DAPriv: Decentralized architecture for preserving the privacy of medical data
This addresses privacy and security concerns for patients and medical entities in electronic health data transactions, though it appears incremental as it builds on existing decentralized and hybrid computing approaches.
The paper tackles the problem of medical data privacy by proposing a decentralized architecture using hybrid computing and decentralized key management to prevent re-identification attacks, specifically a re-assembly attack, and demonstrates its suitability for efficient use of existing infrastructure like mobile phones and cloud storage.
The digitization of the medical data has been a sensitive topic. In modern times laws such as the HIPAA provide some guidelines for electronic transactions in medical data to prevent attacks and fraudulent usage of private information. In our paper, we explore an architecture that uses hybrid computing with decentralized key management and show how it is suitable in preventing a special form of re-identification attack that we name as the re-assembly attack. This architecture would be able to use current infrastructure from mobile phones to server certificates and cloud based decentralized storage models in an efficient way to provide a reliable model for communication of medical data. We encompass entities including patients, doctors, insurance agents, emergency contacts, researchers, medical test laboratories and technicians. This is a complete architecture that provides patients with a good level of privacy, secure communication and more direct control.