The document discusses a proposed secure health records management system using blockchain technology. It notes that the healthcare sector currently leads in data breaches and compromised records. The proposed system would use blockchain, encryption, and decentralized access control to put patient health records under the exclusive control of individuals. This is intended to address concerns about privacy and security of health records in the current system.
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
Â
Block chain health record
1. Block Chain
Health Records Management
The Secure Health Records management Service
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
2. Records management?
⢠Records management (RM), also known as records and information
management or RIM, is the professional practice of managing the
records of an organization throughout their life cycle, from the time
they are created to their eventual disposal. This includes identifying,
classifying, storing, securing, retrieving, tracking and destroying or
permanently preserving records.
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
3. The facts?
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
The medical/health care sector now leads all sectors in the
number of records compromised to date in 2016.
The sector has posted 36.1% (217) of all data breaches so
far this year.
The number of records exposed in these breaches totaled more
than 12 million, or about 59.2% of the total so far in 2016.
4. Patient Concerns
⢠concerns about inappropriate releases of information from individual
organizations
⢠concerns about the systemic flows of information throughout the
health care and related industries
⢠concerns about loss of medical records caused by threats from a
modern digital world like ransomware
⢠Concerns about the false security of âanonymised dataâ when applied
to the world of big data
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
5. Patient Centric Principles
⢠All health records owned exclusively by the patient
⢠All health records under the exclusive control of the patient
⢠All health records created by any health provider must provide the original
health records to the patient nominated Records Management System, all
local copies must be destroyed by the health provider
⢠All health records must be encrypted at rest and in transit under a
mandatory security policy
⢠All health records management systems must fail safe
⢠No patient health records must be accessible to or by any Records
Management System or operations personal
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
6. The Digital World
⢠Creating and capturing health records, and associated metadata, into
recordkeeping systems
⢠Storing and securing health records, including planning for disasters
⢠Preserving health records for as long as they are required;
⢠Providing and restriction of access to health records
⢠Disposing of health records in an approved manner
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
7. Threats to Digital Health Records
⢠Protecting health records from ransomware and other digital threats
⢠Protecting health records from unauthorized disclosure, theft,
alteration or destruction
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
8. Why do we need secure
Health Records Management
⢠The medical/health care sector now leads all sectors in the number of
records compromised to date in 2016. The sector has posted 36.1% (217)
of all data breaches so far this year. The number of records exposed in
these breaches totaled more than 12 million, or about 59.2% of the total so
far in 2016.
⢠The business sector accounts for nearly 2.5 million exposed records in 264
incidents. That represents 43.9% of the incidents, and 11.8% of the
exposed records.
⢠The government/military sector has suffered 38 data breaches so far this
year, representing about 27.1% of the total number of records exposed and
6.3% of the incidents. More than 5.7 million records have been
compromised in the government/military sector to date in 2016.
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
9. Characteristics
⢠known level of assurance and hence risk
⢠sits publicly on the internet (secrecy is not required to underpin security)
⢠does not rely on any network security, VPN or firewalls
⢠all data access is based upon well known and operational tested KMS
⢠all access follows the well known compartmented security mode of operation
⢠assume a BYOD as default environment, does not rely on controlled end points
⢠supports industry standard CMS
⢠support for custom meta data
⢠support storage of arbitrary sized and content types within each record
⢠all access to be enforced via Hardware based Security modules
⢠mandatory security policy requiring all data is encrypted in transit and at rest
⢠system will fail safe
⢠support for industry standard records management dictionaries.
⢠No centralized access control
⢠Immune to Ransomware
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
10. Meta Data
⢠Metadata is generally categorized into four or five groupings based on the
information the metadata captures, as described below:
⢠Descriptive Metadata: Metadata that describes the intellectual content of a resource and
used for the indexing, discovery and identification of a digital resource.
⢠Administrative Metadata: Metadata that includes management information about the digital
resource, such as ownership and rights management.
⢠Structural Metadata: Metadata that is used to display and navigate digital resources and
describes relationships between multiple digital files, such as page order in a digitized book.
⢠Technical Metadata: Metadata that describes the features of the digital file, such as
resolution, pixel dimension and hardware. The information is critical for migration and long-
term sustainability of the digital resource.
⢠Preservation Metadata: Metadata that specifically captures information that helps facilitate
management and access to digital files over time. This inherently includes descriptive,
administrative, structural, and technical metadata elements that focus on the provenance,
authenticity, preservation activity, technical environment, and rights management of an
object.
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
11. ACID Properties of a Record
⢠A- Atomicity: requires that each transaction be "all or nothing": if one part of the transaction fails, then the
entire transaction fails, and the store state is left unchanged. An atomic system must guarantee atomicity in
each and every situation, including power failures, errors, and crashes. To the outside world, a committed
record appears (by its effects on the contained records) to be indivisible ("atomic"), and an aborted record
does not happen.;
⢠C- Consistency: property ensures that any transaction will bring the record from one valid state to another.
Any data written must be valid according to all defined rules. This does not guarantee correctness of the
transaction, merely that any programming errors cannot result in the violation of any defined rules. The RMS
is effectively a "write once" data store, and hence only has a single state. Data destruction is achieved via
destruction of the record key, the RMS will always remain immutable set of records under all operational use
cases.
⢠I- Isolation: property ensures that the concurrent execution of transactions results in a system state that
would be obtained if transactions were executed serially, i.e., one after the other. Providing isolation is the
main goal of concurrency control. as the effects of an incomplete transaction might not even be visible to
another transaction. A block chain by definition enforces serial ability of all records, combined with
immutability ensures isolation between records.
⢠D- Durability: property ensures that once a transaction has been committed, it will remain so, even in the
event of power loss, crashes, or errors. Persistence of data across physically dispersed locations enhances
durability, of the immutable RMS.
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
12. Ransom-ware Defeated
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
Finally a solution which
protects against ransom ware
( its an immutable record),
with zero additional costs or
change to data workflows.
13. Enterprise Solution
⢠Distributed denial-of-service (DDOS)
⢠All solutions include protection from distributed denial-of-service as part of
the service fabric.
⢠Resiliency
⢠All solutions include the ability to manage traffic with throttling to withstand
the operational traffic spikes.
⢠Hardware Secured
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
14. De-centralised Access Control
⢠Based on a decentralized Key Management system, there is no
centralized keys ever.
⢠Support for wide range of record recovery use cases, including mobile
platform recovery.
⢠In the health records use case, the individuals personal RMS is
completely under the exclusive control of the individual, there is no
"big brother" control and no unauthorized access possible
⢠Records Management System, and all operators have zero access to
any record encryption keys, there is no single point of records
compromise
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
15. The Global secure, messaging and record
distribution system, has been designed to provide a
universal secure solution for all digital health
records world wide.
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
16. The Block Chain Health Records
⢠Block Chain Technology +
⢠Network Stack +
⢠HSM protected Keys +
⢠Cryptographic Protocols
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
17. Health Records Privacy
⢠All parties Identified via Secure Identities (SIN)
⢠Supports P2P, P2MP EC P384-AES256 encryption
⢠Need to know, enforced by distributed Key Management System, not
centralized access control lists
⢠All records encrypted at rest
⢠Fail safe design
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
18. Application Datagram Protocol (ADP)
⢠Runs on top of any type of network
⢠Short Packets of data called datagrams
⢠Operates in a
âself contained independent entity of data carrying sufficient
information to be delivered to the destination without reliance on
previous exchanges between this source and destinationâ
⢠Connectionless, no session management, or Schannel/VPN required.
⢠Supports stateless, datagram encryption via Content Messaging
Syntax (CMS), Suite B and EC Public keys
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.
19. Availability
⢠Available as a licensed private cloud solution
⢠Private cloud owned and operated by Individual or organization
⢠Optional Managed Private Cloud
⢠SDK for client end application integration
⢠Suitable for PC and global mobile platforms
4/10/2016 ALL RIGHTS RESERVED, VILLAGEMALL PTY LTD.