nach oben

Journal of Medical Systems

Erschienen in:

01.06.2012 | ORIGINAL PAPER

A Study on Agent-Based Secure Scheme for Electronic Medical Record System

verfasst von: Tzer-Long Chen, Yu-Fang Chung, Frank Y. S. Lin

Erschienen in: Journal of Medical Systems | Ausgabe 3/2012

Einloggen, um Zugang zu erhalten

Abstract

Patient records, including doctors’ diagnoses of diseases, trace of treatments and patients’ conditions, nursing actions, and examination results from allied health profession departments, are the most important medical records of patients in medical systems. With patient records, medical staff can instantly understand the entire medical information of a patient so that, according to the patient’s conditions, more accurate diagnoses and more appropriate in-depth treatments can be provided. Nevertheless, in such a modern society with booming information technologies, traditional paper-based patient records have faced a lot of problems, such as lack of uniform formats, low data mobility, slow data transfer, illegible handwritings, enormous and insufficient storage space, difficulty of conservation, being easily damaged, and low transferability. To improve such drawbacks, reduce medical costs, and advance medical quality, paper-based patient records are modified into electronic medical records and reformed into electronic patient records. However, since eletronic patient records used in various hospitals are diverse and different, in consideration of cost, it is rather difficult to establish a compatible and complete integrated electronic patient records system to unify patient records from heterogeneous systems in hospitals. Moreover, as the booming of the Internet, it is no longer necessary to build an integrated system. Instead, doctors can instantly look up patients’ complete information through the Internet access to electronic patient recoreds as well as avoid the above difficulties. Nonetheless, the major problem of accessing to electronic patient records cross-hospital systems exists in the security of transmitting and accessing to the records in case of unauthorized medical personnels intercepting or stealing the information. This study applies the Mobile Agent scheme to cope with the problem. Since a Mobile Agent is a program, which can move among hosts and automatically disperse arithmetic processes, and moves from one host to another in heterogeneous network systems with the characteristics of autonomy and mobility, decreasing network traffic, reducing transfer lag, encapsulating protocol, availability on heterogeneous platforms, fault-tolerance, high flexibility, and personalization. However, since a Mobile Agent contacts and exchanges information with other hosts or agents on the Internet for rapid exchange and access to medical information, the security is threatened. In order to solve the problem, this study proposes a key management scheme based on Lagrange interpolation formulas and hierarchical management structure to make Mobile Agents a more secure and efficient access control scheme for electronic patient record systems when applied to the access of patients’ personal electronic patient records cross hospitals. Meanwhile, with the comparison of security and efficacy analyses being the feasibility of validation scheme and the basis of better efficiency, the security of Mobile Agents in the process of operation can be guaranteed, key management efficacy can be advanced, and the security of the Mobile Agent system can be protected.

Safran, C., and Goldberg, H., Electronic patient records and the impact of the Internet. Int. J. Med. Inform. 60(2):77–83, 2000.CrossRef

Calcote, S., Developing a secure healthcare information network on the Internet. Healthc. Financ. Manage. 51(1):68, 1997.

Uslu, A. M., and Stausberg, J., Value of the electronic patient record: An analysis of the literature. J. Biomed. Inform. 41(4):675–682, 2008.CrossRef

Dujat, C., Haux, R., Schmucker, P., and Winter, A., Digital optical archiving of medical records in hospital information systems-a practical approach towards the computer-based patient record. Meth. Inf. Med. 34(5):487–497, 1995.

Rind, D. M., and Safran, C., Real and imagined barriers to an electronic medical record. Proceedings of the Annual Symposium on Computer Application in Medical Care, pp. 74-78, 1993.

van Ginneken, A. M., The computerized patient record: Balancing effort and benefit. Int. J. Med. Inform. 65(2):97–119, 2002.CrossRef

Picco, G. P., Mobile agents: an introduction. J. Microprocess. Microsyst. 25(2):65–74, 2001.CrossRef

Chen, T. S., Chung, Y. F., and Tian, C. S., A novel key management scheme for dynamic access control in a user hierarchy. Proc. IEEE Annu. Int. Comput. Softw. Appl. Conf. 1:396–401, 2004.

Bierman, E., Pretoria T., Cloete, E., Classification of malicious host threats in mobile agent computing. Proceedings of the 2002 Annual Research conference of The South African Institute of Computer Scientists and Information Technologists on Enablement Through Technology, pp. 141-148, 2002.

10.

Corradi, A., Montanari, R., Stefanelli, C., Security issues in mobile agent technology. Proceedings of the 7th IEEE Workshop on Future Trends of Distributed Computing System, Cape Town, South Africa, pp. 3-8, 1999.

11.

Karnik, N. M., Tripathi,, A. R. A security architecture for mobile agents in Ajanta. Proceedings of the International Conference on Distributed Computing Systems, Taipei, Taiwan, pp. 402-409, 2000.

12.

Volker, R., and Mehrdad, J. S., Access control and key management for mobile agents. Comput. Graph. 22(4):457–461, 1998.CrossRef

13.

The State of HIPAA Privacy and Security Compliance. AHIMA, April 2006.

14.

Rash, M. C. Privacy concerns hinder electronic medical records. The Business Journal of the Greater Triad Area, 2005.

15.

Halamka, J. D., Szolovits, P., Rind, D., and Safran, C., A WWW implementation of national recommendations for protecting electronic health information. J. Am. Med. Inform. Assoc. 4(6):258–464, 1997.CrossRef

16.

Lovis, C., Baud, R. H., and Scherrer, J. R., Internet integrated in the daily medical practice within an electronic patient record. Comput. Biol. Med. 28(5):567–579, 1998.CrossRef

17.

Safran, C., Rind, D., Citroen, M., Bakker, A. R., Slack, W. V., and Bleich, H. L., Protection of confidentiality in the computer-based patient record. MD Computing 12(3):187–192, 1995.

18.

Barrows, R. C., Jr., and Clayton, P. D., Privacy, confidentiality, and electronic medical records. J. Am. Med. Inform. Assoc. 3(2):139–148, 1996.CrossRef

19.

Borselius, N., Mobile agent security, electronics and communication. Eng. J. 14(5):211–218, 2002.

20.

Maes, P., Guttman, R. H., and Moukas, A. G., Agents that buy and sell. Commun. ACM 42(3):81–91, 1999.CrossRef

21.

Nechaev, V. I., Complexity of a determinate algorithm for the discrete logarithm. Math. Notes 55:165–172, 1994.MathSciNetCrossRef

Titel: A Study on Agent-Based Secure Scheme for Electronic Medical Record System
verfasst von: Tzer-Long Chen
Yu-Fang Chung
Frank Y. S. Lin
Publikationsdatum: 01.06.2012
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 3/2012
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-010-9595-8

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 3/2012

A Comprehensive Study of Channel Estimation for WBAN-based Healthcare Systems: Feasibility of Using Multiband UWB

Critical Factors Influencing Hospitals’ Adoption of HL7 Version 2 Standards: An Empirical Investigation

Design and Evaluation of a Service Oriented Architecture for Paperless ICU Tarification

Diagnosis of Several Diseases by Using Combined Kernels with Support Vector Machine

Associating Clinical Archetypes Through UMLS Metathesaurus Term Clusters

Energy-aware Gateway Selection for Increasing the Lifetime of Wireless Body Area Sensor Networks