A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations

研究成果: Article同行評審

85 引文 斯高帕斯(Scopus)

摘要

The Health Insurance Portability and Accountability Act (HIPAA) has set privacy and security regulations for the US healthcare industry. HIPAA has also established principles for security standards that global e-health industry tends to follow. In this paper, a hybrid public key infrastructure solution (HPKI) is proposed to comply with the HIPAA regulations. The main contribution is the new e-health security architecture that is contract oriented instead of session oriented which exists in most literatures. The proposed HPKI has delegated the trust and security management to the medical service provider during the contract period, which is more realistic. It is much an analogy to existing paper based health care systems in terms of functional structure. The cryptographically strong PKI scheme is deployed for the mutual authentication and the distribution of sensitive yet computational non-intensive data while efficient symmetric cryptographic technology is used for the storage and transmission of high volume of medical data such as medical images. One advantage is that the proposed HPKI can be constructed from existing cryptographic technologies where various relevant security standards, tools and products are available. Discussion has been provided to illustrate how proposed schemes can address the HIPAA privacy and security regulations.

原文English
頁(從 - 到)274-280
頁數7
期刊Computer Standards and Interfaces
32
發行號5-6
DOIs
出版狀態Published - 2010 十月 1

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Law

指紋 深入研究「A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations」主題。共同形成了獨特的指紋。

引用此