Secure Electronic Healthcare Records Management in Wireless Environments

Secure Electronic Healthcare Records Management in Wireless Environments

Petros Belsis (Technological Education Institute, Greece), Christos Skourlas (Technological Education Institute, Greece) and Stefanos Gritzalis (University of the Aegean, Greece)
Copyright: © 2013 |Pages: 18
DOI: 10.4018/978-1-4666-3625-5.ch015


Wireless technologies have lately been integrated in many types of environments; their development is able to provide innovative services minimizing costs and the time necessary to identify the necessary information. However medical information is very sensitive since it contains critical personal data. Security and privacy preservation are very critical parameters. Lately, innovative technologies such as software agents’ technology have been utilized to support distributed environments. Presented is an architecture that allows secure medical related information management using software agents; this work expands previous research (Belsis, Skourlas, & Gritzalis, 2011). The authors present a security oriented solution and also provide experimental evidence about the capability of the platform to operate in wireless environments with large number of users.
Chapter Preview


During the last years handheld devices have been through a major technology shift. Their memory and processor capabilities have substantially improved providing new features and capabilities to their users; this has led to their integration in a large number of environments. Medical environments have gained a lot from the utilization of wireless devices. Doctors are able to retrieve the necessary information using handheld devices, while being next to the patient. Usually within the range of a clinic a wireless network is easy to deploy, providing thus the doctors with the necessary information independently of the exact location (Belsis, Vassis, Skourlas, & Pantziou, 2008).

From this point of view, access to information becomes ubiquitous since there is no need to approach a steady point to access the necessary information. In the past this was not so easy to achieve, since it was necessary to access a specific stable point for this purpose; on the other side with today’s technologies a lot of the necessary functionalities are provided by mobile devices.

For instance, a doctor may acquire valuable information about a patient’s condition while approaching a patient using a mobile device which collects data from a sensor attached to the patient; accordingly the doctor using the same device may collect more information by querying a database for details stored regarding the health condition of this patient. This treatment model becomes beneficial in case of emergency situations, or alternatively in emergency camps and in any other case characterized by lack of fixed, wired infrastructures.

The integration of wireless devices to support medical environments enables us to lower the costs, to improve the quality of healthcare services and to provide innovative services. However, there are several things that need to be considered, related mainly to the security and privacy of medical information. Medical information is sensitive, in a matter that allows determination of a person’s physical condition. Legislation also imposes very strict rules regarding the storage and processing of medical information.

These issues need to be taken under consideration and must result in the incorporation of appropriate characteristics in the developed architectures, as well as with the embodying of appropriate security solutions that guarantee the security properties of medical information. Among the main design and implementation challenges we can distinguish (Vassis, Belsis, Skourlas, & Pantziou, 2008):

  • The capability to provide information to doctors independently of their exact location;

  • Achievement of information integration using interoperable standards for medical information storage and exchange;

  • The ability to ensure that no sensitive medical information will be disclosed to unauthorized parties.

Mobile environments integrate a variety of heterogeneous applications, and demand flexible management of resources, available to wirelessly interconnected users and devices. Policy based management has supported efficiently the secure management of target resources which often span the borders of an organizational domain. Static oriented security management solutions fail, since there is no central administration available and due to several factors such as the large number of participant users, the mobility of users and devices, there is a necessity for flexible, context related applicability of access control decisions.

  • The volatility of these environments makes developers forced to deal with contradictory requirements:

    • The necessity to provide access from anywhere to anyone authorised to use medical related information,

    • Ensuring at the same time non-disclosure of treatment-related information to non-authorised persons.

These restrictions direct our choices towards the creation of an appropriate architecture and towards the selection of appropriate security technologies that comply with the strict privacy and security restrictions related with medical wireless infrastructures.

Complete Chapter List

Search this Book: