J Med Syst (2015) 39:51 DOI 10.1007/s10916-015-0235-1

SYSTEMS-LEVEL QUALITY IMPROVEMENT

A Security Framework for Nationwide Health Information Exchange based on Telehealth Strategy B. B. Zaidan & Ahmed Haiqi & A. A. Zaidan & Mohamed Abdulnabi & M. L. Mat Kiah & Hussaen Muzamel

Received: 18 November 2014 / Accepted: 13 February 2015 # Springer Science+Business Media New York 2015

Abstract This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.

This article is part of the Topical Collection on Systems-Level Quality Improvement B. B. Zaidan : A. Haiqi : M. Abdulnabi : M. L. M. Kiah : H. Muzamel Faculty of Computer Science and Information Technology, University of Malaya, 50603 Kuala Lumpur, Malaysia A. A. Zaidan (*) Department of Computing, Faculty of Arts, Computing and Creative Industry, Universiti Pendidikan Sultan Idris, Tanjong Malim, Perak, Malaysia e-mail: [email protected]

Keywords Electronic health record . Health information exchange . Security . Privacy . Cloud computing . Nationwide health information network

Introduction Beyond the adoption of electronic health records (EHRs) in the medical domain, nations now look forward to reaping the full potential of digitizing patient records and computerizing the medical care process for instant access to health information in the right place at the right time and in usable format. This goal involves fully interoperable, patient-centered, and easy- to-use systems, as demonstrated in [1]. Interoperability implies the ability to exchange health information and realizes the social benefits promised by the adoption of EHRs [2]. Exchanging information requires transmitting data via some networking technology, aside from the critical role of developing and promoting health standards [3]. The substantial net value can be obtained if health information exchange (HIE) is fully implemented [4]. HIE has received considerable attention in both academic research and governmental initiatives. A good source for the history of early efforts in HIE until late 2010 is [5]. Regardless of the model of exchange, the concept of sharing patient data with several entities always raises concerns on patient privacy and security. Our aim in this study is to address those concerns in the context of a nationwide HIE network.

51

J Med Syst (2015) 39:51

Page 2 of 19

Fig. 1 Conceptual framework of the study

Before proposing a general framework for secure HIE, we first review the available encryption and data exchange solutions for selecting the most appropriate combination of technologies that fit nationwide HIE needs. We then present our vision of a secure nationwide health information network. Figure 1 presents the conceptual framework of this study.

depicted in Fig. 2. Thus, the concept of EHR essentially captures the idea of HIE. We explicitly distinguish between the two concepts in the discussion in later sections. For example, some of the promoted benefits of HIE must consider the type of electronic records being discussed because a difference may be implied. In any case, a secure and efficient storage and the means for retrieving and transmitting data must be in place to manage either EMRs or EHRs. In addition, EHRs are inevitably interoperable.

HIE Electronic Medical Records (EMRs) vs. EHRs

EHRs when exchanged

EMRs are essentially the digital versions of paper-based charts and other clinical data of patient encounters in a care delivery provider (CDO). They belong to an individual CDO and record the treatment history of individual patients. EMRs may contain provider-specific data not meant to be shared. EMRs are constitute the basis for HIE plans, and any talk of furthering the levels of healthcare IT before implementing effective EMRs is tantamount to putting the Bcart before the horse^ [6]. EHRs entail more comprehensive implications for the continual and life-long healthcare of an individual. The previous reference states that, BEHR represents the ability to easily share medical information among stakeholders and to have a patient’s information follow him or her through the various modalities of care engaged by that individual.^ In this view, EHRs are the entities that cross the borders and are assumed to be a suitable subset of EMR, which the patient owns, as

Despite its conceivably enormous benefits, EHRs have one major disadvantage that remains unresolved. The health providers involved in EHRs constitute a heterogeneous mixture, and each has its own respective set of technologies and policies, which in turn lead to the lack of interoperability. Sharing patient and healthcare information across provider boundaries is difficult. Even when such sharing is achievable, the incompatibility between system formats and coding is still likely, which in turn renders the exchange useless. The current situation resembles a fragmentation problem in which data are fragmented across many sectors. As a result, the global context of health information is not obtained, and great potential advantages are lost. This fragmentation is a fundamental contributor to the increased spending and poor overall performance of the healthcare system [7]. The results are lack of accountability, medical errors, wastes, and duplications.

Fig. 2 EHRs are the transferrable entities, whereas CDOs own EMRs

J Med Syst (2015) 39:51

The ability to interchange health information across interoperable electronic records systems improves healthcare quality and efficiency, aside from many other rewards in research and health management. Potential stakeholders that benefit from this data exchange include hospitals, skilled nursing facilities, clinics, private physician offices, pharmacies, laboratories, radiology facilities, health departments, and the patients themselves [8]. If this exchange is integrated in a nationwide context, then the benefits can become conceivably rewarding to the point that, as phrased in [4], Bthere is a business case to be made for spending money on a fully standardized nationwide system.^ Researchers even suggest a comparative case of health information networks for the shipping and banking business [8]. Under the condition that both private and public sectors contribute significant investments, the authors in [9] expect these solutions to undergo the same advances in other industries, such as telecommunications, as deployed in the past. The following subsection briefly summarizes the frequently reported benefits of nationwide HIE in the literature.

Page 3 of 19 51

and completeness of administrative data are good. However, such benefits are associated with data related to CDO practices and procedures, which may not be reflected in EHRs, given our earlier distinction. However, sharing administrative data implies the question of who will use such data? The exchange model for such data and the classification of this model under the umbrella of HIE determine whether governments give third-party entities a Bwindow^ to the data or restrict their access to the data.

Cost reduction Healthcare costs can be reduced if duplicate tests are eliminated [12]. Duplicating tests results from ignorance of examination results that have been performed elsewhere or from an incentive for fee-for-service payment [10]. For example, HIE use in the special case of back pain emergency evaluation is associated with 64 % lower odds of repeated diagnostic imaging, as indicated in [13]. However, no cost savings are generally gained because of the increased CT imaging when healthcare providers use HIE.

Research resource A natural byproduct of available clinical and administrative data is an increase in the source of datasets [15]. Datasets fuel research in many disciplines, and many researchers have discussed the use of large databases of aggregate medical data in health information networks for research. Combined with data mining and statistical analysis tools, these repositories of health information can greatly advance medical knowledge, healthcare quality, and good strategic management. The digital tracking of health information facilitates observing trends in the general population and tracking successful (and less successful) treatment methods [7]. The authors in [16] discuss the benefits of a clinical warehouse with data mining tools for collecting data for a radiotherapy trial, whereas [17] reviews the current status of reusing electronic patient records for dental research. Using the routinely collected EMRs for pediatric clinical research is inspected in [18], which finds that one barrier to this use is that pediatric health data are collected for the purpose of clinical documentation and billing rather than research. This barrier gives rise to issues, such as accuracy, completeness, compatibility between settings, and ease of extraction, which also apply to medical records in different healthcare fields [19]. Safran et al. [15] discuss the secondary use of health data and apply personal health information for uses outside direct healthcare delivery. These uses include activities, such as analysis, research, quality and safety measurement, public health, payment, provider certification or accreditation, marketing, and other business applications. Data mining in the medical domain is unique. The authors in [20] emphasize this uniqueness because medicine is primarily directed at patient care, and research is only a secondary goal. Moreover, researchers from other fields may not be aware of the special constraints associated with privacy-sensitive, heterogeneous, but voluminous data of medicine. Nevertheless, medical data mining, as the authors note, can also be most rewarding. The aforementioned benefits are subject to moral justification for using personal data without informed consent in many cases, which is a crucial consideration [21].

Assessing quality of care Using administrative data in assessing healthcare quality has been suggested in [14]. Administrative functions are currently mature, and the accuracy

Organizational benefits HIE is also associated with overall organizational gains because hospitals that implement HIE are associated with high patient satisfaction [22].

Benefits of HIE Safety Healthcare is likely to be safe if information, such as allergies and current medications, are known when new treatments are ordered [10]. Emergency care can be particularly safe if health information is exchanged, as indicated in [8]. According to [11], up to 18 % of patient safety errors and as much as 70 % of adverse drug events can be eliminated if the right information for the right patient is available at the right time. HIE can make this situation possible. Timeliness Time can be saved if a consultant or emergency room physician can verify information from the records of the primary care provider rather than gathering this information from scratch [10]. Saving time in this manner may also imply saving patients from frustration and inconvenience and even their very lives when timely critical response is needed. This advantage is particularly applicable for historical information and in cases of recent diagnoses.

51

Page 4 of 19

Patient perception Considering patient perceptions on sharing their health data is also important. A pilot program was conducted in South Korea to study patient perceptions of HIE [23]; the authors reported that despite the concern of patients on information safety and security, respondents in all the surveyed groups indicate an acceptance of and willingness to endorse HIE technology. The major factor of the positive support is the perceived benefit of convenience when redundant procedures are eliminated, rather than the perceived improvement in quality or savings in costs. Security and privacy Patient health information is highly sensitive from the perspective of privacy; confidentiality is therefore a major concern in any healthcare record system. Securing the integrity of medical records is important because the life of the patient may depend on the correctness of the health information. The availability of health data when needed is also at the heart of the whole idea of HIE. Accountability and access control are two important measures of authorizing and auditing access to medical records. All these requirements are essential in any electronic health system and increasingly persist when data are brought outside their original domain and shared with external parties. Allowing users to access information from virtually anywhere essentially expands the universe of ineligible intruders, which severely complicates the design and implementation of a secure system [24]. Extensive research has been conducted on the security issues arising from HIE. Many researchers have suggested secure exchange solutions and security architectures and models for interconnected and distributed health information systems [24–28]. A few researchers have also recently attempted to tailor specific security frameworks in the context of nascent nationwide health information networking initiatives, such the US initiative [7], or to suggest novel solution frameworks to meet the challenges of electronic health interconnected infrastructure [9].

HIE in a nationwide context General approaches A model of interconnectivity is needed to enable nationwide HIE. Given the non-functional requirements of security, privacy, and interoperability, and the non-technical issues of data ownership and business competition, several approaches may be adopted to achieve the goal of a nationwide health information network. In the USA, proponents of this kind of network have noted that a centralized government database of

J Med Syst (2015) 39:51

personal health information should not be included, but this network should help to connect existing sources of distributed electronic health data in the framework of a secure network [8]. The Office of the National Coordinator for Health Information Technology has funded the development of the Nationwide Health Information Network (NwHIN): a set of standards, services, and policies that enable secure HIE across the Internet [29]. The design of the US NwHIN model was initiated with a focus on integrating existing community-based regional health information organizations into a system linked through common protocols [30]. The strategy was later changed into an approach similar to that of Internet-like and web-based services, thereby promoting point-to-point information exchange through standards and interoperability initiatives, such as DIRECT [31]. This approach is called a Bbottom-up^ strategy, in contrast to a centralized Btop-down^ strategy [32]. From [30], the approach followed in the USA is unique. Other countries have adopted a centralized option where government entities have the primary responsibility for information exchange. In the UK, the National Health Service (NHS) manages the development of standards and production of electronic health records systems and services, connectivity, and software services for nationwide data exchange [30]. As stated Coiera in [32], we thus have two parallel experiments in the USA and UK, which represent two opposing approaches to building an NHS. He also suggested a third Bmiddle-out^ approach in which the government sets the stage but does not mandate immediate compliance to a set of unified technical goals and underpinning standards. A critical element in this third approach is moving toward a semi-private and government-funded corporation [30]. The Malaysian telehealth approach A quick look at the Malaysian experience of eHealth reveals a Btop-down^ approach led and supervised by the Ministry of Health (MOH). The government initiative began with the Telemedicine Blueprint in 1997 [33]. MOH implemented this initiative in several stages, during which the term was changed into Telehealth [34]. Its aim was to establish a flagship project that encompasses all the services that can be provided via multimedia networks and a range of network-based information technologies for stakeholders to access, manage, or deliver healthcare. As stated in the initial blueprint, BInformation and other services will become more virtual, more distributed, resulting in better, more timely, and more efficient healthcare delivery.^ BVirtual^ here means that the physical presence of the patient and/or the physician is not required, and Bdistributed^ means that the information is accessible anywhere when needed. MOH restructured the Malaysian Telehealth several times to reflect evolving needs and gained experiences [35]. In

J Med Syst (2015) 39:51

2000, a special unit under the ministry was established to implement the telehealth flagship project. This unit was named Telehealth Division to reflect its purpose and had several pilot projects. Some of these projects targeted healthcare professionals, including continuing medical education and teleconsultation; others provided individuals with personalized continual care and high-quality health information. As indicated in [36], these projects cover all aspects of healthcare service delivery, including Lifetime Health Record (LHR), Lifetime Health Plan, Group Data Services (GDS), Health Online (MyHEALTH Portal), Continuous Professional Development, Teleconsultation, and Consumer relation management. The LHR project is a cornerstone project in the context of a continuous care delivery. These records are collections of health information on an individual patient that captures data from the patient himself/herself and his/her healthcare provider for the use of all caregivers from birth to death [37]. Figure 3 shows the relative positions of these projects in the Malaysian Health ICT Framework [37]. The lower layer, which is the operational layer, corresponds to EMRs, following our earlier definition. The collaborative layer has components that resemble EHRs, which are centrally stored in data repositories where integration (collaboration) between different stakeholders occurs. In this layer, the data warehouse component is a typical place to perform data mining techniques for research purposes. The uppermost layer is the consumer layer where the government provides specific Bwindows^ to the central databases for the public, including patients and healthcare professionals. We also propose adding a research portal, which serves as a Bwindow^ for governmental and academic researchers into the data warehouse of the second layer and which is mostly implemented as a web portal. The operational layer includes the deployment of HIS and Clinic Information Systems (CISs) in hospitals and clinics, respectively. The crucial function of interoperability was shown in the deployment of the first system in which MOH assigned several vendors to build applications, the integration

Page 5 of 19 51

of which resulted in a problem. In 2007, MOH introduced the Integrated Health Enterprise (IHE) framework. This framework introduced in turn BConnectathon^: a (CONNECTivity marATHON), which MSC Malaysia and the Ministry of Health jointly organized, and during which the vendors or healthcare service providers that have developed data sharing solutions tested the compliance of their offerings based on HL7 standard in a realistic and live interoperability environment [38]. Several requisites must be met to realize integration: standards for data, messages, documents, and workflows [37]. Furthermore, a central engine for integration is important to implement central repositories. Data and message international standards must be adopted (e.g., ICD 10, MDC, and DIC, for data, and HLZ and CDA for message formats). As an initial proof-of-concept document standard for LHRs, discharge summaries may be chosen to serve a function. Discharge summaries are minimal records of physical examination, previous history, laboratory investigation, diagnosis, and treatment of the patient, which ensure the continuous delivery of healthcare. In this manner, LHRs correspond to our definition of EHRs and depend on HIS and CIS applications, which are associated with EMRs. Considering the importance of developing an integration engine and the previous difficulties encountered in implementing such engine, MOH began a new initiative in 2008 with funding from Multimedia Development Corporation. The new project is known as the Malaysian HIE (MyHIX). MyHIX is the integration engine in the IHE framework, and it implements the sharing of patient discharge summary among the facilities of the MOH using HIS and CIS application systems. Initially, MyHIX was implemented as pilot projects in four hospitals, after which one more hospital and another clinic was included. The process flow of MyHIX is depicted in Fig. 4. Since 2012, the project has been placed under the national research and development center of Malaysia in ICT, MIMOS [39]. In summary, the Malaysian experiment tends toward a centralized approach, where the health ministry represents the government (and the Telehealth Division in particular), which leads and supervises the implementation of the nationwide health information network. Apart from the merits or demerits of such strategy, we consider a compliant architecture when devising a security framework. For a thorough discussion of the nationwide HIE approaches and their consequences, we refer the reader to [10, 22, 32].

Encryption and data exchange solutions

Fig. 3 Malaysian Health ICT Framework [37]

Encryption is the key to secure transmitted data [40–48]. Some of the popular existing encryption algorithms are discussed in this section. To propose a new secure

51

J Med Syst (2015) 39:51

Page 6 of 19

Fig. 4 MyHIX integration process flow [37]

transmission framework for HIE, we briefly review these algorithms and evaluate them against the security properties of privacy, confidentiality, non-repudiation, authentication, resistance against quantum attacks, interactive security functionality of scalability, integration, key exchange, and availability [49–54]. We also review the most popular data exchange technologies and standards. Encryption algorithms RSA algorithm The Rivest, Shamir, and Adleman (RSA) algorithm is one of the most widely accepted and implemented public-key, blockcipher encryption algorithms; it was developed in 1977 and first published in 1978 [55]. This algorithm is based on the idea that factorizing integers into their prime factors is difficult. In practice, RSA has proven to be effective when correctly implemented. Despite the fact that several attacks have been reported over the years, they mostly illustrate the dangers of the improper use of RSA [56]. However, the proper implementation of security algorithms is always a nontrivial task. The general brute force attack, known as attacks on RSA, includes mathematical [57], side-channel timing [58], and short plaintext attacks [59]. For a discussion of various attacks on RSA, we refer the reader to [56]. Large key sizes should be used to defend against integer factoring and brute-force attacks. A slow performance is expected from large key spaces because of the complex computations involved in encryption/decryption and key generation. In general, public-key cryptography is inferior to private-key and symmetric cryptography, and RSA is approximately a thousand times slower than the older Data encryption standard (DES) algorithm [60]. Therefore, RSA is used mainly for key management and digital signatures applications. ECC Elliptic curve cryptography (ECC) is an approach to public key cryptography based on elliptic curves over finite fields [61]. Neal Koblitz and Victor Miller separately proposed ECC as a competitor of RSA in 1985. The main advantage of ECC over RSA is that the former offers equivalent security

with small key sizes, which results in fast computations, low power consumption, and memory and bandwidth savings [62]. This algorithm is particularly useful for mobile devices that are typically limited in terms of their CPU, power, and network connectivity. With a 160-bit modulus, an elliptic curve system offers the same level of cryptographic security as that of RSAwith 1024bit. The small key sizes result in small system parameters, small public-key certificates, bandwidth savings, fast implementations, low power requirements, and small hardware processors [63]. Apparently, the only advantage of RSA over ECC is that the cryptographic applications of the latter have been recently noticed more, and the former is more ubiquitous and tested. RSA has been well researched and has been the topic of many seminal theses [64]. NTRU NTRU was introduced as a new standard for public key cryptography in 2009. If features reasonably short and easily created keys, high speed, and low memory requirements. NTRU encryption and decryption use a mixing system from a polynomial algebra combined with a clustering principle based on elementary probability theory [65]. NTRU has several advantages relative to RSA and ECC, such as similar security level with smaller key sizes, faster speed, faster key generation, and less computation power. Although NTRU is faster than RSA and ECC, it is approximately 20 times slower than the advanced encryption standard (AES), as expected from a public-key cryptography algorithm [66]. By contrast, factoring and discrete logarithm-based cryptography continue to dominate the market, and the NTRU family of cryptographic algorithms are the most practical alternatives, given that they are not vulnerable to attacks and use Shor’s algorithm [67]. Thus, NTRU appears to be resistant to quantum attacks. AES algorithm AES is an encryption specification established by the U.S. National Institute of Standards and Technology (NIST). In 2000, NIST selected the Rijndael algorithm [68], which was

J Med Syst (2015) 39:51

developed by the two Belgian cryptographers Joan Daemen and Vincent Rijmen for this standard specification [69] after a 3-year competition. The Rijndael algorithm is a symmetric block cipher that uses cipher keys with lengths of 128, 192, and 256 bits. AES is the best known and most widely used block cipher. Although AES-128 has no known attacks that are faster than an exhaustive search, AES-192 and AES-256 were recently shown to be vulnerable to attacks that require less time than an exhaustive search. However, these attacks are completely non-practical or are applicable only in reduced versions of the standard; thus, they do not seem to pose any real threat to the security of AES-based systems [70]. AES is a fast cipher that works well across all platforms [71]. The AES algorithm has the disadvantage of being a symmetric algorithm, which requires a secure channel through which to exchange the encryption keys. Blowfish (Cipher) Blowfish is a symmetric block cipher developed by Bruce Schneier in 1993 [72, 73]. Blowfish is a fast, compact, and simple cipher. It uses variable-length keys from 32 bits to 448 bits and is suitable only for applications in which the key does not change often, such as a communication links. Since its introduction in 1993, the Blowfish algorithm has been regarded as a strong algorithm. However, some attacks are possible for certain poor choices of keys [74]. RC6 RC6 is another type of symmetric key block cipher designed to meet the requirements of AES [75]. RC6 is based on RC5 [76], which was modified to meet the AES requirements through increased security and improved performance. RC6 was designed to thwart the theoretical attacks published on RC5. This algorithm was one of the five finalists in the AES competition and is patented by RSA Security [77]. SHA-1 The US National Security Agency designed the Secure Hash Algorithm (SHA-1), which NIST published as a secure standard in 1993 and then revised in 1995 [78]. This standard specifies a secure hash algorithm for computing a condensed representation of a message or a data file. When a message of any length < 264 bits is integrated, the algorithm produces a 160-bit output called a message digest. SHA-1 is the most widely used algorithm among the three existing SHA hash functions: SHA-0, SHA-1, and SHA-2. Since its publication, SHA-1 has been adopted by many government and industry security standards for digital signatures and as an important component in other cryptographic schemes and protocols, such as user authentication, key

Page 7 of 19 51

agreement, and pseudorandom number generation. Collision search attacks on SHA-1 can be 2000 times faster than brute force [79], which suggests that the algorithm is not secure enough for continued use in the future; thus, using SHA-2 and SHA-3 is encouraged. Data exchange technologies Extensible Markup Language (XML) XML is a simple text-based format for representing structured information, such as almost any kind of document or record. It is one of the most widely-used formats for sharing structured information today: between programs, between people, between computers and people, both locally and across networks [80]. XML is currently considered as the universal language for data transmission or exchange over the Internet. Several standards are establishing a framework for integrating security into domain-specific XML-based applications [81]. XML Signature, XML Encryption, and XKMS can help create a secure environment for XML [80]. Any XML-based solution is flexible because XML is platform and language independent and therefore has the ability, along with other technologies, such as SOAP, to provide cross-platform integration with any other systems [82]. These features of flexibility, simplicity, and interoperability make XML an excellent language for data exchange over the Internet [83]. SOAP SOAP is an XML-based, lightweight protocol for exchanging structured information in a decentralized and distributed environment [84]. Similar to XML, SOAP can be used for communication across the Internet regardless of the platform and programming language. SOAP does not directly provide any mechanisms for dealing with access control, confidentiality, integrity, and non-repudiation. However, SOAP is extensible, and such mechanisms can be provided as extensions [85]. SOAP fully inherits the openness, scalability, and availability of XML because the former is a protocol that communicates using the latter [86]. XML Key Management Specification (XKMS) Key management, which is sometimes referred to as key establishment, is a method in cryptography in which cryptographic keys are exchanged between users when they wish to exchange encrypted messages. For example, if the cipher is a symmetric key cipher, both users need a copy of the same key. If the cipher is an asymmetric key cipher with the public– private key property, both users need the public key of the

Symmetric crypto

RSA & SHA-1 NTRU & SHA-1 ECC & SHA-1 AES & SHA-1 RC6 & SHA-1 Blowfish & SHA-1 NTRU, AES, & SHA-1 NTRU, SHA-1, & XML/SOAP AES, SHA-1, & XML/SOAP NTRU, AES, SHA-1, & XML/SOAP

NTRU ECC Blowfish AES RC6

√ √ √ √ √ N/A Confidentiality √ √ √ √ √ √ √ √ √ √

√ √ √ √ √ N/A Privacy √ √ √ √ √ √ √ √ √ √

√ √ x x x √ Integrity √ √ √ √ √ √ √ √ √ √

Integrity √ √ √ x x x N/A Non-repudiability √ √ √ x x x √ √ x √

Non-repudiability √ √ √ √ √ √ √ Authentication √ √ √ √ √ √ √ √ √ √

Authentication √

√ x √ √ √ √ Quantum attacks resilience x √ x √ √ √ √ √ √ √

Quantum attacks resilience x

√ √ N/A N/A N/A N/A Key exchange √ √ √ x x x √ √ √ √



Key exchange

Page 8 of 19

SHA-1 Possible hybrids S1 S2 S3 S4 S5 S6 S7 S8 S9 S10

RSA

Confidentiality √

Security Privacy √

Evaluation matrix of cryptographic algorithms with possible hybrids

Asymmetric crypto

Methods

Table 1

51 J Med Syst (2015) 39:51

J Med Syst (2015) 39:51

Page 9 of 19 51

Fig. 5 Hybrid of PKI with hash function (1st design)

other. While the users exchange keys, secrecy must be maintained in such a way that no one else can obtain the keys. Public key cryptography can provide this property if each user has access to the public key of the other. Public key infrastructure (PKI) uses digital certificates as a means of exchanging trustworthy public key information [87]. XKMS is a protocol developed by W3C, which describes the distribution and registration of public keys. XKMS is a web service that provides an interface between an XML application and a PKI [88].

reasons, we must combine NTRU and SHA-1 (for message integrity and authentication) with a symmetric algorithm. AES is the best candidate among the other symmetric cipher algorithms. AES can also be the cipher of choice when key distribution is not an issue (e.g., encryption within a LAN). Converting data into a unified XML format (using SOAP or otherwise) and applying the same cryptographic settings above are always possible.

Evaluation matrix

This section presents several arrangements by which the suggested cryptographic hybrids may be implemented. The designs are categorized into three classes: public-key algorithms with hashing, private-key algorithms with hashing, and the combination of public- and private-key algorithms with hashing. For each of these classes, integrating XML/SOAP is possible and straightforward for data exchange.

Proposed hybrid settings

Table 1 summarizes the entire security requirements and other security features of the algorithms discussed above. The symbol √ indicates that the algorithm supports the corresponding feature, and the symbol x denotes the opposite. The symbol N/A indicates that the feature is not applicable. The table above shows that Settings 2, 7, 8, and 10 seem to fulfill all security requirements. Any of the presented algorithms work well in reality, and most of them are standardized algorithms widely used in commercial products and governmental bodies. In the future, the NTRU family of algorithms is deemed to be resilient to quantum attacks, and they form a key ingredient in all the four candidate settings. The NTRU algorithm is lightweight, fast, and enjoys smaller key sizes compared with other public key algorithms, but cannot compete with the speed of symmetric algorithms. In addition, NTRU suffers from message expansion, in which the plain text block is N log2 p bits, whereas the cipher text block is N log2 q bits, and q will always be considerably larger than p [65]. For these

Hybrid of PKI algorithm with hash function (S1, S2, and S3) Three settings are included in this category: S1, S2, and S3. These settings involve a public-key encryption algorithm, which is to be implemented in the context of a PKI. PKI solutions provide a strong security design with a core mechanism that maintains confidentiality, integrity, and non-repudiation. PKI has a limitation when more than one service provider is present {Medani, 2011 #93}. For example, if there are two different hospitals and each hospital is registered with a different PKI, then authenticating, exchanging keys, or transferring data across one another is not easy unless a middleware

Fig. 6 Hybrid of symmetric algorithm with hash function

H [EHR]

H EHR

DS

ES

Compare

S S EsS [(H [EHR]) ||EHR]

H EHR

51

J Med Syst (2015) 39:51

Page 10 of 19

Fig. 7 Digital envelope technique ES

EHR

||

S EP

S EsS [EHR] || EnBPuK [S]

BPuK

ð1Þ

where En is encryption, BPuK is the receiver public key, APrK is the sender privet key, H(EMR) is the application of the hash function to the EHR, | | is concatenation, EP is the public key encryption, and DP is the public key decryption. This configuration also provides a digital signature that confirms the Fig. 8 Digital envelope with XML parsing

EP

BPrK

or a trusted third party is involved to guarantee the exchange. This problem can be handled if the protocol involves special connectors of the XML/SOAP type, as covered by subsequent settings. More increasingly believed, NTRU performs better in terms of speed and usability than other PKI algorithms, such as ECC and RSA. NTRU has not received successful attacks, unlike RSA and ECC. EHRs contain sensitive data that must be kept confidential for long periods. Considering that NTRU is the only PKI algorithm that resists quantum attacks, it is the only PKI solution that is sustainable in the long term. The setting is depicted in Fig. 5. This scenario is designed to maintain the integrity by adding the hash code of the original message to avoid any manipulation during the transmission and by encrypting the hash using the sender private key. After concatenating the encrypted hash code with the original message, the resultant concatenation is encrypted again using the receiver public key as follows: A→B ¼ E n BPuK ½E n APrK ÞH ðEHRÞð∥EHR

EHR

ES

identity of the sender because no one else can encrypt the hash digest with the sender private key. The inverse process is performed at the other end, where the private key of the receiver is used to decrypt the encrypted cipher with the sender public key and the public key of the sender is used to decrypt the hash code encrypted with the sender private key. The sent hash is compared with the hash of the decrypted plain record to check for integrity.

Hybrid of a symmetric algorithm with hash function (S4, S5, and S6) Symmetric encryption algorithms provide only confidentiality. However, these algorithms are faster than PKI algorithms. Thus, encryption is the better choice than PKI when the requirement is limited to confidentiality. AES is widely recommended among symmetric algorithms; therefore, AES is viable for securing EHRs. A major problem with symmetric algorithms is the key exchange or key-sharing problem. Any disclosure of the secure key may risk the disclosure of the whole communication. One possible solution is to generate a key per request and exchange the key via PKI, which is discussed in the next subsection. In settings S4, S5, and S6, the records are concatenated with the hash codes of the same records and are then encrypted using the shared secure key as in Eq. 3 and Fig. 6. A→B ¼ E s S ½ðH ½EHRÞ∥EHR

ð2Þ

J Med Syst (2015) 39:51 Table 2 Providers of cryptographic algorithms used in our POC demo implementations

a

http://tbuktu.github.io/ntru/

Page 11 of 19 51

Cryptographic algorithm

Involved Settings

Provider(s)

SHA-1 RSA ECC NTRU AES

S1 – S10 S1 S3 S2, S7, S8, S10 S4, S7, S9, S10

Java Cryptography Extension (JCE) Bouncy Castle Crypto package Bouncy Castle Crypto package Open source NTRU implementationa Java Cryptography Extension (JCE)

RC6 Blowfish

S5 S6

Java Cryptography Extension (JCE) Java Cryptography Extension (JCE)

Hybrid of PKI algorithm with symmetric algorithm and hashing (S7)

A→B ¼ E s S ½EHR∥E n BPuK ½S 

Public key encryption is used to overcome the limitation of symmetric encryption in establishing shared secret keys. One approach is the Diffie-Hellman key exchange protocol. Another widely used technique to protect symmetric keys is the digital envelope. In this technique, the message (e.g., an EHR record) is encrypted through a symmetric algorithm using a one-time secret key. The secret key itself is then encrypted using an asymmetric encryption and the public key of the receiver. Both the encrypted message and encrypted key are sent. In this way, the public key encryption protects the secret key, while the efficient symmetric encryption ensures the confidentiality of the message. This approach is shown in both Fig. 7 and Eq. 3:

In all of the above situations, converting the messages first into a standardized or otherwise agreed-upon format, which is most probably an XML-based representation (e.g., HL7), is possible and facilitates interoperable data exchange. At the receiver, the tags are parsed, and the data are extracted after the decryption process. The idea is to provide a common format through which to exchange potentially diverse native record formats at each communication end. Figure 8 illustrates the concept of the digital envelope in Fig. 7, which implements S10 in Table 1. The following equation for such case can describe the process at the sender:

Fig. 9 Overall design of the proof-of-concept client–server application that implements the proposed cryptographic settings

ð3Þ

51

J Med Syst (2015) 39:51

Page 12 of 19

Fig. 10 Using Mirth Connect as an XML transformer

Encrypt Text

Mirth Channel

A→B ¼ E s S ½PfHERg∥En BPuK ½S 

ð4Þ

where P{} denotes the XML parser and converter. Discussion The settings proposed above are all theoretically conceivable and sound. However, cryptographic solutions often have to confront many practical considerations during actual implementation. To attest the settings from a practicality standpoint, we implemented them in a proof-of-concept client–server application using Java language and the implementations of cryptographic algorithms from three providers, as detailed in Table 2. We provide below a summary of the experimental

Fig. 11 Sample snapshot of profiling while executing the S2 setting

XML

Cipher

Client XML

Decrypt Mirth Channel

Serve Text

setup and lessons learned from the experiments. We also provide a rough comparison of the relative performances of the algorithms in each setting based on program profiling statistics. The exchanged data are sample text-based patient records with sizes of approximately 1 kB. The client side implements all the settings in different Java classes, each of which is an independent thread. The application can run in a singlethreaded mode, in which each setting is executed separately in a sequence that sends encrypted data to the server, or in a multi-threaded mode, in which all setting threads run in parallel (as much as one can obtain from a single processor) and send their data to the server at once. The purpose of the latter configuration is to simulate real-world load on servers, although this design aspect is not critical in our experiments, whose main focus is to explore the applicability and practical

J Med Syst (2015) 39:51 Table 3

Page 13 of 19 51

Technical specifications of the experimental environment

Prog. language

Operating system

Host laptop

CPU

RAM

IDE

Java 7

Windows 7 32-bit

HP Pavilion

Intel core2 duo T6600 2.20 GHz

3 GB

Eclipse Helios 3.6

aspects of implementing different settings and their relative performances. Figure 9 shows the overall design of the application. We use the Mirth Connect open software [89] to transform data to and from the XML at each end before and after encryption and decryption, respectively, thereby integrating XML for interoperable data exchange. The other parts of the settings that involve XML parsing are identical to earlier settings in cryptographic functions. The use of the Mirth Connect channel concept is illustrated in Fig. 10. Programs can be dynamically analyzed, such as by tracking their methods and measuring execution times, using programprofiling programs. In this way, measurements that reveal the relative performances of the different algorithms in various settings are obtained. For this purpose, the JVisualVM profiler provided with Java JDK 7 is used. Figure 11 illustrates a sample screenshot of this tool while profiling the S2 setting. All experiments were conducted using the components detailed in Table 3. Table 4 presents the results of different profiling settings with regard to the execution time of the core operations. Core operations include encryption, decryption, hashing, and signature verification. Implementing the settings in such an experimental setup quickly reveals the limitations of cases that utilize only public key encryption. Blocks of input messages are limited from the allowed size to approximately the size of the encrypting key. This enforcement causes the extra burden of message slicing

Table 4

and padding to the implementer. Chaining message blocks in symmetric algorithms is conducted using the implementations available in cryptographic packages through specific modes. The performance of public key algorithms is also significantly larger than that of their symmetric counterparts. These observations indicate that using hybrid settings of symmetric and asymmetric combinations is more attractive than using other settings that have only one algorithm type.

A secure nationwide health information network Network architecture As mentioned earlier, data should be accessible to multiple stakeholders, including (other) care providers, patients, and even researchers, in the ultimate nationwide health information network. In a single care unit (e.g., hospital or clinic), the EMR system (e.g., HIS/CIS applications in Malaysian Telehealth terminology) may serve unit physicians through a LAN and ensure the proper access control of records in the server. Shared or not, data must be protected against loss via data redundancy. This method also ensures service availability in case of link or device failures. The situation may resemble Fig. 12(a) with a backup server.

Rough comparison of the performance of the core operations of cryptographic algorithms

Setting

Algorithm

Core operation

Method

Timea (ms)

Total setting thread timea (ms)

S1

RSA SHA-1 ECC

Decryption Hashing Decryption Sig. verification Decryption Sig. verification Decryption Hashing Decryption Hashing Decryption Hashing Decryption Decryption Hashing

doFinal() update() doFinal() verify() decryptl() verify() doFinal() update() doFinal() update() doFinal() update() decryptl() doFinal() update()

316.33 0.035 147.33 1365.67 38.9 24.8 0.514 0.069 2.34 0.048 0.478 0.042 13.8 0.515 0.065

3132.67

S2 S3 S4 S5 S6 S7

a

NTRUEncrypt NTRUSign AES SHA-1 RC6 SHA-1 Blowfish SHA-1 NTRUEncrypt AES SHA-1

Each execution time is the average over three runs

4787.33 123.67 537.33 2863.33 446 495.33

51

J Med Syst (2015) 39:51

Page 14 of 19

Fig. 12 LAN of a single care unit (a) and the same LAN with a connection to the outside world (b)

To provide access to the outside world, suitable measures should be considered for network security (e.g., firewall and IDS). Furthermore, no direct access to the internal network should be granted, and shared information should be typically provided to other parties in dedicated web portals (or special databases) through the Internet. Some stakeholders, particularly patients, can use their mobile devices to retrieve their medical data (perhaps using wireless cellular networks). Figure 12(b) presents the situation.

Fig. 13 Multiple branches connected via a local cloud managed by the hospital

(a)

(b)

Large hospitals can manage many branches, and each can have its own local version of an EMR system and health information database. Again, each branch needs a backup mechanism and an external web portal. Alternatively, if the sole purpose is to share information between these branches exclusively, a VPN may be utilized. However, access from outside the jurisdiction of the hospital network should be handled for HIE in the context of a nationwide network. One possible solution is for the hospital to manage a local cloud-

J Med Syst (2015) 39:51

Page 15 of 19 51

Fig. 14 Architecture of a centralized BNationwide Health Information Network^

like data center to aggregate the health information of the branches, and outside access may be granted to these branches (Fig. 13). We have assumed that all the branches of a health provider run identical or compatible EMR systems. However, the fragmentation problems discussed earlier still apply when information is exchanged with other providers, such as running incompatible systems or proprietary standards. We have also assumed that every single healthcare provider can afford and manage backup mechanisms, security measures, quality of

service, and comply with the common standards of data content and communication protocols, which is often not the case, particularly in a Bbottom-up^ architecture. Our envisioned solution to these problems is to extend the scenario in Fig. 13 under the centralized supervision of the government into a global governmental cloud. This arrangement fortuitously complies with the Malaysian approach, as discussed earlier. The centralized management of the government should ensure a common set of standards and policies. Large and small hospitals and units with one or more branches

51

Page 16 of 19

will store and share their information in the governmental cloud, preferably in some variation of XML format, which will be agreed upon, and government-enforced policies and content standards. A central replica cloud may replace (or augment) the backup and recovery measures at each provider, while the government can now control dedicated portals to users and other special consumers, such as governmental agencies and academic researchers. Similar outlets already have counterparts in the Malaysian Telehealth flagship project. The MyHDW is an example of a central data warehouse under the GDS project. For smaller care units and private practitioners who cannot afford running their own EMR system and exchanging information with the rest of the network, the government can offer affordable hosting by which connection to the central cloud is established. The eventual situation is illustrated in Fig. 14. Implementing such a centralized model requires more than technological strategies. Payne et al. [10] proposed a threelayer model to describe the requirements of electronic HIE. The first layer from the bottom is a foundation layer, which includes the policy framework, secure medium for information exchange, and national standards for transmitting clinical data. The second layer is a set of financial and reputation incentives for healthcare providers to adopt the technology and adhere to information exchange standards and procedures. The third layer is the applications for entry, storage, transmission, and receipt of information. Our security framework corresponds mainly to the first layer in this model. This concept is a perspective different from the Malaysian health ICT framework presented in Fig. 3. With respect to the latter, our security framework spans all the three layers. Figure 14 presents the static structure upon which we fit our security framework. This framework does not reveal the map of adopted technologies and security checkpoints that we proposed to ensure secure information exchange. These elements are discussed in the following subsection.

Secure transmission The numerical circles in Fig. 14 indicate the mechanism through which the data is transmitted from one point to another. Below are the semantics of these circles. The numbered S letters refer to the proposed hybrid settings in Table 1. 1, 2: This setting can be a transmission from a local node (a physician) to either store data into the local server, retrieve data from the server, or request data from the cloud. In the two former cases, the corresponding record should be tagged with the user ID, which logs the transaction and any further access to the records with appropriate ID tags for audit purposes. In the latter case, the request is forwarded to the border router. If encryption is

J Med Syst (2015) 39:51

permitted within the LAN, then S4 (or S5/S6) may be used. 3: All sensitive data (e.g., images, x-rays, reports, and laboratory tests results) inside the server should be preserved and encrypted to avoid any disclosure from insider administrators. This method can be accomplished using S4, S5, or S6. All the keys should be preserved in another server (e.g., key-generator and key-exchange server). 4, 5: The traffic through 5 includes either a store or request transaction with the cloud (whether local, 6, or global, 9). In both cases, preserving the confidentiality and integrity of the data is a requirement. Furthermore, connection to the outer world requires conformance with message standards, which may be fulfilled using a connector, such as Mirth Connect. S8, S9, or S10 combinations may be applied to secure the transmission because this connector is not secure. This application depends on the message size and on whether or not the target cloud is local. If the target is local, then secret keys may be shared easily, or a digital envelope technique is appropriate. Similarly, 4 will transmit the encrypted reply from the local or global cloud using the same technique chosen for 5. Encryption in both cases may be end-to-end between the local server and cloud server or embedded on the border routers at both ends. 6: This setting refers to the server(s) in a hospital private cloud. The security measures and encryption options are similar to 3. Backups should be used, and all transactions should be logged with the associated ID tags of the actor. Any hospital-level policies and business rules should be imposed. For example, a clear policy should be defined for exchanging data between the branches of the same hospital. This policy may include terms and conditions, ethical declarations, and consent checks. 7, 8: Similar to 5 and 4, respectively. 9: Similar to 6 with government-level policies and restrictions. 10: These points are governmental portals that act as hubs to supply other parties with (selected) shared health information from the government cloud. All transmissions through these hubs are encrypted using S7, S4, or S10 if the provided information is in XML format. 11, 12, and 13: This setting allows access to health information for research and statistical analysis purposes. Deidentified records are supplied through these paths for the privacy of patients. 14: Similar to 10, except that information should be presented in a user-friendly format, mostly through web interfaces. 15: Mobile-based clients. A patient can access only his/ her data. Strong and light encryption solutions should be employed, given the limited processing and power capabilities of the mobile nodes. S7 can be adopted.

J Med Syst (2015) 39:51

16: This setting is the same as 15 but with more relaxed restrictions on the encryption computational requirements because personal computers or laptops are used to access the portals. 17, 18: This setting is for transmission to and from the main government cloud and another replica cloud for recovery and backup purposes. Regular automatic backups and/or synchronizations could be scheduled, whereas all the transmissions should be fully encrypted using S4 or S7. 19: Backups in these clouds should be fully encrypted. No access of any kind should be allowed. In this case, S4, S5, or S6 may be used.

Page 17 of 19 51

& &

What does this study contribute? & &

& Conclusions & HIE is the key to the future of healthcare systems. Nations around the world have recognized this fact with strategic plans to achieve this goal. Malaysia is not an exception. The Malaysian MOH has led and supervised the development of a consortium of pilot projects that cover all aspects of healthcare service delivery through the Malaysian Telehealth flagship project. Many barriers and obstacles emerge when HIE is applied on a national level. In particular, integration and interoperability are difficult challenges in the way of many nationwide experiments. Regardless of the approach used Btopdown,^ Bbottom-up,^ or Bmiddle-out^ security and privacy requirements are crucial concerns when sharing or exchanging the health data of patients. The heritage of information security research is rich and capable of providing the desired solutions for secure integration, if the right mixture of technologies is employed. In this paper, we provided a security framework for a nationwide health information network. This framework must be imposed on a suitable model, for which we also proposed an architecture that complies with the Malaysian approach in building an integrated health enterprise. For this purpose, we evaluated the available secure transmission options in terms of cryptographic algorithms and data exchange technologies. We proposed hybrid settings of a few combinations of these algorithms in certain arrangements. We consider our work as another step toward a fertile body of research from which nationwide HIE endeavors can inspire guidance. Summary points What is already known? & &

EHRs are highly sensitive from the perspective of privacy. Electronic HIE is the key ingredient in the strategy of Malaysia and other nations for future healthcare.

Encryption algorithms over networking technologies are available and ready to be adopted in the right mode according to the requirements. A complete and secure HIE framework on a nationwide level is yet to be built.

An overview of the important aspects and approaches of HIE with a focus on the Malaysian case. An evaluation of candidate encryption and data exchange techniques to secure transmission through nationwide health information networks with proposed consolidated combinations. The proof-of-concept implementation of the proposed settings to explore their respective practicalities and relative performances. Securing nationwide health information networks, which require both proper (central or semi-central) models and a thorough security framework with complete checkpoints.

Acknowledgments This research was partially funded by the high impact research unit (HIR) at the University of Malaya under grant number UM.C/HIR/MOHE/FCSIT/12.

References 1. Kellermann, A. L., and Jones, S. S., What it will take to achieve the as-yet-unfulfilled promises of health information technology. Health Aff. 32:63–68, 2013. 2. Brailer, D. J., Interoperability: the key to the future health care system. Health Aff.-Millwood VA Bethesda MA 24:W5, 2005. 3. Kuperman, G. J., Blair, J. S., Franck, R. A., Devaraj, S., Low, A. F., et al., Developing data content specifications for the nationwide health information network trial implementations. J. Am. Med. Inform. Assoc. 17:6–12, 2010. 4. Walker, J., Pan, E., Johnston, D., Adler-Milstein, J., Bates, D. W., and Middleton, B., The value of health care information exchange and interoperability. Health Aff.-Millwood VA Bethesda MA 24:W5, 2005. 5. Kuperman, G. J., Health-information exchange: why are we doing it, and what are we doing? J. Am. Med. Inform. Assoc. 18:678–682, 2011. 6. Garets, D., and Davis, M., Electronic medical records vs. electronic health records: yes, there is a difference, Policy white paper. Chicago, HIMSS Analytics, 2006. 7. Benli, S., Yaylacicegi, U., Vetter, R., Reinicke, B., and Mitchell, S., Information security blueprint for national health information network. Ann. Master Sci. Comput. Sci. Inf. Syst. UNC Wilmington 6, 2012. 8. Shapiro, J. S., Kannry, J., Lipton, M., Goldberg, E., Conocenti, P., Stuard, S., Wyatt, B. M., and Kuperman, G., Approaches to patient health information exchange and their impact on emergency medicine. Ann. Emerg. Med. 48:426–432, 2006. 9. Liu, W., Park, E., and Krieger, U., eHealth interconnection infrastructure challenges and solutions overview. e-Health Networking, Applications and Services (Healthcom), 2012 I.E. 14th International Conference on, IEEE, 2012, pp. 255–260.

51

Page 18 of 19

10. Payne, T. H., Detmer, D. E., Wyatt, J. C., and Buchan, I. E., Nationalscale clinical information exchange in the United Kingdom: lessons for the United States. J. Am. Med. Inform. Assoc. 18:91–98, 2011. 11. Kaelber, D. C., and Bates, D. W., Health information exchange and patient safety. J. Biomed. Inform. 40:S40–S45, 2007. 12. Zaidan, A. A., Zaidan, B. B., Kadhem, Z., Larbani, M., Lakulu, M. B., and Hashim, M., Challenges, alternatives, and paths to sustainability: better public health promotion using social networking pages as key tools. J. Med. Syst. 39(2):1–14, 2015. 13. Bailey, J. E., Pope, R. A., Elliott, E. C., Wan, J. Y., Waters, T. M., and Frisse, M. E., Health information exchange reduces repeated diagnostic imaging for back pain. Ann. Emerg. Med. 45:3, 2013. 14. Iezzoni, L. I., Assessing quality using administrative data. Ann. Intern. Med. 127:666–674, 1997. 15. Safran, C., Bloomrosen, M., Hammond, W. E., Labkoff, S., MarkelFox, S., Tang, P. C., and Detmer, D. E., Toward a national framework for the secondary use of health data: an American Medical Informatics Association white paper. J. Am. Med. Inform. Assoc. 14:1–9, 2007. 16. Roelofs, E., Persoon, L., Nijsten, S., Wiessler, W., Dekker, A., and Lambin, P., Benefits of a clinical data warehouse with data mining tools to collect data for a radiotherapy trial. Radiother. Oncol., 2013. 17. Song, M., Liu, K., Abromitis, R., and Schleyer, T. L., Reusing electronic patient data for dental clinical research: a review of current status. J. Dent., 2013. 18. Wasserman, R. C., Electronic medical records (EMRs), epidemiology, and epistemology: reflections on EMRs and future pediatric clinical research. Acad. Pediatr. 11:280–287, 2011. 19. Kiah, M. L. M., Haiqi, A., Zaidan, B. B., and Zaidan, A. A., Open source EMR software: profiling, insights and hands-on analysis. Comput. Methods Prog. Biomed. 117(2):360–382, 2014. 20. Cios, K. J., and William Moore, G., Uniqueness of medical data mining. Artif. Intell. Med. 26:1–24, 2002. 21. Regidor, E., The use of personal data from medical records and biological materials: ethical perspectives and the basis for legal restrictions in health research. Soc. Sci. Med. 59:1975–1984, 2004. 22. Vest, J. R., Health information exchange: national and international approaches. Adv. Health Care Manag. 12:3–24, 2012. 23. Park, H., Lee, S., Kim, Y., Heo, E.-Y., Lee, J., Park, J. H., and Ha, K., Patients’ perceptions of a health information exchange: a pilot program in South Korea. Int. J. Med. Inform. 82:98–107, 2013. 24. Gritzalis, D., and Lambrinoudakis, C., A security architecture for interconnecting health information systems. Int. J. Med. Inform. 73: 305–309, 2004. 25. Flores, A., Secure exchange of information in electronic health records, 2010. 26. van der Linden, H., Kalra, D., Hasman, A., and Talmon, J., Interorganizational future proof EHR systems: a review of the security and privacy related issues. Int. J. Med. Inform. 78:141–160, 2009. 27. Sucurovic, S., Implementing security in a distributed web-based EHCR. Int. J. Med. Inform. 76:491–496, 2007. 28. Xiao, L., Vicente, J., Sáez, C., Peet, A., Gibb, A., Lewis, P., Dasmahapatra, S., Croitoru, M., González-Vélez, H., Ariet, M. L., et al., A security model and its application to a distributed decision support system for healthcare. Availability, Reliability and Security, 2008. ARES 08. Third International Conference on, IEEE, 2008, pp. 578–585. 29. BNationwide Health Information Network (NwHIN).^ 30. Lenert, L., Sundwall, D., and Lenert, M. E., Shifts in the architecture of the nationwide health information network. J. Am. Med. Inform. Assoc. 19:498–502, 2012. 31. BThe Direct Project,^ 2013. 32. Coiera, E., Building a national health IT system from the middle out. J. Am. Med. Inform. Assoc. 16:271–273, 2009. 33. M. Ministry of Health (MOH), Malaysia’s telemedicine blueprint: leading healthcare into the information age, 1997.

J Med Syst (2015) 39:51 34. Ghani, M. K. A., An integrated and distributed framework for a Malaysian Telemedicine System (MyTEL), 2008. 35. Som, M. M., Norali, A., and Ali, M. M., Telehealth in Malaysia—An overview, Industrial Electronics & Applications (ISIEA), 2010 I.E. Symposium on, IEEE, 2010, pp. 660–664. 36. Alaudin, D. F. S., AeHIN General Meeting 2013: eHealth Updates Malaysia, 2013. 37. Hisan, D. A., Malaysian Health Information Exchange (MyHIX), 2012. 38. M. Malaysia, BIHE CONNECTATHON - MSC Malaysia.^ 39. M. newsletter, MIMOS collaborates with Health Ministry to develop Healthcare IT, 2013. 40. Wei, J., Hu, X., and Liu, W., An improved authentication scheme for Telecare medicine information systems. J. Med. Syst. 36(6):3597– 3604, 2012. 41. Wu, Z. Y., Lee, Y.-C., Lai, F., Lee, H.-C., and Chung, Y.-F., A secure authentication scheme for Telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012. 42. Kiah, M. L. M., Al-Bakri, S. H., Zaidan, A. A., Zaidan, B. B., and Hussain, M., Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture. J. Med. Syst. 38(10):1–11, 2014. 43. Alanazi, H. O., Zaidan, A. A., Zaidan, B. B., Kiah, M. L., and AlBakri, S. H., Meeting the security requirements of electronic medical records in the ERA of high-speed computing. J. Med. Syst. 39(1):1– 13, 2015. 44. He, D., Chen, J., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012. 45. Das, A. K., and Goswami, A., A secure and efficient uniquenessandanonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(3):1–16, 2013. 46. Chang, Y.-F., Yu, S.-H., and Shiao, D.-R., An uniqueness-andanonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37:9902, 2013. 47. Alanizi, H. O., Mat Kiah, M. L., Zaidan, A. A., Zaidan, B. B., and Alam, G. H., Secure topology for electronic medical record transmissions. Int. J. Pharmacol. 6(6):954–958, 2010. http://scialert.net/ fulltext/?doi=ijp.2010.954.958&org=11 [accessed 2012-03-24] [WebCite Cache]. 48. Zaidan, B. B., Zaidan, A. A., and Mat Kiah, M. L., Impact of data privacy and confidentiality on developing telemedicine applications: a review participates opinion and expert concerns. Int. J. Pharmacol. 7(3):382–387, 2011. 49. Kiah, M. L., Nabi, M. S., Zaidan, B. B., and Zaidan, A. A., An enhanced security solution for electronic medical records based on AES hybrid technique with SOAP/XML and SHA-1. J. Med. Syst. 37(5):1–18, 2013. 50. Li, Y.-C., Hung, M.-C., Hsiao, S.-J., Tsai, K.-D., Chang, M.-M., An assessment of patient safety in acupuncture process under EMR support. J. Med. Syst. 35(6):1447–1453, 2011.1,789 KB). 51. Ullah, S., and Alamri, A., A secure RFID-based WBAN for healthcare applications. J. Med. Syst. 37(5):1–9, 2013. 52. Yan, X., Li, W., Li, P., Wang, J., Hao, X., and Gong, P., A secure biometrics-based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(2):1–6, 2013. 53. Hamdan, O., Alanazi, H. A., Jalab, G. M., Alam, B. B., and Zaidan, A. A., Securing electronic medical records transmissions over unsecured communications: an overview for better medical governance. J. Med. Plant Res. 4(19):2059–2074, 2010. 54. Hsu, C.-L., Lee, M.-R., and Su, C.-H., The role of privacy protection in healthcare information systems adoption. J. Med. Syst. 37:9966, 2013. 55. Rivest, R. L., Shamir, A., and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21: 120–126, 1978.

J Med Syst (2015) 39:51 56. Boneh, D., Rivest, R., Shamir, A., Adleman, L., et al., Twenty years of attacks on the RSA cryptosystem. Not. AMS 46:203–213, 1999. 57. Salah, I. K., Darwish, A., and Oqeili, S., Mathematical attacks on RSA cryptosystem. J. Comput. Sci. 2:665, 2006. 58. Kocher, P. C., Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems, Advances in Cryptology— CRYPTO’96, Springer, 1996, pp. 104–113. 59. Boneh, D., Joux, A., and Nguyen, P.Q., Why textbook ElGamal and RSA encryption are insecure, Advances in Cryptology—ASIACRYPT 2000, Springer, 2000, pp. 30–43. 60. Diffie, W., The first ten years of public-key cryptography. Proc. IEEE 76:560–577, 1988. 61. Koblitz, N., Elliptic curve cryptosystems. Math. Comput. 48:203– 209, 1987. 62. Gupta, V., Gupta, S., Chang, S., and Stebila, D., Performance analysis of elliptic curve cryptography for SSL, Proceedings of the 1st ACM Workshop on Wireless Security, ACM, 2002, pp. 87–94. 63. Jurišic, A., and Menezes, A., Elliptic curves and cryptography. Dr. Dobb’s J., 1997, pp. 26–36. 64. Kapoor, V., Abraham, V. S., and Singh, R., Elliptic curve cryptography. ACM Ubiquit. 9:20–26, 2008. 65. Hoffstein, J., Pipher, J., and Silverman, J. H., NTRU: a ring-based public key cryptosystem. Algorithmic Number Theory, Springer, 1998, pp. 267–288. 66. Hermans, J., Vercauteren, F., and Preneel, B., Speed records for NTRU. Topics in Cryptology-CT-RSA 2010, Springer, 2010, pp. 73–88. 67. Perlner, R. A., and Cooper, D. A., Quantum resistant public key cryptography: a survey. Proceedings of the 8th Symposium on Identity and Trust on the Internet, ACM, 2009, pp. 85–93. 68. Daemen, J., and Rijmen, V., AES proposal: Rijndael. First Advanced Encryption Standard (AES) Conference, 1998. 69. Standard, N.-F., Announcing the Advanced Encryption Standard (AES). Fed. Inf. Process. Stand. Publ. 197, 2001. 70. Biryukov, A., Dunkelman, O., Keller, N., Khovratovich, D., and Shamir, A., Key recovery attacks of practical complexity on AES256 variants with up to 10 rounds. Advances in Cryptology– EUROCRYPT 2010, Springer, 2010, pp. 299–319. 71. Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C., and Ferguson, N., Performance comparison of the AES submissions, 1999.

Page 19 of 19 51 72. Schneier, B., The Blowfish encryption algorithm. Dr Dobb’s J.-Softw. Tools Prof. Program. 19:38–43, 1994. 73. Schneier, B., Description of a new variable-length key, 64-bit block cipher (Blowfish). Fast Software Encryption, Springer, 1994, pp. 191–204. 74. Gonzalez, T., A Reflection attack on blowfish. J Latex Files 6, 2007. 75. Rivest, R. L., Robshaw, M. J., Sidney, R., and Yin, Y. L., The RC6 block cipher. In First Advanced Encryption Standard (AES) Conference, Citeseer, 1998. 76. Rivest, R. L., The RC5 encryption algorithm. Fast Software Encryption, Springer, 1995, pp. 86–96. 77. BRSA Security.^ 78. PUB, F., Secure hash standard. Public Law 100:235, 1995. 79. Wang, X., Yin, Y. L., and Yu, H., Finding collisions in the full SHA1. Advances in Cryptology–CRYPTO 2005, Springer, 2005, pp. 17– 36. 80. W3C, BXML TECHNOLOGY.^ 81. Naedele, M., Standards for XML and Web services security. Computer 36:96–98, 2003. 82. Chester, T. M., Cross-platform integration with XML and SOAP. IT Prof. 3:26–34, 2001. 83. Achard, F., Vaysseix, G., and Barillot, E., XML, bioinformatics and data integration. Bioinformatics 17:115–125, 2001. 84. Gudgin, M., Hadley, M., Mendelsohn, N., Moreau, J.-J., Nielsen, H. F. , Karmarkar, A., and Lafon, Y., Simple object access protocol (SOAP) 1.2. World Wide Web Consortium, 2003. 85. Brown, A., Fox, B., Hada, S., LaMacchia, B., and Maruyama, H., SOAP security extensions: Digital signature. See www.w3.org/TR/ SOAP-dsig, 2001. 86. Nabi, M. S. A., Mat Kiah, M. L., Zaidan, B. B., Zaidan, A. A., and Alam, G. M., Suitability of using SOAP protocol to secure electronic medical record databases transmission. Int. J. Pharmacol. 6(6):959– 964, 2010. 87. Adams, C., and Lloyd, S., Understanding the Public-Key Infrastructure: Concepts, Standards and Deployment Considerations. Sams Publishing, 1999. 88. Ford, W., Hallam-Baker, P., Fox, B., Dillaway, B., LaMacchia, B., Epstein, J., and Lapp, J., Xml key management specification (xkms). W3C note, March, 2001. 89. Mirth Connect, Available at: http://www.mirthcorp.com/products/ mirth-connect, Last accessed: 05/12/2013.

A security framework for nationwide health information exchange based on telehealth strategy.

This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framewor...
3MB Sizes 0 Downloads 12 Views