Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System

Jieun Eom, Dong Hoon Lee, Kwangsu Lee

Research output: Contribution to journalArticlepeer-review

17 Citations (Scopus)


In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient’s permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient’s perspective.

Original languageEnglish
Article number253
JournalJournal of Medical Systems
Issue number12
Publication statusPublished - 2016 Dec 1

Bibliographical note

Publisher Copyright:
© 2016, Springer Science+Business Media New York.


  • Cloud computing
  • Data privacy
  • Electronic health records
  • Patient control

ASJC Scopus subject areas

  • Medicine (miscellaneous)
  • Information Systems
  • Health Informatics
  • Health Information Management


Dive into the research topics of 'Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System'. Together they form a unique fingerprint.

Cite this