More Like this

1. HonestChain: Consortium blockchain for protected data sharing in health information systems

   https://doi.org/10.1007/s12083-021-01153-y  

   Purohit, Soumya; Calyam, Prasad; Alarcon, Mauro Lemus; Bhamidipati, Naga Ramya; Mosa, Abu; Salah, Khaled (September 2021, Peer-to-Peer Networking and Applications)
2. An Activity Theory Approach to Leak Detection and Mitigation in Patient Health Information (PHI)

   https://doi.org/10.17705/1jais.00687  

   Valecha, Rohit; Upadhyaya, Shambhu; Rao, H. Raghav (January 2021, Journal of the Association for Information Systems)

   The migration to electronic health records (EHR) in the healthcare industry has raised issues with respect to security and privacy. One issue that has become a concern for healthcare providers, insurance companies, and pharmacies is patient health information (PHI) leaks because PHI leaks can lead to violation of privacy laws, which protect the privacy of individuals’ identifiable health information, potentially resulting in a healthcare crisis. This study explores the issue of PHI leaks from an access control viewpoint. We utilize access control policies and PHI leak scenarios derived from semi structured interviews with four healthcare practitioners and use the lens of activity theory to articulate the design of an access control model for detecting and mitigating PHI leaks. Subsequently, we follow up with a prototype as a proof of concept. 

   more » « less
3. Privacy and Security — Protecting Patients’ Health Information

   https://doi.org/10.1056/NEJMp2201676  

   Hoffman, Sharona (November 2022, New England Journal of Medicine)
4. Enabling Health Data Sharing with Fine-Grained Privacy

   https://doi.org/10.1145/3583780.3614864  

   Bonomi, Luca; Gousheh, Sepand; Fan, Liyue (October 2023, Proceedings of the 32nd ACM International Conference on Information and Knowledge Management (CIKM '23))
5. Balancing Security and Privacy in Genomic Range Queries

   https://doi.org/10.1145/3575796  

   Hwang, Seoyeon; Ozturk, Ercan; Tsudik, Gene (August 2023, ACM Transactions on Privacy and Security)

   Exciting recent advances in genome sequencing, coupled with greatly reduced storage and computation costs, make genomic testing increasingly accessible to individuals. Already today, one’s digitized DNA can be easily obtained from a sequencing lab and later used to conduct numerous tests by engaging with a testing facility. Due to the inherent sensitivity of genetic material and the often-proprietary nature of genomic tests, privacy is a natural and crucial issue. While genomic privacy received a great deal of attention within and outside the research community, genomic security has not been sufficiently studied. This is surprising since the usage of fake or altered genomes can have grave consequences, such as erroneous drug prescriptions and genetic test outcomes. Unfortunately, in the genomic domain, privacy and security (as often happens) are at odds with each other. In this article, we attempt to reconcile security with privacy in genomic testing by designing a novel technique for a secure and private genomic range query protocol between a genomic testing facility and an individual user. The proposed technique ensures authenticity and completeness of user-supplied genomic material while maintaining its privacy by releasing only the minimum thereof. To confirm its broad usability, we show how to apply the proposed technique to a previously proposed genomic private substring matching protocol. Experiments show that the proposed technique offers good performance and is quite practical. Furthermore, we generalize the genomic range query problem to sparse integer sets and discuss potential use cases. 

   more » « less