Here we look in particular at those parties, such as insurers and pharmacies, that are not actively involved in patient care. Currently patients who are insured are required to share the entire record of their medical treatment with their insurer in order to receive benefits, and a pharmacy may store all prescriptions filled for each patient.
However, there is no medical reason for these parties to see this information --- they only need enough information to be able to prevent fraud and verify that the provided treatment should be covered under the patient's policy, or that the patient has a valid prescription for the medication being dispensed. We argue that, using recent developments in cryptography, we can allow this verification without revealing any additional information about the patient's record, thus obtaining optimal privacy guarantees.
Category / Keywords: applications / Publication Info: presented at HealthSec '10 Date: received 7 Jan 2011 Contact author: melissac at microsoft com Available format(s): PDF | BibTeX Citation Version: 20110108:020237 (All versions of this report) Short URL: ia.cr/2011/016 Discussion forum: Show discussion | Start new discussion