The Personal Internetworked Notary and Guardian

In this paper, we propose a secure, distributed and scaleable infrastructur e for a lifelong personal medical record system. We leverage on existing an d widely available technologies, like the Web and public-key cryptography, to define an architecture that allows patients to exercise full control ove r their medical data. This is done without compromising patients' privacy a nd the ability of other interested parties (e.g. physicians, health-care in stitutions, public-health researchers) to access the data when appropriatel y authorized. The system organizes the information as a tree of encrypted p lain-text XML files, in order to ensure platform independence and durabilit y, and uses a role-based authorization scheme to assign access privileges. In addition to the basic architecture, we describe tools to populate the pa tient's record with data from hospital databases and the first testbed appl ications we are deploying. (C) 2001 Elsevier Science Ireland Ltd. All right s reserved.