A Privacy Management Architecture for Patient- Controlled Personal Health Record System

Patient-controlled personal health record system can help making health care safer, cheaper, and more convenient by facilitating patients to 1) grant any care provider to access their complete personal health records anytime from anywhere, 2) avoid repeated tests and 3) control their privacy transparently. In this paper, we present the architecture of our devised Privacy-aware Patient-controlled Personal Health Record (PHR) system through which a patient can view her integrated health history, and share her health information transparently with others (e.g., healthcare providers). Access to the health information of a particular patient is completely controlled by that patient. We also carry out intuitive security and privacy analysis of the PHR system architecture considering different types of security attacks. Finally, we describe a prototype implementation of PHR system that we developed reflecting the special view of Japanese society. The most important advantage of PHR system over other existing systems is that most likely PHR system provides complete privacy protection without losing data accuracy. Unlike traditional partially anonymized health records (e.g., using kanonymity or l-diversity), the health records in PHR are closer to completely anonymity, yet preserve data accuracy. Our approach makes it very unlikely patients could be identified by an attacker from their anonymous health records in PHR system.