Lee & Lee (2008), proposed to comply with the Health Insurance Portability and

Accountability Act of 1996 (HIPAA) regulations; a flexible cryptographic key

management solution is to facilitate interoperations among the applied cryptographic
mechanisms. In addition, cases of consent exceptions intended to facilitate emergency
applications and other possible exceptions can also be handled easily.

Benaloh Chase Horvitz & Lauter (2009), proposed a Patient Controlled

Encryption (PCE) to secure and provide storage of patients’ medical records. The system
is based on a hierarchical encryption system. The patient’s record is partitioned into a
hierarchical structure, each portion of which is encrypted with a corresponding key. The
patient is required to store a root secret key, from which a tree of subkeys are derived. The
patient can also generate and distribute trapdoors for selectively searching portions of the
record. It achieve secure and private Electronic Medical Records (EMRs) storage while
maintaining efficiency and functionality, including search ability and delegation.

Hu Chen & Hou (2010), proposed a Hybrid Public Key Infrastructure solution
(HPKI) to comply with the HIPAA regulations. The proposed HPKI has delegated the
trust and security management to the medical service provider during the contract period,
which is more realistic. The cryptographically strong PKI scheme is deployed for the
mutual authentication and the distribution of sensitive yet computational non-intensive data
while efficient symmetric cryptographic technology is used for the storage and
transmission of high volume of medical images. Encryption of very high volume of digital
medical images is still challenging and is an interesting topic for future research.

Onik et al. (2012), proposed a secured Health cloud architecture for patient’s
health data collection. Proposed a Cipher Text-Policy Attribute Based Encryption (CP-
ABE) within cloud infrastructure to guarantee data security, privacy and fine-grained
access control of data. It also gives constraint on attributes of different types of patients to
reduce unnecessary data storage. Proposed system allows the users to have a fine-grained
access control using private keys to decrypt the encrypted files. Through performance
evaluation the time needed for key generation, encryption and decryption has been
measured.

Ibrahim et al. (2016), discussed a new framework where it permits secure

sharing of EHRs through the Cloud with various healthcare providers. The framework
makes sure the confidentiality, integrity, authenticity, availability and audit ability of
EHRs. The framework addresses the security requirements and meets the security
standards defined in the technical safeguards of the HIPAA security rule.

Zhou et al. (2016), considered a novel role-based encryption technique to build

a secure and flexible large-scale EHR system where role-based access control policies are
enforced in a cloud environment. Then discuss a practical EHR system called the
Personally Controlled Electronic Health Record (PCEHR) system by the Australian
Government and show how the security weaknesses in the PCEHR system can be
addressed by our proposed scheme. The proposed system has the potential to be useful in
commercial healthcare systems as it captures practical access policies based on roles in a
flexible manner and provides secure data storage in the cloud enforcing these access
policies.

Shenai & Aramudhan (2017), proposed work sharing of various Health &
Medical records through different stakeholders in a timely and choosy manner is the at
most necessity for global quality healthcare treatment. This work discussed a federated
cloud computing framework, where the sharing of Health & Medical records through the
different stakeholders with ease of timely access, make sure the privacy & integrity of the
records. Results have validated the discussed methods through taking part a set of rigorous
calculation study through the CloudSim toolkit.

Gitanjali et al. (2011) suggested a cloud application that helps patients and
doctors manage and access their medical data through a mobile device. The proposed
solution uses mobile cloud to store and manage medical records. Technically, the server
module uses XML files and oracle 10i express edition and implemented on EyeOS
platform. In parallel, the client module is developed using Java Eclipse and Android SDK.
For privacy reason, it uses client’s ID for authentication and access control. Moreover, data
is compressed through JPEG2000 technique to enhance security and to improve
performance.

Bessani et al. (2013), DEPSKY, proposed a system that improves the

availability, integrity and confidentiality of information stored in the cloud through the
encryption, encoding and replication of the data on diverse clouds that form a cloud-of-
clouds or Multi cloud. The paper also presented an extensive evaluation of the system. The
key conclusion is that it provides confidentiality and improved availability at a cost roughly
double of using a single cloud for a practical scenario, which seems to be a great
compromise for primary and critical applications such as Health Care content. It clearly
indicates that the proposed technique is not designed to provide copyright protection which
is a critical requirement for a cloud-based environment