Designing and Building Secure Electronic Medical Record Application by Applying AES-256 and RSA Digital Signature

Medical records consist of health data that must be kept confidential and is regulated in Indonesian law. Until now the implementation of electronic medical records in Indonesia has not been clearly regulated in a law, while Regulation of the Minister of Health of the Republic of Indonesia state that medical records must be made in writing, complete, and clearly or electronically. In view of this, another approach than the regulation is needed to be able to meet the confidentiality of the data in the regulation, in electronic form. In this study, an electronic medical record application was designed and built that can meet the requirements of the legislation. The application encrypts patient's health data stored on medical records using the AES-256 algorithm for data confidentiality. The use of AES-256 has been standardized based on the Federal Information Processing Standards Publication 197 and RSA Digital Signature digital signature because it has been standardized based on Federal Information Processing Standards Publication 186-4 and NIST Special Publication 800-89. The proposed application have been made have passed security testing using 6 testcase based on the reference paper.