A Privacy-Preserving Distributed Medical Insurance Claim Clearinghouse & EHR Application
In this paper we introduce a distributed approach to storing and processing electronic health records along with a distributed insurance claims clearinghouse. The fundamental assumption governing our work is that every system can and will be compromised, therefore, our approach improves privacy by mitigating the effect of an attack on the system when components are hacked or otherwise compromised. This improvement is achieved by separating the patient's identity from their medical and demographic data and also splitting the clearinghouse processing of the CMS-1500 insurance claim form across six processing units, these processing units are autonomous and anonymous to one another, however, are able collaborate on a common task. We use Shannon entropy to compare the performance of this distributed application to a centralized one, Shannon entropy is a measure of the information stored in the system and the information divulged when components are compromised. This distributed approach reduces the amount of entropy eliminated in the event of an attack on the clearinghouse by approximately 79%. We also compare our approach to the MyPHRMachines architecture. In our analyses we assume one component is compromised in the distributed or centralized systems.