Converting medical records to an electronic format would allow seamless information sharing among health care providers and give patients control over their medical records. Moreover, such records could produce significant cost-saving efficiencies while improving the quality of health care.

One big challenge, however, is facilitating information sharing among different organizations while protecting patients' privacy.

"Security and usability sometimes are at odds with each other," says Mustaque Ahamad, director of the Georgia Tech Information Security Center (GTISC) and a co-principal investigator for the MedVault project, which addresses that very problem.

Ahamad works with a Georgia Tech faculty team, in collaboration with Children's Healthcare of Atlanta, to develop a proof-of-concept prototype that meets the key requirements for secure electronic medical record (EMR) sharing and can be integrated into healthcare information technology systems.

Medvault Quote BoxThe group has developed new types of cryptographic mechanisms that fall within the category of "redactable signature schemes." It's an approach in which health care providers supply a third party with medical records such as doctors' notes, x-rays and diagnoses. Records can be linked when appropriate; an x-ray may require a written analysis, for example, which is treated as a separate record in the system.

Requests for records are submitted to the third party, which follows an authorization policy established for each patient before information is released from its secure database. Each step in the process is safeguarded by digital certification and authentication requirements, and the data itself is encrypted.

For example, a patient who wishes to manage his or her own medical information would be able to download the records directly with a smart phone or PDA. (Though, at present, adequate security is virtually nonexistent for such devices, Ahamad says.)

Usability—for both data providers and end users—should not be a limiting factor, Ahamad adds. But at the same time, having the freedom to manage their own medical records means patients "will have to understand how to control access to their data wisely."


The architecture of MedVault’s sharing framework.


Appropriate access for appropriate groups

Ling Liu is an associate professor in the School of Computer Science and also a MedVault co-principal investigator. She says the key to security ultimately rests with educating patients to exercise discretion in sharing their records.

"They want security and privacy, but sometimes it's hard for an individual to know what level of security and privacy they need," Liu says. "Things that you want your doctor to know, you might not want your employer to know because there could be negative consequences in terms of opportunities for employment or promotion."

In addition to privacy and ethical issues, Liu is involved with developing technology for storage-level access to MedVault records which, by allowing patients to selectively disclose or redact their information, also affords a level of privacy.

Patients ultimately retain control of their information

According to co-principal investigator Doug Blough, a professor in the School of Electrical and Computer Engineering, "We want to retain patient control over when those records are provided, what parts of the record are provided and to whom they are provided."

"We also want the information to be verifiable as coming from the original health care provider," Blough continues. "These redactable signature schemes allow for patients to selectively disclose information, but still allow it to be verified based on an electronic signature given by the original healthcare provider."

MedVault's benefits are apparent to anyone who has completed the same medical history paperwork over and over again, or searched in vain for 20-year-old vaccination records. The system would also improve the quality of health care by making comprehensive, up-to-date medical records immediately available to medical professionals.

"A significant number of deaths in the United States each year are attributed to mistakes at hospitals, a number of which are due to drug allergies the doctor wasn't aware of," Ahamad says. "With complete medical histories readily available, many if not most of those premature deaths might have been prevented."

Via wireless Internet, medical data could even assist emergency medical technicians at an accident site or nurses in a home-health care setting.

"It all comes down to having the right information at the right time," says Ahamad.