Security Is Where The Heart Is - The Beat Goes On

With the constant drone about security, privacy, and the evolution and development of unique, sometimes bizarre, security techniques, it’s no wonder that researchers are grabbing for any idea that will work for a while. Such is the case with Researchers at Binghamton University, State University of New York who have come up with a way to protect personal electronic health records using a patient’s heartbeat instead of a password.

According to Zhanpeng Jin, assistant professor in the Department of Electrical and Computer Engineering at the Thomas J. Watson School of Engineering and Applied Science at Binghamton University, “The cost and complexity of traditional encryption solutions prevent them being directly applied to telemedicine or mobile healthcare. Those systems are gradually replacing clinic-centered healthcare, and we wanted to find a unique solution to protect sensitive personal health data with something simple, available and cost-effective.”

In response to the high costs associated with cryptography or encryption, the Binghamton researchers encrypt patient data using the patient’s electrocardiograph (ECG). An ECG measures electrical activity of the heart via biosensors attached to the patient’s chest area. The ECG unit usually records and/or prints out a graphical representation of the hearts pulses.

It might be assumed that when the patient’s records need to be accessed, if his or her heart patterns match a previous ECG recording, the data files will open. Briefly put, the patient's heartbeat is the password.

The most immediate question is what happens when a patient’s ECG changes. After all, there may be illness involved that either gets worse or recedes with treatment. Even people in perfect health may have slightly or noticeable different ECG readings on different days. Also, the patient may choose to change how records are accessed. Well, the researchers are currently working on it. ~MD