Privacy Aspects of eHealth

A central aspect of eHealth is the electronic healthcare record (EHR) which integrates all relevant medical information of a person and represents a lifelong documentation of the medical history. By virtue of their sensitive character it is crucial that medical data can only be accessed by the patient herself and persons who are directly involved in the treatment of the patient. Since eHealth portals can be accessed via the Internet, security and privacy issues arise that have to be considered carefully. Besides traditional security properties, we mainly focus on additional threats, namely the trivial disclosure attack and the statistical analysis of metadata. Thereby a disclosure attack takes place if a person enforces another person to present her EHR, e.g. during a job interview. Additionally, by applying statistical analysis on the metadata of an eHealth portal, it is possible to determine relevant information (e.g. psychological treatment) which could have negative effects on the patient. In this paper we present a concept including pseudonymization of medical data, identity management, obfuscation of metadata and anonymous authentication to prevent disclosure attacks and statistical analysis.