Next Article in Journal
Sarcopenia Is Associated with Cognitive Impairment Mainly Due to Slow Gait Speed: Results from the Korean Frailty and Aging Cohort Study (KFACS)
Previous Article in Journal
Association of ACTN3 Polymorphism with Body Somatotype and Cardiorespiratory Fitness in Young Healthy Adults
Article Menu
Issue 9 (May-1) cover image

Export Article

Open AccessArticle

PAX: Using Pseudonymization and Anonymization to Protect Patients’ Identities and Data in the Healthcare System

Thi-Qar University, Nasiriyah 64001, Iraq
Faculty of Health, Engineering and Sciences, University of Southern Queensland, Toowoomba, QLD 4350, Australia
Author to whom correspondence should be addressed.
Int. J. Environ. Res. Public Health 2019, 16(9), 1490;
Received: 13 March 2019 / Revised: 23 April 2019 / Accepted: 23 April 2019 / Published: 27 April 2019
PDF [2274 KB, uploaded 5 May 2019]


Electronic health record (EHR) systems are extremely useful for managing patients’ data and are widely disseminated in the health sector. The main problem with these systems is how to maintain the privacy of sensitive patient information. Due to not fully protecting the records from unauthorised users, EHR systems fail to provide privacy for protected health information. Weak security measures also allow authorised users to exceed their specific privileges to access medical records. Thus, some of the systems are not a trustworthy source and are undesirable for patients and healthcare providers. Therefore, an authorisation system that provides privacy when accessing patients’ data is required to address these security issues. Specifically, security and privacy precautions should be raised for specific categories of users, doctor advisors, physician researchers, emergency doctors, and patients’ relatives. Presently, these users can break into the electronic systems and even violate patients’ privacy because of the privileges granted to them or the inadequate security and privacy mechanisms of these systems. To address the security and privacy problems associated with specific users, we develop the Pseudonymization and Anonymization with the XACML (PAX) modular system, which depends on client and server applications. It provides a security solution to the privacy issues and the problem of safe-access decisions for patients’ data in the EHR. The results of theoretical and experimental security analysis prove that PAX provides security features in preserving the privacy of healthcare users and is safe against known attacks. View Full-Text
Keywords: anonymity; ECDSA; electronic health record (EHR); PAX; pseudonym; XACML anonymity; ECDSA; electronic health record (EHR); PAX; pseudonym; XACML

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Al-Zubaidie, M.; Zhang, Z.; Zhang, J. PAX: Using Pseudonymization and Anonymization to Protect Patients’ Identities and Data in the Healthcare System. Int. J. Environ. Res. Public Health 2019, 16, 1490.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Int. J. Environ. Res. Public Health EISSN 1660-4601 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top