A break-glass protocol based on ciphertext-policy attribute-based encryption to access medical records in the cloud

In emergency care, fast and efficient treatment is vital. The availability of Electronic Medical Records (EMR) allows healthcare professionals to access a patient’s data promptly, which facilitates the decision-making process and saves time by not repeating medical procedures. Unfortunately, the com...

Full description

Saved in:
Bibliographic Details
Published in:Annales des télécommunications 2020-04, Vol.75 (3-4), p.103-119
Main Authors: T. de Oliveira, Marcela, Bakas, Alexandros, Frimpong, Eugene, Groot, Adrien E. D., Marquering, Henk A., Michalas, Antonis, Olabarriaga, Silvia D.
Format: Article
Language:English
Subjects:
Access to information
Algorithms
Circuits
Communications Engineering
Computer Communication Networks
Decision making
Electronic health records
Emergency medical care
Emergency medical services
Encryption
Engineering
Information and Communication
Information dissemination
Information Systems and Communication Service
Medical records
Networks
R & D/Technology Policy
Signal,Image and Speech Processing
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In emergency care, fast and efficient treatment is vital. The availability of Electronic Medical Records (EMR) allows healthcare professionals to access a patient’s data promptly, which facilitates the decision-making process and saves time by not repeating medical procedures. Unfortunately, the complete EMR of a patient is often not available during an emergency situation to all treatment teams. Cloud services emerge as a promising solution to this problem by allowing ubiquitous access to information. However, EMR storage and sharing through clouds raise several concerns about security and privacy. To this end, we propose a protocol through which all treatment teams involved in the emergency care can securely decrypt relevant data from the patient’s EMR and add new information about the patient’s status. Furthermore, our protocol ensures that treatment teams will only access the patient’s EMR for the period during which the patient is under their care. Finally, we present a formal security analysis of our protocol and some initial experimental results.
ISSN:0003-4347
1958-9395
DOI:10.1007/s12243-020-00759-2