Abstract

The rapid digitization of healthcare through Electronic Medical Record (EMR) systems has transformed patient care, enabling advanced Clinical Decision Support (CDS), Health Information Exchange (HIE), and Personal Health Records (PHRs), yet it has also introduced significant cybersecurity and interoperability challenges. This paper presents a comprehensive study of modern EMR systems, focusing on the design, implementation, and evaluation of HealthVault, a secure and scalable EMR prototype. Chapter 1 explores the technological advancements and cybersecurity vulnerabilities of EMRs, highlighting their financial benefits and standardization issues. Chapter 2 examines regulatory frameworks like HIPAA and GDPR, emphasizing the balance between data accessibility and security. Chapter 3 analyzes the evolving cyber threat landscape, detailing attack vectors like ransomware and social engineering. Chapter 4 describes HealthVault’s three-tier architecture, integrating role-based access control, FHIR interoperability, and robust security features, while Chapter 5 evaluates its performance under high loads and identifies vulnerabilities through extensive testing. The study underscores the need for multi-layered security, regulatory compliance, and patient-centric design in EMR development. HealthVault demonstrates a practical approach to addressing these challenges, offering insights for future innovations in secure healthcare systems.

Advisor

Guarnera, Heather

Department

Computer Science

Disciplines

Computer and Systems Architecture | Data Storage Systems | Digital Communications and Networking

Keywords

Electronic Medical Records, EMR Systems, HealthVault, Cybersecurity, Healthcare Data, Clinical Decision Support, Health Information Exchange, Personal Health Records, Population Health Management, Legacy Systems, Standardization, Mobile Integration, Financial Benefits, HIPAA, GDPR, Regulatory Compliance, Patient Autonomy, Ethical Data Management, Cyber Threats, Ransomware, Social Engineering, IoMT, Advanced Persistent Threats, Threat Models, STRIDE, MITRE ATT&CK, DICOM Vulnerabilities, HL7 Protocol, Three-Tier Architecture, Role-Based Access Control, JWT Authentication, FHIR Integration, Database Schema, PostgreSQL, Performance Testing, Scalability, XSS Vulnerabilities, Security Headers, TLS Configuration, Patient Engagement, Interoperability, Cloud Computing, Data Analytics, Blockchain, Machine Learning, Audit Logging, Concurrent User Testing, Clinical Workflow Simulation

Publication Date

2025

Degree Granted

Bachelor of Arts

Document Type

Senior Independent Study Thesis

Download

Share

COinS
 

© Copyright 2025 Baltasar Berretta