Cybersecurity Education, Research & Outreach Center

Access Control

Password-free Secure Data Communication for Health Care (Faculty Lead: Dr. Denis Ulybyshev. Students: Tate Seyler, James Massengille)

Healthcare providers need a secure mechanism to send the clinical data to patients. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 requires to safeguard and protect Electronic Health Records in transit and in storage. However, password-based solutions for authentication are not very convenient for elderly patients who may forget strong passwords. On the other hand, “easy to remember” short passwords are cryptographically weak and can be easily broken by cyber attackers, which may result in leakage of Personal Health Information. In this project, we focus on developing the methodology for password-free data transfer mechanism that would allow healthcare providers to send clinical and administrative data to patients in a secure and HIPAA-compliant way.