Electronic Health Record (EHR) – Security and Integral Longevity

As most Western countries Ireland has started to look at the concept of introducing an Electronic Health Record (EHR) at one point in the future. This has been marked as the cornerstone of the eHealth Strategy implementation in Ireland. Some of the challenges with implementing an EHR come from security and integrity concerns in relation to the overall live span of an individual health record. Today’s security mechanisms will be subject to exploitation in the future with the advances in Quantum computing technology. A further aspect is the integrity of the stored health records. Security concepts considered need to address the security and integrity concerns in relation to the requirement that health records will need to be stored over a long-time horizon (decades, even centuries).

Scientists at the TU Darmstadt have developed a solution to address these concerns. In collaboration with Japanese and Canadian partners their project LINCOS (Long-Term Integrity and Confidentiality Protection System) will be piloted in Japan in the coming weeks. LINCOS is utilising the concept of Secret Sharing; data records being broken down into parts that are stored on different servers. Data obtained from a compromised server will not be sufficient to construct usable information. Secondly, the project introduces a cryptographic primitive called long-term commitment to guaranty the integrity of stored health records. Thirdly, to deliver a comprehensive security solution the project proposes the replacement of the encryption step used for securing the communication between Hospitals and database servers with the Quantum Key Distribution (QKD) secure communication method.

Further information at https://longtermsecurity.org/.

  • Share:

Leave a Reply

Send a Message