|18 January 2017|
Researchers at Binghamton University, State University of New York have devised a method which could see a patient’s heartbeat used as the password to their electronic health records.
Binghamton researchers encrypted patient data using a person’s unique electrocardiograph (ECG)–a measurement of the electrical activity of the heart measured by a biosensor attached to the skin–as the key to lock and unlock the files.
Zhanpeng Jin, assistant professor in the Department of Electrical and Computer Engineering at the Thomas J. Watson School of Engineering and Applied Science at Binghamton University, is the co-author of a new paper titled: A Robust and Reusable ECG-based Authentication and Data Encryption Scheme for eHealth Systems.
“The ECG signal is one of the most important and common physiological parameters collected and analyzed to understand a patient’s’ health,” said Jin. “While ECG signals are collected for clinical diagnosis and transmitted through networks to electronic health records, we strategically reused the ECG signals for the data encryption. Through this strategy, the security and privacy can be enhanced while minimum cost will be added.”
The identification scheme is a combination of previous work by Jin using a person’s unique brainprint instead of traditional passwords for access to computers and buildings combined with cyber-security work from Assistant Professor Linke Guo and Associate Professor Yu Chen, co-authors of the paper.
“This research will be very helpful and significant for next-generation secure, personalized healthcare,” said Jin.
Since an ECG may change due to age, illness or injury–or a patient may just want to change how their records are accessed–researchers are currently working out ways to incorporate those variables.