A secure query assurance approach for distributed health records

Health information system architectures inherently include distributed systems and data repositories across multiple organizations, health providers and with potentially some data stored with the health consumer. This is part of the shift to more fully integrated electronic health systems. Due to the varied stakeholders of these systems, it will become more important to provide a high level of query quality assurance for the parties utilizing these distributed and shared data repositories. A core consideration of health records is providing data confidentiality, including to protect against insider security threats. As such, it will often be desirable that electronic health information be stored in an encrypted format. In this paper, we present and describe the implementation and evaluation of a query assurance model that implements the three requirements of query assurance across sources of searchable encrypted health data. Furthermore, we consider the issue of freshness and data persistence in a multiple data owner environment, including a discussion of the characteristics of consumer interfacing health information systems.