Anonymous E-prescriptions

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Anonymous E-prescriptions

Full text

Pdf (304 KB)

Source

Workshop On Privacy In The Electronic Society archive
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society table of contents

Washington, DC

Pages: 19 - 31

Year of Publication: 2002

ISBN:1-58113-633-1

Authors

Giuseppe Ateniese	The Johns Hopkins University, Baltimore, MD
Breno de Medeiros	The Johns Hopkins University, Baltimore, MD

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 15, Downloads (12 Months): 89, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/644527.644530 What is a DOI?

ABSTRACT

This paper studies issues related to privacy protection of medical data, arguing that the topic is suitable for applied cryptographic research.We present the problem of medicine prescription privacy and describe a practical system that employs standard cryptographic techniques to achieve several improvements over current practices. We also introduce a very simple tool: Online group signatures which can be built via simple primitives implemented in commonly employed cryptographic libraries.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	M. Abadi, Two Facets of Authentication, Proceedings of the 11th IEEE Computer Security Foundations Workshop, p.27, June 09-11, 1998
	2	T. Albert. Doctors ask AMA to assure some privacy for their prescription pads. In http://www.ama-assn.org/sci-pubs/amnews/pick_00/prl11225.htm, American Medical News. 2000.
	3	T. Albert. Records privacy extended to pharmacies. In http://www.ama-assn.org/sci-pubs/amnews/pick_01/-prsb0402.htm, American Medical News. 2001.
	4	A. Allen. Exposed. In http://www.washingtonpost.com/wp-srv/national/-longterm/exposed/exposed1.htm, The Washington Post.
	5	R. J. Anderson. NHS wide networking and patient confidentiality. In http://www.cl.cam.ac.uk/ftp/users/rja14/bmj.ps.Z, British Medical Journal. 1995.
	6	R. J. Anderson, A security policy model for clinical information systems, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.30, May 06-08, 1996
	7	R. J. Anderson. Problems with the NHS cryptography strategy. In http://www.cl.cam.ac.uk/users/rja14/-zergo/zergo.html. 1997.
	8	Giuseppe Ateniese , Jan Camenisch , Marc Joye , Gene Tsudik, A Practical and Provably Secure Coalition-Resistant Group Signature Scheme, Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology, p.255-270, August 20-24, 2000
	9	G. Ateniese, D. Song, and G. Tsudik. A Quasi-Efficient Revocation of Group Signatures. In Financial Cryptography (FC'02), 2002.
	10	Giuseppe Ateniese , Gene Tsudik, Some Open Issues and New Directions in Group Signatures, Proceedings of the Third International Conference on Financial Cryptography, p.196-211, February 01, 1999
	11	A. Brandt. Privacy watch: A handful of insurance and medical industry companies want to sell your personal data, but you can stop them. In http://www.pcworld.com/features/article/0,aid,43762,00.asp, PCWorld.com. 2001.
	12	Emmanuel Bresson , Jacques Stern, Efficient Revocation in Group Signatures, Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography, p.190-206, February 13-15, 2001
	13	Jan Camenisch and Anna Lysyanskaya. Efficient Revocation of Anonymous Group Membership. In Cryptology ePrint Archive, Report 2001/113.
	14	Jan Camenisch , Markus Michels, A Group Signature Scheme with Improved Efficiency, Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology, p.160-174, October 18-22, 1998
	15	Jan Camenisch , Markus Stadler, Efficient Group Signature Schemes for Large Groups (Extended Abstract), Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, p.410-424, August 17-21, 1997
	16	David Chaum , Torben P. Pedersen, Wallet Databases with Observers, Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, p.89-105, August 16-20, 1992
	17	D. Chaum and E. van Heyst. Group signatures. In Advances in Cryptology --- EUROCRYPT '91, volume 547 of LNCS, pages 257--265. Springer-Verlag, 1991.
	18	L. Chen and T. P. Pedersen. New group signature schemes. In Advances in Cryptology --- EUROCRYPT '94, volume 950 of LNCS, pages 171--181, 1995.
	19	Shafi Goldwasser , Silvio Micali , Ronald L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal on Computing, v.17 n.2, p.281-308, April 1988 [doi>10.1137/0217017]
	20	Shai Halevi , Silvio Micali, Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.201-215, August 18-22, 1996
	21	C. Jabs. The myth of privacy: Technology is putting your medical history on public view-and you in jeopardy. FamilyPC, 2001.
	22	N. Keene, W. Hobbie, and K. Ruccione. Childhood cancer survivors. In http://www.patientcenters.com/survivors/news/jobs.html, OncoNurse.com.
	23	Hugo Krawczyk, The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?), Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.310-331, August 19-23, 2001
	24	J. Ledbetter. Is buying drugs on the web too easy? In http://www.cnn.com/TECH/computing/9906/29/drugs.idg/index.html, CNN.com.
	25	S. Lehrman. Keeping your genes private. GeneLetter.
	26	D. F. Linowes and R. C. Spencer. How employers handle employees' personal information. In http://www.kentlaw.edu/ilw/erepj/v1n1/lino-main.htm, 1997.
	27	S. Martin. Insurers project big increases in prescription drug spending. In http://my.webmd.com/content/article/3645.103, WebMD.com.
	28	V. Matyáš Jr. Protecting doctor's identity in drug prescription analysis. Health Informatics Journal, 4.4, 1998.
	29	Torben P. Pedersen, Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing, Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, p.129-140, August 11-15, 1991
	30	E. H. Shortliffe and G. O. Barnett. Medical data: Their acquisition, storage and use. In E. H. Shortliffe et al., editors, Medical Informatics, chapter 2. Springer, 2nd edition, 2000.
	31	Dawn Xiaodong Song, Practical forward secure group signature schemes, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA [doi>10.1145/501983.502015]
	32	Stuart G. Stubblebine , Paul F. Syverson, Authentic Attributes with Fine-Grained Anonymity Protection, Proceedings of the 4th International Conference on Financial Cryptography, p.276-294, February 20-24, 2000
	33	D. R. Weinstein and H. J. Worman. Electronic prescription services offer potential savings and improvements in efficiencies. In http://www.temple.edu/gisection/aganew19.html.
	34	A4 Health Systems. http://www.-a4healthsystems.com/.
	35	Accredited Standards Committee (ASC) X12, charter of the American National Standards Institute (ANSI). http://www.x12.org
	36	Agency for Health Care Research and Quality. Managed care plans develop research capabilities and partnerships. In http://www.ahcpr.gov/research/-may98/ra2.htm#head9.
	37	Agency for Health Care Research and Quality. Managed care research has come of age. In http://www.ahcpr.gov/research/jul99/799ra11.htm#head3.
	38	California Board of Pharmacy. California pharmacy law. In http://www.pharmacy.ca.gov/-lawbook_table_of_contents.htm.
	39	Editorial. Computerized prescription systems cut error deaths{expensively. In http://cancer.med.upenn.edu/-cancer_news/reuters/2001/apr/20010412publ004.html, Oncolink Cancer News. 2001
	40	Food and Drugs Administration. Medwatch: The FDA safety information and adverse event reporting program. In http://www.fda.gov/medwatch/.
	41	National Research Council, For the Record: Protecting Electronic Health Information, National Academy Press, Washington, DC, 1997
	42	Health Care Financing Administration. Study of pharmaceutical benefit management. In http://www.hcfa.gov/research/pharmbm.pdf, 2001.
	43	Health Level Seven. http://www.hl7.org
	44	Hospice Patients Alliance. When getting prescriptions filled, beware of medication substitutes! In http://www.hospicepatients.org/substituteRx.html.
	45	International Organization for Standardization. http://www.iso.ch
	46	National Council for Prescription Drug Programs Standard Claims Billing. http://www.hipaanet.com/hisb_ncpdp.htm
	47	Office for Civil Rights. National standards to protect the privacy of personal health information. In http://www.hhs.gov/ocr/hipaa/. 2001.
	48	Office for Civil Rights. Standards for privacy of individually identifiable health information. In http://www.hhs.gov/ocr/hipaa/finalmaster.html. 2001.
	49	Ohio State Board of Pharmacy. Confidentiality of patient records. In http://www.state.oh.us/pharmacy/rules/4729-05-29.html. 1999.
	50	RX News. Prescription privacy. In http://www.findarticles.com/cf_dls/m0815/1999_April/54425466/p1/article.jhtml?term=. Gale Group, 1999.
	51	The U.S. Equal Employment Opportunity Commission. EEOC settles ADA suit against BNSF for genetic bias. In http://www.eeoc.gov/press/4-18-01.html, 2001.

INDEX TERMS

Keywords:
medical information privacy, privacy-preserving cryptographic techniques, public-key cryptography

Collaborative Colleagues:

Giuseppe Ateniese: colleagues

Breno de Medeiros: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player