Risk Reduction Privacy Preserving Approach for Accessing Electronic Health Records

Abstract

In the healthcare field, preserving privacy of the patient's electronic health records has been an elementary issue. Numerous techniques have been emerged to maintain privacy of the susceptible information. Acting as a first line of defence against illegal access, traditional access control schemes fall short of defending against misbehaviour of the already genuine and authoritative users: a risk that can harbour overwhelming consequences upon probable data release or leak. This paper introduces a novel risk reduction strategy for the healthcare domain so that the risk related with an access request is evaluated against the privacy preferences of the patient who is undergoing for the medical procedure. The proposed strategy decides the set of data objects that can be safely uncovered to the healthcare service provider such that unreasonably repeated tests and measures can be avoided and the privacy preferences of the patient are preserved.