Ever since electronic health records were introduced in Australia in 2012, there has been continued concerns over their integrity and privacy. Now, with the current COVID-19 pandemic the Australian Digital Health Agency has reported a surge in use of the My Health Record system during the crisis.

With the increase in use – but also continued risks of cyber security attacks – how safe is our health data?

A new system proposed by a team of researchers seeks to protect the privacy and integrity of the records through the auditing system.

Professor Jiankun Hu from UNSW Canberra said there is a trend to outsourcing the storage of Electronic Health Records (EHR) to the cloud for saving the cost.

“Having the storage of the records on the cloud means that researchers and medical doctors can share the data. This is part of the appeal of keeping health records electronically,” he said.

“However, EHR contain sensitive personal data, which should be protected under various legal legislations. Some of the current concerns surrounding this method of recording keeping include unauthorised access to the records that are stored in the cloud, and unauthorised modification or/and deletion of the EHR data.

“This could include the situation where the failure of cloud hardware/software causes the incidental modification or deletion of the storage EHR. This is where our new proposed system would come in.”

The new system is a cryptography functional commitment-based scheme, which allows the auditor to check the integrity of the stored EHR data while the content of the EHR is kept private.

“Not only would the scheme better ensure the privacy of the data, but it also addresses the efficiency issue where the cloud server can generate the integrity proof based on the updated EHR and perform batch auditing,” Professor Hu said.

Just how would the proposed scheme ensure privacy? According to Professor Hu, in the first instance, the auditor will not be able to derive the content of the EHR being audited while being able to verify the integrity of the EHR.

“In a group where members share stored data scenario, it guarantees that the auditor cannot identify the specific group users who upload or update the data when auditing the integrity of group shared data, even if the group members change. It can trace the last user who updates the shared data, when the updated data is generated by an honest execution of the relevant algorithm,” he said.

In addition to the integrity auditing side of the electronic record keeping, Professor Hu said that the next steps could include looking at patient’s consent based EHR privacy-preserving management security framework.

“This would ensure both sides of the record keeping – the patient and the system itself – have extra privacy measures in place to ensure integrity of the system,” he said.