Secure and Privacy Preserving Mobile Healthcare Data Exchange Using Cloud Service

  • Doyel PalEmail author
  • Gobinda Senchury
  • Praveenkumar Khethavath
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 625)


Healthcare using Mobile devices and Cloud Computing is an emergent topic of interest in both industry and research. Though ubiquity of mobile devices and availability of e-Health record plays an important role to enhance health care quality and services, it introduces several challenges too such as, limited power of mobile devices, privacy and anonymity of patient data, the reliability of end user, interoperability and availability of e-Health records, etc. Under HIPAA regulations, healthcare data needs to be secured from unsolicited disclosure when sharing among multiple medical service providers. In this paper, we focus on exchanging healthcare data among doctor and patient’s healthcare service providers. We develop an android mobile application and a Cloud service to exchange patient’s data among authorized users in a secure and privacy-preserving manner. The cloud service that we developed performs cryptographic computations, communicates with mobile application and also overcomes the limitations of mobile devices. We evaluate our proposed solution using real-world data set. The performance analysis proves the efficiency of our application. Privacy analysis of our proposed solution depicts that our system is secure and protects the privacy of healthcare data.


Healthcare Cloud Mobile cloud Privacy Security 


  1. 1.
    Jha, A., DesRoches, C., Cambell, E., Donelan, K., Rao, S., Ferris, T., Shields, A., Rosenbaum, S., Blumenthal, D.: Use of electronic health records in U.S. hospitals. New Engl. J. Med. 360, 1628–1638 (2009). doi: 10.1056/NEJMsa0900592 CrossRefGoogle Scholar
  2. 2.
    Gans, D., Kralewski, J., Hammons, T., Dowd, B.: Medical groups’ adoption of electronic health records and information systems: practices are encountering greater-than-expected barriers to adopting an EHR system, but the adoption rate continues to rise. Health Aff. 24(5), 1323–1333 (2005)CrossRefGoogle Scholar
  3. 3.
    Menachemi, N., Collum, T.H.: Benefits and drawbacks of electronic health record systems. J. Risk Manag. Healthcare Policy 4, 47–55 (2011)CrossRefGoogle Scholar
  4. 4.
    J. T. Boruff, and Storie, Dale,M.L.I.S., M.A. Mobile devices in medicine: A survey of how medical students, residents, and faculty use smartphones and other mobile devices to find information*(*)(**). Journal of the Medical Library Association 102(1), pp. 22–30. 2014Google Scholar
  5. 5.
    Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 89–106. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Doukas, C., et al.: Enabling data protection through PKI encryption in IoT m-Health devices. In: 2012 IEEE 12th International Conference on Bioinformatics & Bioengineering (BIBE). IEEE (2012)Google Scholar
  7. 7.
    Rahman, S.M.M., et al.: Privacy preserving secure data exchange in mobile P2P cloud healthcare environment. Peer-to-Peer Networking and Applications, 1–16 (2015)Google Scholar
  8. 8.
    Jia, W., et al.: SDSM: a secure data service mechanism in mobile cloud computing. In: 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE (2011)Google Scholar
  9. 9.
    Guo, L., et al.: A privacy-preserving attribute-based authentication system for mobile health networks. IEEE Trans. Mob. Comput. 13(9), 1927–1941 (2014)CrossRefGoogle Scholar
  10. 10.
    Wu, J.-H., Wang, S.-C., Lin, L.-M.: Mobile computing acceptance factors in the healthcare industry: a structural equation model. Int. J. Med. Informatics 76(1), 66–77 (2007)CrossRefGoogle Scholar
  11. 11.
    Lu, R., Lin, X., Shen, X.: SPOC: a secure and privacy-preserving opportunistic computing framework for mobile-healthcare emergency. IEEE Trans. Parallel Distrib. Syst. 24(3), 614–624 (2013)CrossRefGoogle Scholar
  12. 12.
    Baig, M.M., GholamHosseini, H., Connolly, M.J.: Mobile healthcare applications: system design review, critical issues and challenges. Australas. Phys. Eng. Sci. Med. 38(1), 23–38 (2015)CrossRefGoogle Scholar
  13. 13.
    Lin, H.: CAM: cloud-assisted privacy preserving mobile health monitoring. IEEE Trans. Inf. Forensics Secur. 8(6), 985–997 (2013)CrossRefGoogle Scholar
  14. 14.
    Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient controlled encryption: Patient privacy in electronic medical records. In: Proceedings of the ACM Cloud Computing Security Workshop, pp. 103–114 (2009)Google Scholar
  15. 15.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    UCI Machine Learning Repository. Accessed 25 Nov 2015
  17. 17.
    Amazon EC2. Accessed July 2014
  18. 18.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    U.S. Department of Health and Human Services. The privacy rule. Accessed 25 Nov 2015
  20. 20.
    Woodside, J.M.: EDI and ERP: a real-time framework for healthcare data exchange. J. Med. Syst. 31(3), 178–184 (2007)CrossRefGoogle Scholar
  21. 21.
    Narayan, S., Gagné, M., Safavi-Naini, R.: Privacy preserving EHR system using attribute-based infrastructure. In: Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop. ACM (2010)Google Scholar
  22. 22.
    Kefford, M.G., Vanderstraeten, A.M.E., Houthooft. M.R.L.: Methods and systems for secure transmission of information using a mobile device. U.S. Patent No. 6,880,079, 12 April 2005Google Scholar
  23. 23.
    Nichols, T.J.: Method and apparatus to secure data transfer from medical device systems. U.S. Patent No. 7,039,810, 2 May 2006Google Scholar
  24. 24.
    Kambourakis, G., Maglogiannis, I., Rouskas, A.: PKI-based secure mobile access to electronic health services and data. Technol. Health Care 13(6), 511–552 (2005)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2016

Authors and Affiliations

  • Doyel Pal
    • 1
    Email author
  • Gobinda Senchury
    • 1
  • Praveenkumar Khethavath
    • 1
  1. 1.Mathematics, Engineering and Computer Science DepartmentLaGuardia Community College, CUNYLong Island CityUSA

Personalised recommendations