Private data sharing in a secure cloud-based application for acute stroke care

Abstract

Acute stroke care demands fast procedures and collaboration of different healthcare organisations and professionals. The development of cloud computing and the wide adoption of electronic health records (EHR) foster healthcare systems to improve data availability and potentially enhance acute-stroke care quality. However, the design of a secure and privacy-preserving EHR cloud-based application is challenging. This paper presents the leading security and privacy requirements for healthcare applications and contextualises each requirement in the acute stroke care use case. Moreover, we deploy the ASCLEPIOS eHealth Cloud-based framework to address each requirement in designing an EHR cloud-based application for data sharing during acute stroke care. Our initial prototype combines the ASCLEPIOS framework with a public cloud service infrastructure and a private signature scheme. The prototype meets the security and privacy requirements since it protects the EHR data against unauthorised access, data breaches, and data exposure on public cloud providers. Moreover, we present preliminary results and discussions about the usability and overhead of the ASCLEPIOS framework.