Abstract

Personal Health Record (PHR) is an evolving patient-centric model for health information exchange and for storing patients’ e-record in a centralized place. It permits patients to create, manage, control and share their health information with other users. Privacy and security in cloud computing is an important concern for both public and private sector. Cloud computing has the advantage of reducing cost by sharing computing and storage resources, combined with an on-demand provisioning mechanism relying on a pay-per-use business model. While it offers these resources, it likewise poses risks for privacy preservation and the level of assurance required to sustain assurance in would-be users. The challenges in privacy protection are sharing data while protecting personal information. The confidentiality of the medical records is a major problem when patients use commercial cloud servers to store their medical records. In order to assure the patients’ control over their own medical records, these records/ files should be preserved with high privacy and security and be encrypted before outsourcing them. In this dissertation, we propose a framework for privacy in a PHR of a patient; the design of a privacy-preserving that enables patients to keep their health information without disclosing their sensitive information to an unauthorized third party. The PHR was designed using Apache server, MySQL as the database in conjunction with PHPMyAdmin, CSS, HTML and JavaScript. The purpose of privacy is to anticipate privacy risks prior to the development of the system and assess its impact on individuals’ privacy. This helps to prevent privacy intrusion events before they occur.