Files in this item



application/pdfSe Eun_Oh.pdf (4MB)
(no description provided)PDF


Title:Privacy-preserving audit for broker-based health information exchange
Author(s):Oh, Se Eun
Advisor(s):Gunter, Carl A.
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Health information technology
Formal logic
Hierarchical identity based encryption
Abstract:Health Information Technology has spurred the development of distributed systems known as Health Information Exchanges (HIEs) to enable the sharing of patient records between different health care organizations. Participants using these exchanges wish to disclose the minimum possible amount of information that is needed due to patient privacy concerns over sensitive medical information. Therefore, broker-based HIEs aim to keep limited information in exchange repositories and to ensure faster and more efficient patient care. It is essential to audit these exchanges carefully to minimize the risk of illegitimate data sharing. This thesis presents a design for auditing broker-based HIEs in a way that controls the information available in audit logs and regulates its release during audit investigations based on the requirements of applicable privacy policy. In our design, we utilized formal rules to verify access to HIE and adopted Hierarchical Identity-Based Encryption (HIBE) to support the staged release of data required for audits and a balance between automated and manual reviews. We test our methodology with a consolidated and centralized audit source that incorporates a standard for auditing HIEs called the Audit Trail and Node Authentication Profile (ATNA) protocol with supplementary audit documentation from HIE participants.
Issue Date:2014-05-30
Rights Information:Copyright 2014 Se Eun Oh
Date Available in IDEALS:2014-05-30
Date Deposited:2014-05

This item appears in the following Collection(s)

Item Statistics