Abstract
Widespread adoption of health information sharing is claimed to improve healthcare quality at reduced cost due to the ability for providers to share healthcare information rapidly, reliably, and securely. During emergency access, however, such sharing may affect patient privacy adversely and steps must be taken to ensure privacy is preserved. Australia and the US have taken different approaches toward health information sharing. The Australian approach broadly uses a "push" model where a summary record is extracted from local health records, and pushed into a centralized system accessed by providers. Under the US approach, providers during emergency access generally "pull" health records from a centralized system that typically replicates local health records. On the other hand, the centralized repository most likely will be a third party cloud provider that offers on demand availability of high quality and cost effective services. These features make cloud computing a perfect infrastructure for EHR systems. The fact that medical data are handled and managed by a third party cloud provider, however, requires additional security mechanisms, i.e. auditing, to preserve data confidentiality, integrity, and privacy. This thesis contrasts the Australian and US approaches to information sharing during emergency access, focusing on patient privacy preservation. It develops a generalized approach to enhance patient privacy during emergency access using "push" and "pull" approaches. It presents an auditing service implementation over a multi-cloud data repository. It finally shows preliminary results from a proof-of-concept EHR system.
Library of Congress Subject Headings
Medical records--Data processing; Communication in emergency medicine--Australia; Communication in emergency medicine--United States; Data protection--Australia; Data protection--United States; Cloud computing--Security measures
Publication Date
4-1-2013
Document Type
Thesis
Department, Program, or Center
Computer Science (GCCIS)
Advisor
Alshehri, Suhair
Advisor/Committee Member
Radziszowski, Stanislaw
Recommended Citation
Darnasser, Muhannad, "Toward privacy-preserving emergency access in EHR systems with data auditing" (2013). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/4763
Campus
RIT – Main Campus
Plan Codes
COMPSCI-MS
Comments
Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works. Physical copy available through RIT's The Wallace Library at: R864 .D36 2013