On the Privacy Enhancement of In-Transit Health Data Inspection: A Preliminary Study

A new healthcare paradigm has emerged lately placing patients at the center of the healthcare scenario, providing more control over their data. Allowing patients to access data from outside healthcare organizations may suppose a security risk and should be done cautiously. Perimeter security elements, such as firewalls, are placed at organizations boundaries to inspect the in-transit data, deciding whether it should be forwarded or not. However, a disjunctive appears, if health data is kept encrypted when traversing the firewall, it could not provide its functionality properly while revealing it could be a violation of the patient privacy. In this work we propose a new method based on multi party computation to perform a secure fine-grained deep packet inspection of health data and results are presented for different number of conditions and packets sizes when using the FHIR standard. Finally, we conclude that although the performance degradation introduced by the proposed method could be too high for a general use, it could be justified by the sensitivity of the involved data in healthcare scenarios.