Privacy-Preserving Storage and Access of Medical Data through Pseudonymization and Encryption

J. Heurix, T. Neubauer:
"Privacy-Preserving Storage and Access of Medical Data through Pseudonymization and Encryption";
Vortrag: Eighth International Conference on Trust, Privacy and Security in Digital Business, Toulouse; 29.08.2011 - 02.09.2011; in:"Proceedings of the 8th international conference on Trust, privacy and security in digital business (TrustBus'11)", Springer-Verlag Berlin, Heidelberg, (2011), ISBN: 978-3-642-22889-6; S. 186 - 197.

[ Publication Database ]


E-health allows better communication between health care providers and higher availability of medical data. However, the downside of interconnected systems is the increased probability of unauthorized access to highly sensitive records that could result in serious discrimination against the patient. This article provides an overview of actual privacy threats and presents a pseudonymization approach that preserves the patient´s privacy and data confidentiality. It allows (direct care) primary use of medical records by authorized health care providers and privacy-preserving (non-direct care) secondary use by researchers. The solution also addresses the identifying nature of genetic data by extending the basic pseudonymization approach with queryable encryption.