PHRs grant patients access to a wide range of health information sources, best medical practices and health knowledge. In patient centric secure sharing, patients will create, manage and control their personal health data from one place using the web. Prior to storing the records in cloud server, they are encrypted using encryption algorithm which ensures the patient’s full control over their PHR. In addition to PHR (Medical history, current exams), personal files, insurance details and sensitive information can also be stored and shared. Patients only decide which set of users can access which set of files. All the files stored in clouds which are semi-trusted servers, are in the encrypted form and are confidential to other users. We make use of Attribute Based encryption (ABE) to encrypt the files. In this scheme, users are categorized into personal and professional domains which greatly reduce the key management complexity. There is a structured way to access the files for personal and professional purposes. Patients are able to dynamically modify the access policy and attributes.

M. Li, S. Yu, K. Ren, and W. Lou, ―Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings,‖ in SecureComm’10, Sept. 2010, pp. 89–106.

H. Lo¨ hr, A.-R. Sadeghi, and M. Winandy, ―Securing the e-health cloud,‖ in Proceedings of the 1st ACM International Health Informatics Symposium, ser. IHI ’10, 2010, pp. 220– 229.

M. Li, S. Yu, N. Cao, and W. Lou, ―Authorized private keyword search over encrypted Personal health records in cloud computing,‖ in ICDCS ’11, Jun. 2011.

―The health insurance portability and accountability act.‖[Online]. Available:

http://www.cms.hhs.gov/HIPAAGenInfo/01 Overview.asp

―Google, microsoft say hipaa stimulus rule doesn’t apply to them,‖ http://www.ihealthbeat.org/Articles/2009/4/8/.

―At risk of exposure in the push for electronic medical records, concern is growing about how well privacy can be safeguarded,‖ 2006. [Online]. Available: http://articles.latimes.com/2006/jun/26/health/he-privacy26 [7] K. D. Mandl, P. Szolovits, and I. S. Kohane, ―Public standards and patients’ control: how to keep electronic medical records accessible but private,‖ BMJ, vol. 322, no. 7281, p. 283, Feb. 2001.

J. Benaloh, M. Chase, E. Horvitz, and K. Lauter, ―Patient con- trolled encryption: ensuring privacy of electronic medical record- s,‖ in CCSW ’09, 2009, pp. 103–114.

S. Yu, C. Wang, K. Ren, and W. Lou, ―Achieving secure, scalable, and fine-grained data access control in cloud computing,‖ in IEEE INFOCOM’10, 2010.