News | Electronic Medical Records (EMR) | January 26, 2017

Heartbeat Could Be Used as Password to Access Electronic Health Records

Researchers use heart’s electrical pattern as encryption key for electronic records

ECG, heartbeat, password access, electronic health records, Binghamton University SUNY study, Zhanpeng Jin

January 26, 2017 — Researchers at Binghamton University, State University of New York have devised a new way to protect personal electronic health records using a patient’s own heartbeat.

“The cost and complexity of traditional encryption solutions prevent them being directly applied to telemedicine or mobile healthcare. Those systems are gradually replacing clinic-centered healthcare, and we wanted to find a unique solution to protect sensitive personal health data with something simple, available and cost-effective,” said Zhanpeng Jin, assistant professor in the Department of Electrical and Computer Engineering at the Thomas J. Watson School of Engineering and Applied Science at Binghamton University. Jin is the co-author of a new paper titled “A Robust and Reusable ECG-based Authentication and Data Encryption Scheme for eHealth Systems.”

Traditional security measures — like cryptography or encryption — can be expensive, time-consuming and computing-intensive. Binghamton researchers encrypted patient data using a person’s unique electrocardiograph (ECG) — a measurement of the electrical activity of the heart measured by a biosensor attached to the skin — as the key to lock and unlock the files.

“The ECG signal is one of the most important and common physiological parameters collected and analyzed to understand a patient's’ health,” said Jin. “While ECG signals are collected for clinical diagnosis and transmitted through networks to electronic health records, we strategically reused the ECG signals for the data encryption. Through this strategy, the security and privacy can be enhanced while minimum cost will be added.”

Essentially, the patient's heartbeat is the password to access their electronic health records.

The identification scheme is a combination of previous work by Jin using a person’s unique brainprint instead of traditional passwords for access to computers and buildings combined with cybersecurity work from Guo and Chen.

“This research will be very helpful and significant for next-generation secure, personalized healthcare,” said Jin.

Since an ECG may change due to age, illness or injury — or a patient may just want to change how their records are accessed — researchers are currently working out ways to incorporate those variables.

Assistant Professor Linke Guo and Associate Professor Yu Chen, along with Ph.D. candidates Pei Huang and Borui Li, are co-authors of the paper.

The research was presented at The IEEE Global Communications Conference (GLOBECOM 2016) in Washington, D.C., in December 2016.

The work is supported by Binghamton University’s Interdisciplinary Collaboration Grant (ICG) program.

For more information: www.globecom2016.ieee-globecom.org

Related Content

Abbott. St. Jude Medical has updated its firmware to address cybersecurity issues with its Allure Quadra MP and other EP devices

Abbott. St. Jude Medical has updated its firmware to address cybersecurity issues with its Allure Quadra MP and other EP devices.

Feature | EP Lab| August 29, 2017 | Dave Fornell
August 29, 2017 — The U.S.
MDISS Launches 'WHISTL' Network of Medical Device Security Testing Labs
News | Cybersecurity| August 23, 2017
The Medical Device Innovation, Safety and Security Consortium (MDISS) recently launched the first of more than a dozen...
HeartSciences Announces CE Mark and European Launch of MyoVista High Sensitivity ECG

Just as a Doppler radar color image shows the energy of a storm, MyoVista provides physicians a detailed visual image of the energy distribution during the cardiac cycle.

News | ECG| August 22, 2017
HeartSciences announced the European launch of the MyoVista high sensitivity electrocardiograph (hsECG) Testing Device...
HHS Unveils Improved Web Tool to Highlight Recent Health Information Breaches
News | Cybersecurity| August 21, 2017
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently launched a revised web...
Healthcare cybersecurity concerns have increased dramatically as EMRs and medical devices become more digitally connected.

Healthcare cybersecurity concerns have increased dramatically as EMRs and medical devices become more digitally connected.

Feature | Cybersecurity| August 18, 2017 | Dave Fornell
August 17, 2017 — Cybersecurity has become a growing concern in healthcare as patient data, medical systems and impla
Houston Methodist Hospital Enters Multi-Year Technology and Research Agreement With Siemens Healthineers
News | Cardiac Imaging| August 17, 2017
Houston Methodist Hospital and Siemens Healthineers have entered into a multi-year agreement to bring cutting-edge...
ScImage Awarded U.S. Government DIN-PACS IV Contract
News | PACS| August 16, 2017
ScImage Inc. was recently awarded a new DIN-PACS IV (Digital Imaging Network/Picture Archiving and Communications...
The FDA is concerned about cybersecurity of ICDs and cyber security of other medical devices.
Feature | Cybersecurity| August 16, 2017 | Dave Fornell
There is growing concern among patients and regulators that medical devices, especially implantable electrophysiology
AUM Cardiovascular Receives FDA Approval for CADence ECG Device
Technology | ECG| August 08, 2017
AUM Cardiovascular announced it has received clearance from the U.S. Food and Drug Administration (FDA) for CADence, a...
Xavier University Announces Healthcare Artificial Intelligence Summit
News | Artificial Intelligence| August 07, 2017
Xavier University has launched the Xavier Center for Artificial Intelligence (AI), a pioneering effort to accelerate...
Overlay Init