Enhancing accountability of Electronic Health Record usage via patient-centric monitoring

IHI'12 - Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium

Volumn , Issue , 2012, Pages 409-418

  Mashima, Daisuke ^a   Ahamad, Mustaque ^a  

^a GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

Direct Project; EHR; HIE; HIPAA; Patient centricity; PHR

Indexed keywords

DIRECT PROJECT; EHR; HIE; HIPAA; PATIENT-CENTRICITY; PHR;

HEALTH; HEALTH CARE; HEALTH RISKS; MEDICAL PROBLEMS; NETWORK ARCHITECTURE; RECORDS MANAGEMENT;

MEDICAL INFORMATION SYSTEMS;

EID: 84857768453     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2110363.2110410     Document Type: Conference Paper

References (34)

1. 52 arrested in sweeping Medicare fraud case. http://articles.latimes.com/ 2010/oct/14/local/la-me-healthcare-fraud-raid-20101014.
2. CONNECT Community Portal. http://www.connectopensource.org/.
3. Direct Project. http://wiki.directproject.org/.
4. HealthVault Message Center. http://www.healthvault.com/messagecenter.
5. Master Patient Index (MPI). http://healthinformatics.wikispaces.com/ Master+Patient+Index.
6. Meaningful Use Announcement. http://healthit.hhs.gov/portal/server.pt/ community/healthit-hhs-gov-meaningful-use-announcement/2996.
7. Medical Identity Theft. http://www.ftc.gov/bcp/edu/pubs/consumer/idtheft/ idt10.shtm.
8. Microsoft HealthVault. http://healthvault.com/.
9. Nationwide Health Information Network (NHIN). http://www.hhs.gov/ healthit/healthnetwork/background/.
10. Notice of Proposed Rulemaking to Implement HITECH Act Modifications. http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/hitechnprm. html.
11. The Architecture for Privacy in a Networked Health Information Environment. http://www.markle.org/sites/default/files/P1-CFH-Architecture.pdf.
12. National Ambulatory Medical Care Survey: 2008 Summary Tables. http://www.cdc.gov/nchs/data/ahcd/namcs-summary/namcssum2008.pdf, 2008.
13. E. Adams, M. Intwala, and A. Kapadia. MeD-Lights: a usable metaphor for patient controlled access to electronic health records. In Proceedings of ACM IHI 2010, pages 800-808. ACM, 2010.
14. A. Baker, L. Vega, T. DeHart, and S. Harrison. Healthcare & Security: Understanding & Evaluating the Risks. In Proceedings of HCI International 2011, 2011.
15. D. Bell. Secure computer system: Unified exposition and multics interpretation. Technical report, MITRE CORP BEDFORD MA, 1976.
16. D. Bell and L. LaPadula. Secure computer systems: Mathematical foundations and model. MITRE CORP BEDFORD MA, 1(M74-244), 1973.
17. J. Benaloh, M. Chase, E. Horvitz, and K. Lauter. Patient controlled encryption: ensuring privacy of electronic medical records. In Proceedings of CCSW 2009, pages 103-114. ACM, 2009.
18. K. Biba. Integrity considerations for secure computer systems. Technical report, MITRE CORP BEDFORD MA, 1977.
19. D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano. Public key encryption with keyword search. In Advances in Cryptology-Eurocrypt 2004, pages 506-522. Springer, 2004.
20. J. Douceur, A. Adya, W. Bolosky, D. Simon, and M. Theimer. Reclaiming space from duplicate files in a serverless distributed file system. 2002.
21. L. Fang, W. Susilo, C. Ge, and J. Wang. A secure channel free public key encryption with keyword search scheme without random oracle. Cryptology and Network Security, pages 248-258, 2009.
22. R. Gardner, S. Garera, M. Pagano, M. Green, and A. Rubin. Securing medical records on smart phones. In Proceedings of SPIMACS 2009, pages 31-40. ACM, 2009.
23. R. Geambasu, J. John, S. Gribble, T. Kohno, and H. Levy. Keypad: An Auditing File System for Theft-Prone Devices. In Proceedings of EuroSys 2011, 2011.
24. B. Hicks, S. Rueda, D. King, T. Moyer, J. Schiffman, Y. Sreenivasan, P. McDaniel, and T. Jaeger. An architecture for enforcing end-to-end access control over web applications. In Proceeding of SACMAT 2010, pages 163-172. ACM, 2010.
25. M. Jakobsson, K. Sako, and R. Impagliazzo. Designated verifier proofs and their applications. In Proceedings of EUROCRYPT 1996, pages 143-154. Springer-Verlag, 1996. (Pubitemid 126071061)
26. H. Löhr, A. Sadeghi, and M. Winandy. Securing the e-health cloud. In Proceedings of ACM IHI 2010, pages 220-229. ACM, 2010.
27. P. Loscocco and S. Smalley. Integrating flexible support for security policies into the Linux operating system. In Proc. 2001 USENIX Annual Technical Conference-FREENIX Track, pages 29-40, 2001.
28. P. MacKenzie and M. Reiter. Networked cryptographic devices resilient to capture. In Security and Privacy, 2001. S&P 2001. Proceedings. 2001 IEEE Symposium on, pages 12-25. IEEE, 2001. (Pubitemid 32882623)
29. D. Mashima, M. Ahamad, and S. Kannan. User-centric handling of identity agent compromise. In Proceedings of ESORICS 2009, pages 19-36, 2009.
30. J. McCune, T. Jaeger, S. Berger, R. Caceres, and R. Sailer. Shamon: A system for distributed mandatory access control. 2006.
31. S. Narayan, M. Gagné, and R. Safavi-Naini. Privacy preserving EHR system using attribute-based infrastructure. In Proceedings of CCSW 2010, pages 47-52. ACM, 2010.
32. B. Neuman and S. Stubblebine. A note on the use of timestamps as nonces. ACM SIGOPS Operating Systems Review, 27(2):10-14, 1993.
33. R. Steinfeld, L. Bull, H. Wang, and J. Pieprzyk. Universal designated-verifier signatures. Advances in Cryptology-Asiacrypt 2003, pages 523-542, 2003.
34. N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazières. Making information flow explicit in HiStar. In Proceedings of OSDI 2006, pages 263-278. USENIX Association, 2006.