TY  - JOUR
T1  - Privacy and Security Challenges Towards Cloud Based Access Control in Electronic Health Records
AU - Rana, Muhammad Ehsan AU - Kubbo, Micheal AU - Jayabalan, Manoj 
JO  - Asian Journal of Information Technology
VL  - 16
IS  - 2
SP  - 274
EP  - 281
PY  - 2017
DA  - 2001/08/19
SN  - 1682-3915
DO  - ajit.2017.274.281
UR  - https://makhillpublications.co/view-article.php?doi=ajit.2017.274.281
KW  - Access control
KW  -electronic health records
KW  -privacy
KW  -security
KW  -security
KW  -cloud platform
AB  - Over the years, data theft has been rampant in financial institutions, however at present medical data is in the spotlight. Healthcare industry is considered as a potential target for hackers and cyber criminals for accessing patient’s data. Electronic Health Record (EHR) provide flexibility, timely access and interoperability of patient information which is key in decision making by physicians and medical officers. With the advancement of technology, cloud has been spotted as a solution for healthcare practitioners to implement interconnected EHR as it reduces cost and hassle of infrastructure maintenance. Cloud platform allows data to be replicated in different geographical locations and retrieved and shared among various organizations in a timely manner. Healthcare sector is facing a dilemma on how patient’s information can be protected while it is being managed by cloud vendors. Several cloud-based EHR apply cryptographic techniques to encrypt data at rest/data in motion and access control to eliminate unauthorized access. As a result, existing access control mechanisms in cloud mainly focuses on giving data access to physicians and other medical officers but overlooks privacy requirements of patients. This research discusses various access control models, their merits, limitations and roles to promote privacy in cloud based solutions.
ER  -