Abstract
Electronic medical records can be defined as a digital format of the traditionally paper-based anamneses, which contains the history of a patient such as his somewhat illness, current health problems, and his chronic treatments. An electronic anamnesis is meant to make the patient’s health information more conveniently accessible and transferable between different medical institutions and also easier to be kept quite a long time. Because of such transferability and accessibility of electronic anamneses, we can use less resource than before on storing the patients’ medical information. This also means that medical care providers could save more funds on record-keeping and access a patient’s medical background directly since shown on the computer screen more quickly and easily. Overall, the service quality has seemingly improved greatly. However, the usage of electronic anamneses involves in some concerned issues such as its related law declaration, and the security of the patient’s confidential information. Because of these concerns, a secure medical networking scheme is taking into consideration. Nowadays, the administrators at the medical institutions are facing more challenges on monitoring computers and network systems, because of dramatic advances in this field. For instance, a trusted third party is authorized to access some medical records for a certain period of time. In regard to the security purpose, all the electronic medical records are embedded with both of the public-key infrastructure (PKI) cryptography and the digital signature technique so as to ensure the records well-protected. Since the signatures will be invalid due to the revocation or time expiration, the security of records under this premise would turn into vulnerable. Hence, we propose a re-signing scheme, whose purpose is to make a going-expired digital signature been resigned in time, in keeping with the premise of not conflicting with the laws, morals, and privacy while maintaining the security of the electronic medical records.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Institute of Medicine, The computer-based patient record, An essential technology for health care, NAP, Washington, DC, 1991(revised 1997).
Rash, M. C., Privacy Concerns Hinder Electronic Medical Records, The Business Journal of the Greater Triad Area, April 4, 2005.
The state of HIPAA privacy and security compliance, AHIMA, April 2005.
http://www.moea.gov.tw/∼meco/doc/ndoc/s5_p05.htm. Business to modernize.
Hospital Administration Commission, Department of Health, 2003.
Wang, D. W., Liu, D. R., and Chen, Y. C., A mechanism to verify the integrity of computer-based patient records. J China Assoc Med Inform. 10:71–84, 1999.
Stallings, W., Cryptography and network security, principles and practice, 3rd edition. Prentice Hall, New York, 2003.
ElGamal, T., A public key cryptosystem and signature scheme based on discrete logarithms. IEEE Trans. Inf. Theories. 31(4):469–472, 1985.
Peyravian, M., Tusdik, G., and Herreweghen, E. V., A Certification Infrastructure for ATM. ATM forum/95–0964, Toronto, 1995.
ISO TS 17090 Health Informatics, Public key infrastructure, Part 1, framework and overview, Part 2, certification profiles, Part 3, policy management of certification authority (revised towards an ISO standards by ISO TC 215 WG 4 in 2004).
AIM (Advance Informatics in Medicine), Secure Environment for Information Systems in MEDicine, SEISMED (A2033)/SP14/HILD/05.07. 95.
NEN-ISO/IEC 10181, 1996 Information technology, Open System Interfacing (OSI), Security Structures for Open System, Part 1–7.
NVN-ENV 12924, 1997 Medical informatics, Division of Security and Protection of Information Systems in Health Care.
NVN-ENV 13608, 2000 Medical Informatics, Security of Communication in Health Care, Part 1–3.
Blobel, B., and Nordberg, R., Privilege management and access control in shared care health information systems and HER. In: Proceedings of the MIE 2003, Studies in Health Technology and Informatics, Vol. 95. IOS: Amsterdam, 2003.
JaJa, J., Robust technologies for automated ingestion and long-term preservation of digital information. Proc 2006 Int Conf Digital Gov Res, ACM Int Conf Proc Ser. 151(14):285–286, 2006.
Zhang, Z. X., Fang, B. X., Hu, M. Z., and Zhang, H. L., Security analysis of session initiation protocol. Int J Innov Comput Inform Control. 3(2):457–469, 2007.
Ding, Q., Pang, J., Fang, J. I., and Peng, X. U., Designing of chaotic system output sequence circuit based on FPGA and its applications in network encryption card. Int J Innov Comput Inform Control. 3(2):449–456, 2007.
Pharow, P., and Blobel, B., Electronic signatures for long-lasting storage purposes in electronic archives. Int J Medic Inform. 74(2):279–287, 2005.
Acknowledgement
This work was supported partially by National Science Council of Republic of China under Grants NSC 97-2221-E-029-015.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Chen, TL., Lin, F.Y.S. Electronic Medical Archives: A Different Approach to Applying Re-signing Mechanisms to Digital Signatures. J Med Syst 35, 735–742 (2011). https://doi.org/10.1007/s10916-009-9414-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10916-009-9414-2