DAPriv: Decentralized architecture for preserving the privacy of medical data

TL;DR

This paper proposes a decentralized architecture leveraging hybrid computing and decentralized key management to enhance privacy and security in medical data sharing, effectively preventing re-identification attacks.

Contribution

It introduces a novel decentralized architecture tailored for medical data privacy, integrating current infrastructure and addressing re-assembly attacks.

Findings

Effective prevention of re-assembly re-identification attacks

Supports secure communication among medical entities

Utilizes existing mobile, server, and cloud infrastructure

Abstract

The digitization of the medical data has been a sensitive topic. In modern times laws such as the HIPAA provide some guidelines for electronic transactions in medical data to prevent attacks and fraudulent usage of private information. In our paper, we explore an architecture that uses hybrid computing with decentralized key management and show how it is suitable in preventing a special form of re-identification attack that we name as the re-assembly attack. This architecture would be able to use current infrastructure from mobile phones to server certificates and cloud based decentralized storage models in an efficient way to provide a reliable model for communication of medical data. We encompass entities including patients, doctors, insurance agents, emergency contacts, researchers, medical test laboratories and technicians. This is a complete architecture that provides patients with a good level of privacy, secure communication and more direct control.