Telemedicine has become a common method for transmission of medical images and patient data across long distances. With the growth of computer networks and the latest advances in digital technologies, large amount of digital data gets exchanged over various types of insecure networks - wired or wireless. Modern Healthcare Management Systems need to change to accommodate these new advances. There is an urgent need to protect the confidentiality of health care records that are stored in common databases and transmitted over public insecure channels. This chapter outlines DNA sequence based cryptography which is easy to implement and is robust against cryptanalytic attack as there is insignificant correlation between the original record and the encrypted image for the secure storage and transmission of health records.
TopIntroduction
India is providing quality health care of international standards at a relatively low cost and has attracted the patients from across the globe. India is now one of the favorite destinations for the health care services. With the advances in technology that is witnessed each passing day, there is not a dimension of development that can sustain unless technology is embraced by it. Information Technology receives a benevolent face when it delivers value addition to medical field. It ranges from processing of patient data to computer aided drug discovery. One of the greatest challenges facing mankind in the 21st century is to make high-quality health care available to all. Such a vision has been expressed by the World Health Organization (WHO) in its health-for-all strategy in the 21st century. A Health Telematics Policy, a document from World Health Organization states telemedicine motivation as - “…integrate the appropriate use of health telematics in the overall policy and strategy for the attainment of health for all in the 21st century, thus fulfilling the vision of the world in which benefits of science, technology and public health development are made equitable available to all people everywhere”. Telemedicine is defined as, “the delivery of health care and the exchange of health information across distances including all medical activities: making diagnosis, treatment, prevention, education and research” (Wootton & Craig, 1999). Telemedicine is connecting remote locations and helps in addressing the inadequacies associated with health care. Telemedicine can improve equity of access to health care in the rural and urban areas. Widespread adoption of telemedicine would permit decentralization and could potentially have the greatest effect, allowing underserved people to benefit from a greatly improved standard of health care. In remote or rural areas, telemedicine could have a great impact, permitting better diagnostic and therapeutic services, faster and easier access to medical knowledge, obviating the need for patients and health-care workers to travel. Even in urban areas, however, telemedicine can improve access to health services and to information. A health record may contain patient information along with a scanned image. According to Norcen et al (2003), “The organization of today’s health systems often suffers from the fact that different doctors do not have access to each other’s patient data. The enormous waste of resources for multiple examinations, analyses, and medical check-ups is an immediate consequence. In particular, multiple acquisitions of almost identical medical image data and loss of former data of this type have to be avoided to save resources and to provide a time-contiguous medical report for each patient. A solution to these problems is to create a distributed database infrastructure where each doctor has electronic access to all existing medical data related to a patient, in particular to all medical image data acquired over the years. When such an infrastructure is established, it is possible to give precise, advanced, and entire information about patients at the time of care, permit speedy access to patient records for more synchronized and well organized care and distribute digital information to patients and other clinicians Additionally, many medical professionals are convinced that the future of health care will be shaped by tele-radiology, tele-cardiology and technologies such as telemedicine in general. Telemedicine is of most use to the remote and disconnected areas which do not have access to best of medical care, both infrastructural and human resource. With advancement in mobile technologies, mobile apps can be developed which can work in synchronization with the ERP system at the hospital. Thus, Telemedicine reaches wider audience through the outreach of smartphones. Remote prescription, drug administration, oversight etc. can be managed remotely and thus reducing the travel, nursing and hospital admitting costs. In the fields like psychiatry, telemedicine is the most effective way, as videoconferencing is required. Post-surgical monitoring can also be done remotely as patient may be allowed to recover in congenial homely environment. Shortage of physicians and paramedical persons can be addressed with initial investment in telemedicine technology. Though there are several advantages of Tele-medicine, several threats like accidental disclosure, insider curiosity, insider subordination, uncontrolled secondary usage and outsider intrusion exist to patient information confidentiality. Accidental disclosure occurs when medical personnel make innocent mistakes during multiple electronic transfers of data to various entities, medical personnel and cause disclosure of data. Insider curiosity is the result of misusing their access rights to patient information out of curiosity. Insider subordination results when medical personnel leak out personal medical information for spite, profit, revenge, or other purposes. Uncontrolled secondary usage occurs when those who are granted access to patient information solely for the purpose of supporting primary care can exploit that permission for reasons not listed in the contract, such as research. Outsider intrusion occurs when former employees, network intruders, hackers, or others may access information, damage systems or disrupt operations. All electronic health information must be encrypted and decrypted as necessary according to user defined preferences in accordance with the best available encryption key strength. During data exchange all electronic health information must be suitably encrypted and decrypted when exchanged in accordance with an encrypted and integrity protected link. All actions related to electronic health information must be recorded with the date, time, patient identification, and user identification whenever any electronic health information is created, modified, deleted, or printed; and an indication of which action(s) took place must also be recorded. As health care records contain health information which is protected under legislation, image encryption schemes for health care records have been increasingly studied to meet the demand for real-time secure storage and transmission over the Internet.