Security and Privacy Protection for eHealth Data

  • Sharmin Jahan
  • Mozammel ChowdhuryEmail author
  • Rafiqul Islam
  • Junbin Gao
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 878)


Recently, both security and privacy are the growing concerns in eHealth platforms that deal with sensitive clinical data stored in electronic health records (EHR). Breaches or damage of sensitive data of an individual’s health record can be occurred due to attacks by hackers or malicious insiders. Therefore, it is very crucial to enforce privacy and security of clinical data in eHealth applications by technological means. Understanding and finding the issues related to the security and privacy of eHealth systems are important in designing and developing an effective eHealth system. In this paper, we therefore aim to investigate and analyze the recent security issues in eHealth applications and explore their solutions to preserve privacy and security of sensitive health data.


Security Privacy Clinical data eHealth EHR 


  1. 1.
    Jahan, S., Chowdhury, M.M.H.: Assessment of present health status in Bangladesh and the applicability of e-Health in healthcare services: a survey of patients’ expectation toward e-Health. World J. Comput. Appl. Technol. 2(6), 121–124 (2014)Google Scholar
  2. 2.
    Jennifer, M.: E-Health: navigating the internet for health information healthcare. Advocacy White Paper. Healthcare Information and Management Systems Society, May 2002Google Scholar
  3. 3.
    The Department of Health, Australian Government. PCEHR: Personally Controlled Electronic Health Record System Operator: Annual Report 2012–2013Google Scholar
  4. 4.
    HIPPA 1996: US Department of Health & Human Services.
  5. 5.
  6. 6.
    Liberati, A., Altman, D.G., Tetzlaff, J., Mulrow, C., Gøtzsche, P.C., Ioannidis, J.P., et al.: The PRISMA statement for reporting systematic reviews and meta-analyses of studies that evaluate health care interventions: explanation and elaboration. Ann. Intern. Med. 151, W65–W94 (2009)CrossRefGoogle Scholar
  7. 7.
    Fernández-Alemán, J.L., et al.: Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inf. 46, 541–562 (2013)CrossRefGoogle Scholar
  8. 8.
    Kashif, H., Wolfgang, L.: Threats identification for the smart internet of things in eHealth ad adaptive security counter measures. IEEE (2015)Google Scholar
  9. 9.
    Benzschawel, S., Silveira, M.D.: Protecting patient privacy when sharing medical data. In: Proceedings of eTELEMED 2011. IEEE (2011)Google Scholar
  10. 10.
    Zhang, R., Liu, L.: Security models and requirements for healthcare application clouds. In: Proceedings of CLOUD 2010, pp. 268–275. IEEE (2010)Google Scholar
  11. 11.
    Lu, R., Lin, X., Liang, X., Shen, X.: A secure handshake scheme with symptoms-matching for mhealthcare social network. J. Mob. Netw. Appl. 16(6), 683–694 (2011)CrossRefGoogle Scholar
  12. 12.
    Liang, X., Li, X., Zhang, K., Lu, R., Lin, X., Shen, X.S.: Fully anonymous profile matching in mobile social networks. IEEE J. Sel. Areas Commun. 31(9), 641–655 (2013)CrossRefGoogle Scholar
  13. 13.
    Guo, L., Zhang, C., Sun, J., and Fang Y.: PAAS: a privacy preserving attribute-based authentication system for eHealth networks. In: IEEE 32nd International Conference on Distributed Computing Systems (ICDCS 2012), pp. 223–233 (2012)Google Scholar
  14. 14.
    Liang, X., Li, X., Shen, Q., Lu, R., Lin, X., Shen, X.S., Zhuang, W.: Exploiting prediction to enable secure and reliable routing in wireless body area networks. In: Proceedings IEEE INFOCOM, pp. 388–396 (2012)Google Scholar
  15. 15.
    Lu, R., Lin, X., Shen, X.: SPOC: a secure and privacy-preserving opportunistic computing framework for mobile-healthcare emergency. IEEE Trans. Parallel Distrib. Syst. 24(3), 614–624 (2013)CrossRefGoogle Scholar
  16. 16.
    Weber-Janke, J.H., Williams, J.B.: Beyond privacy policies-assessing inherent privacy risks of consumer health services. In 2011 Ninth Annual International Conference on Privacy, Security and Trust (PST), pp. 229–237. IEEE, July 2011Google Scholar
  17. 17.
    Idoga, P.E., Agoyi, M., Coker-Farrell, E.Y., Ekeoma, O.L.: Review of security issues in e-Healthcare and solutions. In: 2016 HONET-ICT, Nicosia, pp. 118–121 (2016)Google Scholar
  18. 18.
    Fan, L., Buchanan, W., Thuemmler, C., Lo, O., Khedim, A., Uthmani, O., Bell, D.: DACAR platform for eHealth services cloud. In: 2011 IEEE International Conference on Cloud Computing (CLOUD), pp. 219–226. IEEE, July 2011Google Scholar
  19. 19.
    Habib, K., Torjusen, A., Leister, W.: Security analysis of a patient monitoring system for the internet of things in eHealth. In: Proceedings of the Interational Conference on eHealth, Telemedicine, and Social Medicine (eTELEMED 2015) (2015)Google Scholar
  20. 20.
    Lohr, H., Sadeghi, A.R., Winandy, M.: Securing the e-Health cloud. In: Proceedings of the 1st ACM Interational Health Informatics Symposium, pp. 220–229. ACM, November 2010Google Scholar
  21. 21.
    Frontoni, E., Baldi, M., Zingareti, P., Landro, V., Misericordia, P.: Security issues for data sharing ad service interoperability in eHealth systems: the Nu. Sa. test bed. In: IEEE Interational Carnahan Conference on Security Technology (ICCST 2014), pp. 1–6 (2014)Google Scholar
  22. 22.
    Frank, K., Elaine, L., Martin, F., Yen, Y.Y.: Security, privacy and legal issues in pervasive eHealth monitoring systems. In: IEEE 2008 7th International Conference on Mobile Business (2008)Google Scholar
  23. 23.
    Okoh, E., Awad, A.I.: Biometrics Applications in e-Health Security: A Preliminary Survey. In: Yin, X., Ho, K., Zeng, D., Aickelin, U., Zhou, R., Wang, H. (eds.) HIS 2015. LNCS, vol. 9085, pp. 92–103. Springer, Cham (2015). Scholar
  24. 24.
    Chowdhury, M., Islam, R., Gao, J.: Robust ear biometric recognition using neural network. In: IEEE Conference on Industrial Electronics & Applications (ICIEA 2017), Siem Reap, Cambodia (2017)Google Scholar
  25. 25.
    Buttyan, L. Holczer, T.: Traffic analysis attacks and countermeasures in wireless body area sensor networks. In: IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM 2012), pp. 1–6 (2012)Google Scholar
  26. 26.
    Shen, Q., Liang, X., Shen, X.S., Lin, X.: Exploiting geodistributed clouds for a e-health monitoring system with minimum service delay and privacy preservation. IEEE J. Biomed. Health Inf. 18(2), 430–439 (2014)CrossRefGoogle Scholar
  27. 27.
    Chen, Y.Y., Lu, J.C., Jan, J.K.: A secure EHR system based on hybrid clouds. J. Med. Syst. 36(5), 3375–3384 (2012)CrossRefGoogle Scholar
  28. 28.
    Acharya, S., Coats, B., Saluja, A., Fuller, D.: Secure electronic health record exchange: achieving the meaningful use objectives. In: 46th Hawaii International Conference on System Sciences, Wailea, Hawaii, USA, pp. 2555–2564 (2013)Google Scholar
  29. 29.
    Sun, J., Zhu, X., Zhang, C., Fang, Y.: HCPP: cryptography based secure EHR system for patient privacy and emergency healthcare. In: 31st International Conference on Distributed Computing Systems, Minneapolis, MN (2011)Google Scholar
  30. 30.
    Mackenzie, I.S., Mantay, B.J., McDonnell, P.G., Wei, L., Macdonald, T.M.: Managing security and privacy concerns over data storage in healthcare research. Pharmacoepidemiol. Drug Saf. 20(8), 885–893 (2011)CrossRefGoogle Scholar
  31. 31.
    Stingl, C., Slamanig, D.: Health records and the cloud computing paradigm from a privacy perspective. J. Healthc. Eng. 2(4), 487–508 (2011)CrossRefGoogle Scholar
  32. 32.
    Gajanayake, R., Iannella, R., Sahama, T.: Privacy oriented access control for electronic health records. Electron. J. Health Inf. 8(2), e15 (2014)Google Scholar
  33. 33.
    Clinical Audit Tools: NOCR, UK. (visited on 10th July 2017)
  34. 34.
    PEN Clinical Audit Tool: Australia (2008).

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Sharmin Jahan
    • 1
  • Mozammel Chowdhury
    • 2
    Email author
  • Rafiqul Islam
    • 2
  • Junbin Gao
    • 3
  1. 1.Department of Biochemistry and Molecular BiologyJahangirnagar UniversityDhakaBangladesh
  2. 2.School of Computing and MathematicsCharles Sturt UniversityBathurstAustralia
  3. 3.Discipline of Business Analytics, The University of Sydney Business SchoolThe University of SydneySydneyAustralia

Personalised recommendations