JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.

COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

56

Secure Module for Transmissions Data over Unsecured Channel:  Study Case on Electronic Medical Records 
Hamdan O. Alanazi (1, 2, 3), Prof. Dr. Lim (1)
(1)

Department of Computer System and Technology, Faculty of Computer Science and Information Technology, University of Malaya, 50603 Kuala Lumpur, Malaysia
(2)

Faculty of Applied Medical Science, King Saud University, P.O. BOX 2454, Riyadh 11451, Kingdom of Saudi Arabia. Faculty of Computer and Information Technology, Al-Madinah International University, Shah Alam, Malaysia.  

(3)

Abstract
Recently, Health care presents one of the most important subjects in the life. USA government planed to spend 100 $ billion over the next 10 years, according to experts. The Electronic Medical Record is usually a computerized legal medical record created in an organization that delivers care, such as a hospital and doctor's surgery. In age of technology, one of the most important factors for EMR is that securing the records for the patients, protect their rights and knowing the responsible of disclosure their data. Thus, the architecture design of transmission, that could guarantee the privacy of the patients, plays an important role on building a strong relationship among the medical center and the patient. Nevertheless, the design must be carried out with awareness to protect the rights of the patients and maintains the confidentiality, integrity, authenticity and non repudiation. The architecture of a secure transmission for single medical records has been descried in this paper; the author has used UML tools on the design.
Keywords: Electronic Medical Record, Information Security, Data Privacy, Rights of Patient and cryptography algorithms.

INTRODUCTION

appreciate the differentiating qualities of services and resulting management implications with characteristic focus on healthcare aids [2]. Modern medical records can help the scholars to support on those researches [3], for these cases; researchers have used the medical record files to bring

C
 

Omputer, information sciences and technologies are accompanied in life [1]. Services are becoming an important component of

incrementally

national economies and it is critical to

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

57

the required data about the patient [4, 5]. Most of the people consider information about their health to be highly secured, worthy of the strongest protection under the law [6]. Laws in often states and the age-old tradition of doctor-patient privilege has been the mainstay of privacy protection for generations [7]. Electronic medical records pose tremendous problems to system developers [7-10]. Infrastructure and privacy consequences need to be resolved before doctors can even start using the records [9, 10]. Non-intrusive hardware might be required for doctors to do their work (i.e. interview patients) away from their offices [8, 11]. But all the labors to solve these problems will only succeed if acceptable care is also agreed to the design of the user interface [8, 11]. The National Research Council has established that manufacturing spends more than $15 billion on information technology (IT), an amount that is expanding by 20% a year [12]. The president of USA has pledged to invest $10 billion a year over the next five years on the effort; the cost tag for such a system can be around to $100 billion through the next 10 years. Additionally, they note that sticking to his five-year timetable can guarantee to be daunting. E-Medical Records (EMR) systems would come out of the $825 billion economic stimulus package Obama wishes to push through Congress [13-15]. A certain item of information must be secured even more than 30 years after it was stored. It should be stored unchanged all that time, and it must be accessible. Therefore, both of

the technical integrity of the information items and the accountability electronic of the information items should be verifiable. This requires specific signature approaches and procedures that are longlasting and long-verifiable and therefore long provable ones [16-19]. For applications like the electronic medical record, law needs algorithms that are protected for at least 30 years (the legal obligation for EMR) [17, 19, 20]. Confidentiality, Authentication, Authorization, Privacy, Integrity and Nonrepudiation are the factors which are used in the security of connotation for each term clarify the target of that term. Authentication means accommodating the identity of the communicating authorities to one another [21, 22] meaning that authentication approach is a verification approach [23, 24] while Authorization is the process by which we certify whether a subject is owed to access [25] which means the Authorization is the granting or denial of permission to carry out a given action [26-28]. Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems [29, 30]. Integrity involves protecting against unauthorized adaptations (i.e. causeless or intentional) to the data [31]. Non-repudiation is the concept of assuring that a party in a challenge cannot cancel, or refute the validity of a statement or contract [32].

LIMITATION OF RESEARCH

The

paper

outlines

several

objectives. The main objective of the

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

58

paper is to design and implement a secured Electronic Medical Records over the remotely channel. Below I followed the considered scope and out of scope points: 1- The paper designed to cover the communication part of transfer a single record from the server to the end user. 2- The paper spots the light on the problems authentication, of confidentiality, authorization, and

EXPECTED SOLUTIONS

New system will be implemented to secure the communication of transferring the Medical records over the unsecure communication using PK infrastucture. This system will accomplish the requirements of this paper. factors: authentication, this paper.
NON-FUNCTIONAL REQUIREMENTS

These

following

security and

Confidentiality, authorization,

non-repudiation will be achieved in

non-repudiation to ensure the privacy and secrecy of the data and also to identify the person who cause any illegal broadcast to the patient’s records. 3- This paper has not paid any attention to the security of the database. The author has been informed that, the database has been protect from any attacker, in addition, no one has the authority to access the database from illegal ways.

Non-functional

requirements

are

requirements that are not directly concerned with the functions of the system. emergent They might relate to for system features

example reliability, response time and store occupancy. They might identify availability, system and performance, other emergent

features. It means that they are always more critical than individual functional around a requirements. system System that users can often find ways to work function doesn’t really achieve their needs. However, failing to meet a nonfunctional requirement can mean that

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

59

the whole system is unusable. Nonfunctional requirements needed in securing Electronic Medical Records system are identified as performance requirements, safety requirements, and software quality attributes.
The System Engineering Process The waterfall can not be used when there is the need of an update of the requirements intended for and subsequently expensive the and design and coding. The spiral model is large, complicated paper. In this paper, The VSHAPED MODEL will be used.

following phases will fully depend on this phase. In other words, the backbone of this paper is this phase. In this phase can lead the whole paper to be successful.
II. Phase Two:

In this phase, this system will be implemented based on phase 1. The system will be ready to use and the success of this phase will depend on phase 1. Actually this phase just translate of the last phase.
III. Phase Three:

This phase has been divided into the following parts: and Evaluation, Operation, Testing Acceptance and

Maintenance. The target of this phase is to get feedback from users about the system to evaluate whether the user requirements are fulfilled and achieved or not. To
Fig.1 V-model of the System Engineering Process of this paper The paper phases can be divided into the following steps as follows:
I. Phase One:

achieve the target of acceptance, a questionnaire survey has performed the testing. After this phase the paper will be completed.

This phase is the most important phase; this is because all the

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

60

LITURETURE REVIEW
[33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44] They have mentioned about the securing of electronic medical record. However, they do not present which algorithm can be used. [45, 46, 47, 17, 48, 49, 50] They used RSA to secure the EMR. [51] They used ECC to achieve securing for EMR. However the RSA and ECC are entirely broken [52,
53, 54]. [36, 37, 38, 39, 54, 56, 57, 58,

1. Use Cases Digrames of EMR

Fig2. Use Case of Create Account

48, 49, 50, 43, 44] They have discussed some of the factors of the security. This is good but they do not cover the Non Repudiation which is very important element in order to know who is responsible about disclosure the patient record. System Module In this paper System Module has been proposed four type of diagrams which are to handle the final system of Electronic Medical Records Fig4. Use Case of Manage the EMR Transmissions as following: Fig3. Use Case of Login

Fig5. Use Case of Search

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

61

Fi g6. Use Case of View the EMR Fig9. Sequence of Create EMR 2. Sequence Diagrams of EMR

Fig10. Sequence of Edit EMR

Fig7. Sequence of Signup

Fig11. Sequence of Delete EMR

Fig8. Sequence of Login

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

62

Fig12. Sequence of Internal User View

Fig16. Activity diagram of Login

Fig13. Sequence of NonInternal User View 1. Activity Diagrams of EMR

Fig17. Activity diagram of Create EMR

Fig15. Activity diagram of Signup

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

63

Fig20. Activity diagram of Search

Fig18. Activity diagram of Edit EMR

Fig19. Activity diagram of Delete EMR

Fig21. Activity diagram of View EMR

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

64

1. Class Diagram of EMR

Fig14. The Class Diagram of Securing EMR System Risk Analysis Brimary risks taht jeopardize the system functionality and lead to breakdown and error resulting with high inaccuracy:  Human: Human risk on the system shows the wrong usage and data entry, which may permit redundancy and poor indexing.

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

65

Operational: as in permanent or temporary loss of access, and failure in using the system due to accumulating dependent responsibilities, and ineffective sequencing for dissertations, or sometimes; a system crash along with losing all the data.

system

by

not

achieving

users’

requirements.

Conclusion
Due to the speed, flexibility, and efficiency that it offers, the Internet applications system has become the means for conducting growing numbers of transactions between suppliers and large international corporations. The Internet applications system has been widely used in these days. The success of the applications system depends on its flexibility, availability and security. Since that the electronic medical records transmissions system should have a special way to design the system and implement it. Nowadays, the electronic medical records transmissions system one of internet applications system which is widely used looking to provide the best quality system with highly available, fast response, secure and safe to use. The Unified Modeling Language (UML) is the uniquely language which is used to analyse and design any system. In this paper, the UML diagrams have been proposed to illustrate the design phase for any electronic medical records transmissions system. The authors presented four types of modules which are used for the electronic medical records transmissions System. In this paper have been proposed four diagrams module for electronic medical records transmissions system which are Use Case Diagram, Sequence Activity digrames Diagrams, Digrames are Class of diagrams, This handling respectively.

Procedural: includes failures of accountability, related systems and controls, system’s structure incompatibility, cheating/fraud or hacking the system by unknown users.

Implementation risks: of cost over-runs, tasks taking too long and underestimated time scheduling and management.

Technical: from advances in technology, technical failure, use complexity, and low to adaptability/compatibility new/different systems.

Natural threats: from accident, power failure, data loss by servers or backup.

Reputation:

quality

of

the

system

performance, interfaces, and outputs quality and presentation may lead to low usage by researchers and students which do not achieve the intention of the

capable

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

66

requirements of electronic medical records transmissions.

ACKNOWLEDGEMENT
This research was partially supported by the King Saud University, Riyadh, Saudi Arabia, the University of Malaya, Kuala Lumpur, Malaysia and “Al-Madinah International University”, Shah Alam, Malaysia. First and foremost I would like to thank “ALLAH” (SWT), most gracious and most merciful. I would like to thank Prof. Dr. Lim for his continue support, encouragement and valuable discussions during my research work. I also would like to express the deepest appreciation to Professor Abdullah Ben AbdulRahman Abdullah Al-Othman, Dr. Ali ibn Sulaiman Al-Attiyah and Prof. Dr. Mohammad Khalifa Al-Tamimi. My thanks are also extended to Dr. Ali bin Abdullah Alafnan, Dr. Abdullah Alsbail, Dr. Muhammed Al Arifi, Dr. Musaed AL-Jrrah, and Mr. Abdullah Alsbait. Dr.Khalid Alhazmi, Mr. Seraj, Mr. Khalid and all the staff in the King Saud University especially in Applied Medical Science for their unlimited support. Without their notes and suggestions this research would not have appeared. Finally, I would like to express my sincere gratitude to my family for their help and their unconditional support. A very special vote of thanks is due to my beloved mother.

as a lecturer at the King Saud University. Currently, he is a Master’s candidate at the Faculty of Computer Science & Information Technology at the University of Malaya in Kuala Lumpur, Malaysia. He has published many articles. He is has been reviewed in many journals. His research interests are in Cryptography, Steganography, Digital Watermarking, Network Security, Artificial Intelligence, pattern recognitions, signal processing and image processing and Medical Applications.
.

References
1 Rao, V.S., et al., Recent developments in life sciences research: Role of bioinformatics. African Journal of Biotechnology, 2008. 7(5): p. 495-503. 2. de Jager, J.W., A.T. du Plooy, and M.F.

Ayadi, Delivering quality service to in-and outpatients in a South African public hospital. African Journal of Business Management, 2010. 4(2): p. 133-139. 3. Aboelsoud, N.H., Herbal medicine in

ancient Egypt. Journal of Medicinal Plants Research, 2010. 4(2): p. 082-086. 4. Bello, S.I. and O.A. Itiola, Drug

adherence amongst tuberculosis patients in the University of Ilorin Teaching Hospital, Ilorin, Nigeria. African Journal of Pharmacy and

AUTHOR’S PROFILE 
HAMDAN ALANAZI: He has obtained his bachelor’s degree from the King Saud University, Riyadh, Kingdom of Saudi Arabia. He worked as a lecturer at the Health College in the Ministry of Health in Saudi Arabia, and then worked  

Pharmacology, 2010. 4(3): p. 109-114. 5. Bello, S.I., Challenges of DOTS

implementation strategy in the treatment of tuberculosis in a tertiary health institution, Ilorin, Nigeria. African Journal of Pharmacy and Pharmacology, 2010. 4(4): p. 158-164.

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

67

6.

Izet

Masic,

H.P.

Requirements

for

Journal of Mental Health, 2009. 18(3): p. 193197. 15. Mearian, L., Obama's national health

Security and Privacy. in Medical Informatics in Enlarged Europe. 2007. Brijuni, Croatia: Pro Universitate. 7. Barton, B.H., Do Judges Systematically

records system will be costly, daunting But an electronic health records system could save the nation $300B a year, in computerworld. 2009. 16. Bruun-Rasmussen, M., et al., The

Favor the Interests of the Legal Profession. Ala. L. Rev., 2007. 59: p. 453. 8. Plaisant, C., et al. LifeLines: using

impact of EHR and digital electrocardiograms. The new navigators: from professionals to patients: proceedings of MIE2003, 2003. 17. Pharow, P., et al., Security infrastructure

visualization to enhance navigation and analysis of patient records. in Clinical Infrastructure for the 21 st Century. 1998 Orlando, FL: American Medical Informatics Association. 9. Plaisant, C. and A. Rose. Exploring

services for electronic archives and electronic health records. Medical and care compunetics 1, 2004: p. 434. 18. of Brandner, R., et al., Electronic Signature Medical Documents--Integration and

LifeLines to visualize patient records. in American Medical Informatics Association Annual Fall Symposium. 1996. USA: Citeseer. 10. Plaisant, C., et al. Visualizing medical

Evaluation of a Public Key Infrastructure in Hospitals. Methods of Information in MedicineMethodik der Information in der Medizin, 2002. 41(4): p. 321-330.

records with LifeLines. in Conference on Human Factors in Computing Systems. 1998. Los Angeles, California, United States: ACM. 11. Phd, C.P., et al. LifeLines: Using

19.

Pharow, P. and B. Blobel, Electronic archives. International Journal of

Visualization to Enhance Navigation and Analysis of Patient Records. in Aparadigm Shift in Health Care Information Systems: Clinical Infrastructure for the 21 st Century. 1998. Orlando, FL. 12. Anderson, J.G., Security of the

signatures for long-lasting storage purposes in electronic Medical Informatics, 2005. 74(2-4): p. 279-287. 20. Winslade, W.J., Confidentiality of

medical records: An overview of concepts and legal policies. Journal of Legal Medicine, 1982. 3(4): p. 497-533. 21. Needham, R.M. and M.D. Schroeder,

distributed electronic patient record: a casebased approach to identifying policy issues. International Journal of Medical Informatics, 2000. 60(2): p. 111-118. 13. Marmor, T., J. Oberlander, and J. White,

Using encryption for authentication in large networks of computers. Communications of the ACM, 1978. 21(12): p. 999. 22. Annual Bellare, M. and P. Rogaway. Entity International Cryptology Conference

The Obama administration's options for health care cost control: hope versus reality. Annals of Internal Medicine, 2009. 150(7): p. 485. 14. Goldman, H.H., President Obama and

authentication and key distribution. in 13th Santa Barbara, California, USA August 22–26,

Mental Health Policy–the Audacity to Hope.

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

68

1993

Proceedings.

1993.

California,

USA:

31.

Lee, H.J., A review of IPTV threats

Springer. 23. Han, C.C., using et al., Personal 1.

based on the value chain. KSII Transactions on the Internet and Systems, 2009. 3(2): p. 163-77. 32. model. Harb, H., H. Farahat, and M. Ezz. in Anti-counterfeiting, Security and

authentication

palm-print

features*

Pattern Recognition, 2003. 36(2): p. 371-381. 24. and Perrig, A. The BiBa one-time signature broadcast authentication protocol. in

SecureSMSPay: Secure SMS Mobile Payment Identification, 2008. ASID 2008. 2nd International Conference 2008. Guiyang 37. Blobel, B., Advanced tool kits for EPR security. International Journal of Medical Informatics, 2000. 60(2): p. 169-175. 38. Espinosa, A.L., Availability of health data: requirements and solutions. International Journal of Medical Informatics, 1998. 49(1): p. 97-104.

Proceedings of the 8th ACM conference on Computer and Communications Security. 2001. Philadelphia, PA, USA: ACM. 25. Nakamur, Y., S. Hada, and R. Neyama,

Towards the integration of Web services security on enterprise environments. saint-w, 2002: p. 166. 26. From Alfieri, R., R. Cecchini, and V. Ciaschini, gridmap-file to VOMS: managing

39. Kluge, E.H.W., Secure e-health: managing risks to patient health data. International Journal of Medical Informatics, 2007. 76(5-6): p. 402-406. 40. Ahmad, N., Restrictions on cryptography in india-a case studyof encryption and privacy. Computer Law & Security Review, 2009. 25(2): p. 173-180. 41. Julià-Barcelَ R. and T. Vinje, "Towards a , european framework for digital signatures and encryption" : The european commission takes a step forward for confidential and secure electronic communications. Computer Law & Security Report. 14(2): p. 79-86.

authorization in a Grid environment. Future Generation Computer Systems, 2005. 21(4): p. 549-558. 27. Jo, S.M., et al. Access Authorization

Policy for XML Document Security. in Lecture Notes in Computer Science. 2005. Nanjing, China: Springer. 28. Lee, A.J., et al. Traust: a trust

negotiation-based authorization service for open systems. in Proceedings of the eleventh ACM symposium on Access control models and technologies. 2006. Lake Tahoe, California, USA: ACM. 29. research Carney, P.A., et al., Current medicolegal programs. American journal of

42. Janczewski, L. and X. Shi, Development of information security baselines for healthcare information systems in New Zealand. Computers & Security, 2002. 21(2): p. 172-192. 43. Takeda, H., et al., An assessment of PKI and networked electronic patient record system: lessons learned from real patient data exchange at the platform of OCHIS (Osaka Community

and confidentiality issues in large, multicenter epidemiology, 2000. 152(4): p. 371. 30. Stallings, W., Cryptography and network

security. 2010: Prentice Hall.

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

69

Healthcare Information System). International Journal of Medical Informatics, 2004. 73(3): p. 311-316. 44. Hu, J., H.H. Chen, and T.W. Hou, A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations. Computer Standards & Interfaces, 2009. 45. Kalra, H.L.D. and A.H.J. Talmon, Interorganizational Future Proof Ehr Systems A Review Of The Security And Privacy Related Issues. International Journal of Medical Informatics, 2009. 78(3). 46. de Meyer, F., et al., Determination of user requirements for the secure communication of electronic medical record information. International Journal of Medical Informatics, 1998. 49(1): p. 125-130. 47. Rind, D.M., et al., Maintaining the

health information systems. International Journal of Medical Informatics, 2001. 62(1): p. 51-78. 52. Smith, J.P., Authentication of digital medical images with digital signature technology. Radiology, 1995. 194(3): p. 771. 53. Janbandhu, P.K. and M.Y. Siyal, Novel biometric digital signatures for Internet-based applications. Information Management and Computer Security, 2001. 9(5): p. 205-212. 54. Epstein, M.A., et al., Security for the digital information age of medicine: issues, applications, and implementation. Journal of Digital Imaging, 1998. 11(1): p. 33-44. 55. Gobi, M. and K. Vivekanandan, A New Digital Envelope Approach for Secure Electronic Medical Records. IJCSNS, 2009. 9(1): p. 1. 56. Kurosawa, K., K. Okada, and S. Tsujii, Low exponent attack against elliptic curve RSA. Advances in Cryptology—ASIACRYPT'94: p. 376-383. 57. Maitra, S. and S. Sarkar, Revisiting Wiener’s attack–new weak keys in RSA. Information Security Springer Berlin / Heidelberg, 2008: p. 228-243. 58. Tartary, C., Authentication for Multicast Communication. 2007. 59. Sucurovic, S., Implementing security in a distributed 491-496. 60. Smith, E. and J.H.P. Eloff, Security in healthcare information systems--current trends. International Journal of Medical Informatics, 1999. 54(1): p. 39-54. web-based EHCR. International Journal of Medical Informatics, 2007. 76(5-6): p.

confidentiality of medical records shared over the Internet and the World Wide Web. Annals of Internal Medicine, 1997. 127(2): p. 138. 48. O'Brien, D.G. and W.A. Yasnoff, Privacy, confidentiality, and security in information systems of state health agencies. American journal of preventive medicine, 1999. 16(4): p. 351-358. 49. Gritzalis, D.L.D., Long-term verifiability of the electronic healthcare records' authenticity. International Journal of Medical Informatics, 2007. 76(5/6). 50. Bos, J.J., Digital signatures and the electronic health records: providing legal and security guarantees. International journal of bio-medical computing, 1996. 42(1-2): p. 157-163. 51. Blobel, B. and F. Roger-France, A systematic approach for analysis and design of secure

 

JOURNAL OF COMPUTING, VOLUME 2, ISSUE 10, OCTOBER 2010, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

70

61. Van der Haak, M., et al., Data security and protection in cross-institutional electronic patient records. International Journal of Medical Informatics, 2003. 70(2-3): p. 117-130. 62. Ferreira, A., et al. Integrity for electronic patient record reports. 2004: IEEE Computer Society. 63. Smith, J.P., Authentication of digital medical images with digital signature technology. Radiology, 1995. 194(3): p. 771.

 

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.