Securing access to medical information is vital to protecting patient privacy. However, Electronic Patient Record (EPR) systems are vulnerable to a number of inside and outside threats. Adversaries can compromise EPR client machines to obtain a variety of highly sensitive information including valid EPR login credentials, without detection. Furthermore, medical staff can covertly view records of their choosing for personal interest or more malicious purposes. In particular, we observe that the lack of integrity measurement and auditability in these systems creates a potential threat to the privacy of patient information. We explore the use of virtualization and trusted computing hardware to address these problems. We identify open problems and encourage further research in the area. © 2009 Vieweg+Teubner Verlag | GWV Fachverlage GmbH, Wiesbaden.
CITATION STYLE
Gardner, R., Garera, S., Rubin, A. D., Rajan, A., Rozas, C. V., & Sastry, M. (2009). Protecting Patient Records from Unwarranted Access. In Future of Trust in Computing: Proceedings of the First International Conference Future of Trust in Computing 2008: With 58 Illustrations (pp. 122–128). Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9324-6_13
Mendeley helps you to discover research relevant for your work.