Transitive Pseudonyms Mediated EHRs Sharing for Very Important Patients

  • Huafei ZhuEmail author
  • Ng Wee Keong
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11512)


Electronic health record (EHR) greatly enhances the convenience of cross-domain sharing and has been proven effectively to improve the quality of healthcare. On the other hand, the sharing of sensitive medical data is facing critical security and privacy issues, which become an obstacle that prevents EHR being widely adopted. In this paper, we address several challenges in very important patients’ (VIPs) data privacy, including how to protect a VIP’s identity by using pseudonym, how to enable a doctor to update an encrypted EHR with the VIP’s absence, how to help a doctor link up and decrypt historical EHRs of a patient for secondary use under a secure environment, and so on. Then we propose a framework for secure EHR data management. In our framework, we use a transitive pseudonym generation technique to allow a patient to vary his/her identity in each hospital visit. We separate metadata from detailed EHR data in storage, so that the security of EHR data is guaranteed by the security of both the central server and local servers in all involved hospitals. Furthermore, in our framework, a hospital can encrypt and upload a patient’s EHR when he/she is absent; a patient can help to download and decrypt his/her previous EHRs from the central server; and a doctor can decrypt a patient’s historical EHRs for secondary use under the help and audit by several proxies.


Electronic health record Pseudonym Semantic security Transitive pseudonym 


  1. 1.
    Sadlier, C., Bergin, C., Merry, C.: Healthcare globalization and medical tourism. Clin. Infect. Dis. 58(11), 1642–1643 (2014)CrossRefGoogle Scholar
  2. 2.
    Ivanov, S., Webster, C., Mladenovic, A.: The microchipped tourist: implications for European tourism. Social Science Electronic Publishing (2014)Google Scholar
  3. 3.
    Beladi, H., Chao, C.C., Ee, M.S., Hollas, D.: Medical tourism and health worker migration in developing countries. Econ. Model. 46, 391–396 (2015)CrossRefGoogle Scholar
  4. 4.
    Fombelle, P.W., Sirianni, N.J., Goldstein, N.J., Cialdini, R.B.: Let them all eat cake: providing VIP services without the cost of exclusion for non-VIP customers. J. Bus. Res. 68(9), 1987–1996 (2015)CrossRefGoogle Scholar
  5. 5.
    Dang, H.S., Huang, Y.F., Wang, C.N.: Estimation of the market size of medical tourism industry using grey models - case study in South Korea. In: Estimation of the Market Size of Medical Tourism Industry Using Grey Models - Case Study in South Korea, pp. 46–50 (2016)Google Scholar
  6. 6.
    Arunotai, P.: An investigation of tourism information on destination management organization websites as the pull factor: a case study of health and wellness tourism information. In: 2017 11th International Conference on Software, Knowledge, Information Management and Applications (SKIMA), pp. 1–8 (2017)Google Scholar
  7. 7.
    Zhao., H.: An investigation of tourism information on destination management organization websites as the pull factor: a case study of health and wellness tourism information. In: ICISS 2018 Proceedings of the 2018 International Conference on Information Science and System, pp. 102–106 (2018)Google Scholar
  8. 8.
    Yang, C.C., Leroy, G., Ananiadou, S.: Smart health and wellbeing. ACM Trans. Manag. Inf. Syst. 4(4), 15:1–15:8 (2013). Scholar
  9. 9.
    Yang, C.C.: Patient centered healthcare informatics. IEEE Intell. Inf. Bull. 15(1), 1–5 (2014)Google Scholar
  10. 10.
    Yang, C.C., Veltri, P.: Intelligent healthcare informatics in big data era. Artif. Intell. Med. 65(2), 75–77 (2015). Scholar
  11. 11.
    Spagnuelo, D., Lenzini, G.: Transparent medical data systems. J. Med. Syst. 41(1), 8:1–8:12 (2017). Scholar
  12. 12.
    Daniels, M., Rose, J., Farkas, C.: Protecting patients’ data: an efficient method for health data privacy. In: ARES 2018, Proceedings of the 13th International Conference on Availability, Reliability and Security (2018)Google Scholar
  13. 13.
    Alabdulhafith, M., Alqarni, A., Sampalli, S.: Customized communication between healthcare members during the medication administration stage. In: MobileHCI 2018 Proceedings of the 20th International Conference on Human-Computer Interaction with Mobile Devices and Services (2018)Google Scholar
  14. 14.
    Riedl, B., Neubauer, T., Goluch, G., Boehm, O., Reinauer, G., Krumboeck, A.: A secure architecture for the pseudonymization of medical data. In: ARES, pp. 318–324 (2007)Google Scholar
  15. 15.
    Quantin, C., Jaquet-Chiffelle, D.O., Coatrieux, G., Benzenine, E., Fa, A.: Medical record search engines, using pseudonymised patient identity: an alternative to centralised medical records. Int. J. Med. Inf. 80(2), 6–11 (2011)CrossRefGoogle Scholar
  16. 16.
    Nugroho, H.A., Priyana, Y., Prihatmanto, A.S., Rhee, K.H.: Pseudonym-based privacy protection for steppy application. In: 2016 6th International Annual Engineering Seminar (InAES), pp. 138–143 (2016)Google Scholar
  17. 17.
    Sarkar, S., Chatterjee, S., Misra, S., Kudupudi, R.: Privacy-aware blind cloud framework for advanced healthcare. IEEE Commun. Lett. 21(11), 2492–2495 (2017). Scholar
  18. 18.
    Shah, A., Abbas, H., Iqbal, W., Latif, R.: Enhancing E-healthcare privacy preservation framework through L-diversity. In: 2018 14th International Wireless Communications and Mobile Computing Conference (IWCMC) (2018)Google Scholar
  19. 19.
    Sweeney, L.: K-anonymity: a model for protecting privacy. Int. J. Uncertainty, Fuzziness Knowl.-Based Syst. 10(5), 557–570 (2002)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Hillen, C.: The pseudonym broker privacy pattern in medical data collection. In: 2015 IEEE TrustCom/BigDataSE/ISPA, Helsinki, Finland, 20–22 August 2015, vol. 1, pp. 999–1005 (2015).
  21. 21.
    Ihmig, F.R., Wick, H., Hichri, K., Zimmermann, H.: RFID for anonymous biological samples and pseudonyms. In: 2011 IEEE International Conference on RFID-Technologies and Applications, RFID-TA 2011, Sitges, Spain, 15–16 September 2011, pp. 376–380 (2011).
  22. 22.
    Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998). Scholar
  23. 23.
    Canetti, R., Goldwasser, S.: An Efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack (extended abstract). In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 90–106. Springer, Heidelberg (1999). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.School of Computer Science and EngineeringNanyang Technological UniversitySingaporeSingapore

Personalised recommendations