1. Using Public Key Infrastructure to Secure Online Medical Records Presented by PRAVIN SHETTY

2. INTRODUCTION Why did I choose this topic? I am interested in Public Key Cryptography. I have a background in Health. I believe online medical records will deliver major improvements to the healthcare industry.

3. OVERVIEW OF PRESENTATION 1.Introduction to the problem 2.Nature of Medical Records 3.What are the advantages and disadvantages of online medical records? 4.Features of Public Key Infrastructure that make it applicable to use for online medical records.

4. 5.Applications of Public Key Infrastructure for Online Medical Records. 6.Public Key Infrastructure and Security Policy. 7.Conclusion. 8.References

5. 1. THE PROBLEM Through online medical records the aim is to achieve a system where healthcare providers have: Through online medical records the aim is to achieve a system where healthcare providers have: accurate and up-to-data clinical information irrespective of the point of care for patients. Why? Why?

6. 2. WHAT IS A MEDICAL RECORD? A medical record is a collection of information about an individual that is used for their treatment by a health care provider. A medical record is a collection of information about an individual that is used for their treatment by a health care provider. The record contains both sensitive medical information about the patient along with demographic data and personal information.

7. Health care worker notes (e.g. notes about a common viral illness or a report about major psychiatric illness). Pathology test results (e.g. HIV or hepatitis serology). Radiological results (e.g. x rays and scans).

8. Specialized tests such as angiograms (e.g. coronary angiogram). Operation reports (e.g. report of surgery performed). Drug allergies and sensitivities. Details of next of kin or guardian.

9. Who uses a medical record? Tertiary and Quaternary referral centres - large specialized referral hospitals (e.g. Royal Melbourne Hospital). Small to medium community hospitals (e.g. Williamstown Hospital). General Practices - low acuity or ongoing community care of patients (e.g. a suburban general practice).

10. USERPURPOSE General PractitionerMedical notes Specialist Medical notes NurseNursing notes Allied Health (e.g. physiotherapist)Allied health notes Medical AdministratorsPlanning, Auditing Medical TypistsClerical Reception StaffClerical PharmacistPrescriptions RadiographerPerforming radiological tests Hospital ChaplainAt request of relatives or patient Medical InsurersService payment Government Agencies (e.g. Medicare)Service payment Law Agencies Law enforcement I.T. Staff (e.g. Database Administrator)I.T. technology and support ResearchersMedical research

11. 3. Advantages/Disadvantages of online medical records? Advantages: Improving the treatment of patients. Use of patient information for research purposes and public health monitoring. Improved efficiency of the health system.

12. Disadvantages: Loss of confidentiality Loss of data integrity Loss of control over personal information

13. 4. Public Key Infrastructure and Online Medical Records Features of Public Key Infrastructure Maintaining Confidentiality of Medical Records Ensuring Authentication of User Maintaining the Integrity of Medical Records Non-repudiation of Information Exchange Weaknesses of Public Key Infrastructure

17. 5. Applications of Public Key Infrastructure

18. Applications using Public-Key Certificates and Attribute Certificates [6] looked at distributed healthcare databases in Germany and other European Countries. Aimed to create a system where healthcare workers who where appropriately registered could access health care records. Attribute Certificates were user for authorization and authentication of users.

19. Attribute certificate for qualifications: profession (e.g. doctor, dentist, midwife etc.), specialty type and dedicated specialty. Attribute certificate for authorizations: general authorization, authorization type, and dedicated authorization. The attribute certificate cannot exist on its own but is rather bound to the public key certificate.

20. The link occurs by using the serial number of the public key certificate or by other means. Together they constitute an entity which is then able to interact with a health care information system. This permits a doctor to view patient files, prescribe medication and perform other necessary duties as specified by the certificates.

22. Access Confidential Patient Data Over the Internet [7] conducted a study at the Salford hospital, in the Greater Manchester District. Examined secure online patient records. Aimed to improve the flow of information between secondary care hospitals providing specialist treatment and the primary care physicians in the community.

24. Researchers use the triple DES algorithm. Public key cryptography is used in this case to distribute the session key. Entrust formatted X.509 certificates and their proprietary protocols were used. The Entrust Direct client works as a proxy on both the web clients (general practitioner) and server (hospital).

25. The following procedure occurs with each request for information: 1. Requests by client browser for information are intercepted by the Entrust Direct proxy on the client computer. 2. The request is encrypted and digitally signed before being sent to the web server of the hospital. 3. The Entrust Direct proxy on the web server intercepts and decrypts the message, verifies the signature and decides whether it is from a trusted source. 4. The Entrust Direct proxy/web server retrieves a certificate revocation list (CRL) and checks the message against this.

26. 5. The web server then queries the diabetic register database and retrieves the relevant information. 6. The outgoing message is intercepted by the Entrust Direct proxy. 7. The message is encrypted and digitally signed using the private key of the Diabetic Information System. 8. The client browser Entrust Direct proxy intercepts and decrypts the message, verifies the signature and decides whether it is from a trusted source. 9. The Entrust Direct proxy/client server retrieves a CRL and check the message against this. 10. The requested information appears on the client browser.

27. 6. Public Key Infrastructure and Security Policy No security system should be reliant on a single technology. Security of online medical records requires an organization-wide approach: Development of a security policy Having clear security goals and objectives

28. Creating a culture of security awareness Making employees explicitly aware of the security policy Public key infrastructure can provide enormous security benefits when correctly and appropriately integrated into the security system of a health care organization. Its implementation must be considered in terms of the objectives and goals of the security policy.

29. 7. Conclusion Increasing momentum towards online medical records. Security of such a system is a major obstacle. Community fears regarding confidentiality. Public Key Infrastructure can provide a key component of a security system that provides enough security to make online medical records viable.

30. It offers a system whereby medical records can not only be powerfully encrypted, but the transmission between health care providers can be controlled with a level of certainty that virtually eliminates the possibility of the records being intercepted or ending up in the wrong hands. This technology goes further by assuring the integrity of a message through the use of digital signatures and message digests and creating a communication which is non reputable.

31. Studies into the use of online medical records have shown promising results.

32. 8.0References [1]Rindfleisch, T., (1997) Privacy, information technology, and health. Communications of the ACM August 1997, Volume 40, Issue 8. [2] Anderson, R., (2001) Security Engineering: A Guide to Building Dependable Distributed System, John Wiley. [3]Marshall, W., Haley, R., (2000) Use of Secure Internet Web Site for Collaborative Medical Research. Journal of the American Medical Association. Volume 284(14), pp 1843 – 1849. [4]Burnett, S. & Paine, S., (2000) RSA Security's Official Guide to Cryptography. RSA Press. [5]Clarke, R., (2001) Can Digital Signatures and Public Key Infrastructure Be of Any Use in the Care Sector??? [online] Available from: http://anu.edu.au/people/Roger.Clarke/EC/PKIH1th01.html [Accessed 3/05/03]. [6]Wohlmacher, P. & Pharow, P (2000) Applications in health care using public-key certificates and attribute certificates Computer Security Applications, ACSAC '00. 16th Annual Conference, Dec 2000 Page(s): 128 –137.

33. [7]Chadwick, D. et al (2002) Experiences of Using Public Key Infrastructure to Access Patient Confidential Data Over the Internet. Proceeding of the 35th International Conference on Systems Sciences. 2002 IEEE. [8] Verisign Course in PKI by Verisign Australia. [9]Moreno, A & Isern D. (2002) Session 6A: applications: A first step towards providing health-care agent-based services to mobile users Proceedings of the first international joint conference on Autonomous agents and multiagent systems: part 2 July 2002. [10]Ateniese, G. & de Medeiros B. (2002) Anonymous E-prescriptions Proceeding of the ACM workshop on Privacy in the Electronic Society November 2002. [11]Jurecic, M. & Bunz, H. (1994) Exchange of patient records-prototype implementation of a security attributes service in X.500 Proceedings of the 2nd ACM Conference on Computer and communications security November 1994. [12]Zhang, L. Ahn, G. & Chu B. (2002) Applications: A role-based delegation framework for healthcare information systems Seventh ACM Symposium on Access Control Models and Technologies June 2002.