1 / 18

Verifiable and Redactable Medical Documents

This paper addresses the challenges of managing verifiable medical records, focusing on improving the efficiency and manageability of distributing various views of these records. We propose a novel process involving data providers, data consumers, and institutional boundaries with the support of intermediaries. Our approach incorporates cryptographic methods, specifically Merkle Hash Trees, for ensuring verifiability and redaction of data. We present an overview of our performance results, detailing time efficiencies and optimizations achieved in document processing, with future directions in redaction tracking and pseudonymization.

tan
Download Presentation

Verifiable and Redactable Medical Documents

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Jordan Brown (jbrown6@gatech.edu) & Douglas M. Blough Verifiable and Redactable Medical Documents

  2. Problem It is difficult and time consuming to distribute different views of verifiable medical records. We want to make the process more manageable and efficient.

  3. Proposed Process Data Provider Data Consumers Institutional Boundaries Intermediary

  4. Related Works • Application of the work seen in paper by Bauer, Blough, and Cash (ACM 2008) • Other similar approaches – (CDA Documents) • Wu et al (JMS 2010) • Slamanigand Stingl (IEEE 2009) • Slamanig and Rass (Springer 2010)

  5. Continuity of Care Document (CCD)

  6. Cryptographic Primitives Concepts For Building Merkle Hash Trees Public Key Signatures Use secret key in combination with message to sign Send signed message and original message Using public key on signed message returns the original message If actual message matches calculated message the signature verifies • Hash Function • One-way function • Variable length input • Maps to fixed length output • Statistically unlikely to find/calculate collisions • Computationally cheap compared to signatures

  7. Merkle Hash Tree (MHT)

  8. MHT Continued • Redaction • Remove unused data • Keep Hashes • Prune Tree • Verification • Reconstruct remainder of tree • Verify the root signature 1 2

  9. Multi-Level MHTs … … … Root … … … Multi-level signatures Comprehensive document across multiple sources

  10. CCD Contained in MHT

  11. Continued

  12. Performance Results

  13. Overview Setup Dataset 206 Records Average element count of 190 Maximum element count was 828 Average extraction time was 312 ms Optimizations have since been made (~10%) Remaining results found with permutations of a single record • All times (CPU) • Eclipse 3.6.2 with Java SE 1.6 • Windows 7 PC with 2.4 GHz Intel Core i5 and 4GB RAM

  14. Data Provider Overhead • Not included in time • Process single document • Extract relevant items • Included • Create leaves • Form tree • Sign root • Structure construction much more efficient than extracting elements Tree Construction

  15. Intermediary Overhead • Setup • Create multi-level tree with 20 sub-trees • Process • Randomly redact from even distribution of trees • Prune after each redaction • Very fast operation Tree Redaction

  16. Data Consumer Overhead • Not included: • Document reconstruction • Included: • Reconstruct hashes • Verify root signature • Cost comparable with construction • Document reconstruction expensive Tree Verification

  17. Conclusions &Future Additions • Computationally Efficient Verifiable Redactable Data • Dependencies – Bauer et al. (ACM 2009) • Redaction Tracking – Izu et al. (2005) • Pseudonymization – Haber et al. (ACM 2008) • Sanitization (Invisibility) – Miyazaki et al. (ACM 2006) • Distributed Approach to Research Data Access Tracking and Control (joint work with Emory University Center for Clinical Informatics)

  18. Questions/Comments?

More Related