Objective: We present an integrated set of technologies, known as the Hippocratic Database, that enable healthcare enterprises to comply with privacy and security laws without impeding the legitimate management, sharing, and analysis of personal health information. Approach: The Hippocratic Database approach to securing electronic health records involves (1) active enforcement of fine-grained data disclosure policies using query modification techniques, (2) efficient auditing of past database access to verify compliance with policies and track security breaches, (3) data mining algorithms that preserve privacy by randomizing information at the individual level, (4) de-identification of personal health data using an optimal method of k-anonymization, and (5) information sharing across autonomous data sources using cryptographic protocols. Conclusions: Our research confirms that policies concerning the disclosure of electronic health records can be reliably and efficiently enforced and ...
Rakesh Agrawal, Christopher M. Johnson