Human Heartbeat Could Safeguard Electronic Medical Data
By HospiMedica International staff writers
Posted on 01 Feb 2017
Image: A new study suggests the human heartbeat could be used to protect medical records (Photo courtesy of DepositPhotos).
A new study describes how an electrocardiograph (ECG) could be used as password to access the information encrypted in a patient’s electronic health record (EHR).
Researchers at Binghamton University conducted a study to investigate an innovative psychophysiological approach for secure and trustworthy user authentication via non-volitional components of an ECG. Identifying reproducible, unique features of the ECG, they developed a method to accurately recognize and authenticate people by extracting time-invariant and context-invariant ECG passwords. In essence, the patient's heartbeat is used as the password to access their EHR.
Since an ECG may change due to age, illness, or injury, the researchers are currently working out ways to incorporate those variables. The identification scheme for ECG is a combination of previous work by the researchers that used a person's unique brainprint instead of traditional passwords to access computers and buildings, which was combined with cyber-security approaches. The study was presented at the IEEE Global Communications Conference (GLOBECOM 2016), held during December 2016 in Washington (DC, USA).
“The ECG signal is one of the most important and common physiological parameters collected and analyzed to understand a patient's' health,” said study co-author Zhanpeng Jin, PhD, of the department of electrical and computer engineering. “While ECG signals are collected for clinical diagnosis and transmitted through networks to electronic health records, we strategically reused the ECG signals for the data encryption.”
“The cost and complexity of traditional encryption solutions prevent them being directly applied to telemedicine or mobile healthcare. Those systems are gradually replacing clinic-centered healthcare, and we wanted to find a unique solution to protect sensitive personal health data with something simple, available, and cost-effective,” concluded Dr. Jin. “Through this strategy, the security and privacy can be enhanced while minimum cost will be added.”