Medical Data Security - Research Paper Example

? Medical Data Security Lecturer: RELATED WORK It should be d that hierarchical access control via encryption is not anew idea. Akl and Taylor [16] as well as Sandhu [8] propose constructions based on one-way functions. More recently, Hengartner and Steenkiste proposed a given scheme for encryption-based access control based on hierarchical IBE [13]. Atallah et al submits a symmetric key scheme that allows not only the tree-based hierarchies but also for arbitrary acyclic graphs. A recent work on attribute-based encryption enables encryption-based access control having more expressive policies although it is not known on how to incorporate the searchability in the given schemes. A related issue is the one of Cryptographic Storage File Systems (CSFS) that was introduced by Blaze in which the particular files were encrypted before being stored on an untrusted fileserver. Fu [7] do present a CSFS system which enables the sharing of the given access rights. Our approach with regard to using a hierarchical encryption scheme is different from the traditional CSFS approach in that our approach the encryption scheme itself enforces the access structure. This helps by reducing the number of keys that need to be stored/retrieved which guarantees consistent access rights whenever there are different parties writing to the same portion of a record. It also limits the types of the access structure which must be hierarchical one can possibly have. Other works put into consideration how to improve the ease of use of the hierarchical encryption scheme. Miklau and Suciu [14] describe a policy language for cryptographic access control. A model is considered where the particular data is encrypted twice, first by the data owner to reflect the initial permissions and one more time by the server to accommodate the changes in the access permissions. A study conducted at a general internal medicine faculty practice of an urban, academic medical center based in Chicago. A sample of three physicians were currently using the EMR in the examination room were recruited for the survey. The three EMR physicians were all male. Since the focus was on the behavior of the EMR inside the examination room, female physicians were thus not included in the survey. INSTRUMENTS Video Analysis Videotaping was done with a closed-circuit cameras of all the visits of the patients of the study physicians which enabled to analyze the actual form and content of interaction through the use of the SEGUE Framework(Set the stage, Elicit information, Give information, Understand patients perspective, End encounter). The focus was maintained on the six of the SEGUE tasks to evaluate the completeness of information elicited by the study physicians which are: attempts to outline patients agenda, exploration of psychological and emotional issues, discussion of how health affects a patients life, checks and clarifying of information, encouragement of patients in asking questions, and ensuring the completeness of the order at the end. The visit lengths were also noted, laboratory tests done the two major variables that could have an effect depending on type of record used. Sample Between June 1997 and February 198 data was collected from 238 clinical encounters having six physicians. In 18 cases, there was lack of demographic information about patients and in other cases 16 cases, videotapes were inadequate, yielding complete data for a total of 204 patient visits. Patients The study was conducted within a primary care environment characterized with a wide range of patient and health problems. Almost half (49.5%) out of the 204 patients were females. Patients’ ages ranged from 23 to 91 years with a mean of 46.6 years and a median of 42 years [7]. Even though 15.7% of the patients in the control group had at least a single previous encounter with an EMR physicians, a printout of their electronic record was also attached in the paper chart(hence the control physicians never required the computer) Physicians The ages of the EMR physicians too range from 30-44 years. They all indicated having scheduled appointments with new patients within 40 minutes interval and the booking of the return visits at 20-minute interval. RESULTS The table summarizes the extent to which six study physicians were able to accomplish key communication tasks. There was an indication that the EMR physicians checked and clarified information (X2 =6.73, df=1, P Read More