Securing electronic health records without impeding the flow of information

The Hippocratic Database enables healthcare enterprises to comply with privacy and security laws without impeding the legitimate management, sharing, and analysis of personal health information (PHI). This approach to securing electronic health records (EHRs) involves (1) active enforcement of fine-grained data disclosure policies using query modification techniques, (2) efficient auditing of past database access to verify compliance with policies and track security breaches, (3) data mining algorithms that preserve privacy using randomization, (4) de-identification of PHI using an optimal method of k-anonymization, and (5) information sharing across autonomous data sources using cryptographic protocols. Our research confirms that policies concerning the disclosure of EHRs can be reliably and efficiently enforced and audited at the database level. Additionally, advanced data mining and anonymization techniques can be employed to analyze aggregate health records without revealing individual patient identities. Finally, web services and commutative encryption can be used to share sensitive information selectively among autonomous entities without compromising security or privacy.