007) -
Effect of Health Insurance Coverage on Health Care Utilisation in Zambia
بواسطة: Mulenga, Kabaso منشور: (2023)
