Enhancing Security in Electronic Health Records using AES and PBKDF2: A case study of Zimbabwe e-health system

Abstract

As health IT is evolving, the use of traditional methods of storing patient information is being phased out. Notably Zimbabwe has begun digitalizing its medical records in most private and public health centres but limited internet connectivity and patient data harmonisation is still an issue. The viable solution lies in adopting Electronic Health Records (EHRs) which promote data sharing across healthcare providers while also ensuring data integrity and availability. Despite the many efforts by various researchers in suggesting strong encryption and biometric techniques to circumvent data loss or hacks, cyber criminals are getting more experienced due to the availability of more exploitation tools. This technical research presents an analysis of some of the widely implemented security techniques used in securing EHRs and proposes an enhanced hybrid mechanism for EHRs using AES and PBKDF2 within the Zimbabwe health care context. Observations made indicate the enhancement of data integrity, authentication and improved service delivery within the private and public health set up. Furthermore if scaled the e-health platform requires rigorous health personnel training in usage and changing mentality towards user acceptance.