Heartbeats as a Password for EHRs

Researchers at Binghamton University, State University of New York www.binghamton.edu  are working on accessing EHRs using the patient’s own heartbeat as a password. Researchers are looking at patient’s EKGs or ECGs as a possible way to lock and unlock files.

Zhanpeng Jin Assistant Professor in the Engineering School www.binghamton.edu/watson said, “The cost and complexity of traditional encryption solutions prevent these solutions being directly applied to telemedicine or mobile healthcare. Also, traditional security measures can be expensive time-consuming and computing intensive.”

Researchers have encrypted patient data using a person’s unique EKG or ECG which measures the electrical activity of the heart by a biosensor attached to the skin. Jin reports, While ECG signals are collected for clinical diagnosis and transmitted through networks to EHRs, the ECG signals are strategically reused for the data encryption. By using this strategy, the security and privacy can be enhanced while minimum cost is added.

Since a ECGs may change due to age, illness, or injury or a patient may just want to change how their records are accessed, researchers are currently working out ways to incorporate those variables.

Jin and co-authors Assistant Professor Linke Guo, Associate Professor Yu Chen, plus PhD candidates Pei Huang and Borui Li, presented their paper titled “A Robust and Reusable ECG-based Authentication and Data Encryption Scheme for eHealth Systems” at the IEEE Global Communications Conference http://globecom2016.ieee-globecom.org held in Washington D.C.