An Electronic Health Record (EHR) is the health record of an individual that is accessible online from separate, interoperable automated systems. A transition to EHR management enables remote access to health information, removes administrative burdens, enhances productivity, opens up new opportunities, and reduces the occurrence of medical errors.

Privacy and security concerns are major impediments to EHR management. Individuals and medical professionals alike are concerned about their privacy and autonomy; these concerns go well beyond safeguards against outsiders. At the same time, healthcare regulations such as the U.S. Health Insurance Portability and Accountability Act (HIPAA) are pushing security technologies for identity and access management to the forefront.

The U-Prove™ technology solves several seemingly conflicting security, scalability, and privacy requirements:

• In contrast to centralized and federated identity management solutions, the U-Prove technology enables healthcare organizations to electronically share EHR information while complying with data protection legislation.
• Authorized parties can digitally sign any EHR entries they add or modify. This enables medical professionals to verify that any EHR entries on which they rely have been entered by authorized parties. In this manner, medical professionals and healthcare service providers can maintain partial ownership of EHRs and avoid legal liabilities due to reliance on corrupted EHR information.
• Patients themselves can manage the links between their dispersed EHR information that resides at different organizations. With federated identity, in contrast, central parties would be given the power to link all of a patient’s EHR information; since the most frequent breaches of patient information confidentiality come from authorized insiders, this is highly undesirable.
• In contrast to centralized and federated identity management solutions, the U-Prove technology enables authorized parties to access EHR information without being identifiable; fine-grained role-based access control can be implemented using portable identity tokens that do not reveal unwanted linking or tracing information to third parties (such as auditors).
• In contrast to centralized and federated identity management solutions, the U-Prove technology enables offline access to EHR information by authorized parties; there is no need to involve central parties (such as identity providers) in each and every access control decision.
• Patients can carry a portable device with them, such as a smart card, that at the end of each visit to a point-of-care organization makes a synchronized copy of relevant EHR information. The entries in the copy can be cryptographically authenticated to protect against the unauthorized cloning, lending, pooling, and discarding of EHR entries. Subsequently, patients can selectively disclose EHR information to relying parties.