Enhancement of Structured Reporting - an Integration Reporting Module with Radiation Dose Collection Supporting.

Collection of radiation dose derived from radiological examination is necessary not only for radiation protection, but also for fulfillment of structured reports. However, the material regarding of radiation dose cannot be directly utilized by the Radiological Information System (RIS) since it is generated and only stored in the Picture Archiving and Communication System (PACS). In this paper, an integration reporting module is proposed to facilitate handling of dose information and structured reporting by providing two functionalities. First, a gateway is established to automatically collect the related information from PACS for further analyzing and monitoring the accumulated radiation. Second, the designated structured reporting patterns with corresponding radiation dose measurements can be acquired by radiologists as necessary. In the design, the radiation dose collection gateway and the well-established pattern are collocated to achieve that there is no need to do manual entry for structured reporting, thus increasing productivity and medical quality.

Medical cooperative authenticated key agreement schemes with involvement of personal care assistant in telemedicine.

BACKGROUND AND OBJECTIVE: Due to the mature development of information and network technology, telemedicine is increasingly able to facilitate the implementation of long-term care for patients with disabilities. Such patients may, however, not be adept at usage of such technological products, thus personal care assistants (PCAs) are required to assist in such usage. While PCAs collaborate with patients in operating telehealth systems, such use also poses challenges to security and raises concerns involving the authenticity of all the related participants. Even mutual authentication between patients and physicians can be a challenge when patients change or have multiple physicians, which raises key management concerns. METHODS: A cooperative authenticated key agreement scheme is developed to address the various security scenarios when providing telemedicine care to patients with a disability. In addition, an enhanced version scheme with group key exchange functionality is proposed to satisfy situations where more than one physician is involved in providing services during a medical consultation situation. RESULTS: The proposed schemes achieve the scenarios of PCAs involvement and group consultation in telemedicine with perfect security properties including mutual authentication, session key agreement, forward secrecy, known-key security, impersonation attack prevention, replay attack prevention, and insider attack prevention. The performance analysis is demonstrated to show the feasibility of our schemes. CONCLUSIONS: Two schemes are presented for a patient with a disability in a telemedicine scenario. The first scheme establishes a solution for a typical situation where the patient and a personal care assistant cooperatively log into the telemedicine system and achieve a key agreement with the designated physician. Considering the case of multiple physicians' collaboration, the second scheme provides a solution by forming a group for the patient and physicians and then distributes a group key between the group members to set up a secure communication platform.

A HIPAA-compliant key management scheme with revocation of authorization.

Patient control over electronic protected health information (ePHI) is one of the major concerns in the Health Insurance and Accountability Act (HIPAA). In this paper, a new key management scheme is proposed to facilitate control by providing two functionalities. First, a patient can authorize more than one healthcare institute within a designated time period to access his or her ePHIs. Second, a patient can revoke authorization and add new authorized institutes at any time as necessary. In the design, it is not required to re-encrypt ePHIs for adding and revoking authorizations, and the implementation is time- and cost-efficient. Consent exception is also considered by the proposed scheme.

A novel key management solution for reinforcing compliance with HIPAA privacy/security regulations.

Digitizing medical records facilitates the healthcare process. However, it can also cause serious security and privacy problems, which are the major concern in the Health Insurance Portability and Accountability Act (HIPAA). While various conventional encryption mechanisms can solve some aspects of these problems, they cannot address the illegal distribution of decrypted medical images, which violates the regulations defined in the HIPAA. To protect decrypted medical images from being illegally distributed by an authorized staff member, the model proposed in this paper provides a way to integrate several cryptographic mechanisms. In this model, the malicious staff member can be tracked by a watermarked clue. By combining several well-designed cryptographic mechanisms and developing a key management scheme to facilitate the interoperation among these mechanisms, the risk of illegal distribution can be reduced.