Machine Learning Based Anomaly Detection and Homomorphic Encryption for Securing Electronic Health Records in IoT-Enabled Hospitals

Gnanesh Methari; Iqra Rasool

doi:10.55524/ijircst.2025.13.6.19

Abstract

Internet of Things (IoT) devices are used by hospitals to enhance patient care. Such gadgets gather health information and keep it in Electronic Health Records (EHRs). EHR is highly sensitive information that should be secured. Nonetheless, IoT systems raise security and privacy threats. The threats to hospitals are numerous as they include data breaches, insider abuse, and ransomware attacks. These new risks cannot be dealt with using the traditional security methods. Machine learning (ML) can contribute to that by identifying abnormal or aberrant behavior within hospitals. Homomorphic encryption (HE) is one of the techniques that can be used to secure the data and perform the calculation on the encrypted data without disclosing it. The combination of ML and HE can enhance security and privacy of healthcare systems. The current review examines the available literature on ML-based anomaly detection and homomorphic encryption in securing EHRs of hospitals through IoT solutions. It outlines the existing practices, citing their shortcomings, and determining where the research remains unfinished and where it should go in the future.

Keywords

Electronic Health Records (EHR), IoT Healthcare Security, Machine Learning Anomaly Detection, Homomorphic Encryption, Privacy-Preserving Analytics, Cybersecurity in Healthcare

References

Andriulo, F. C., M. Fiore, M. Mongiello, E. Traversa, and V. Zizzo, “Edge computing and cloud computing for internet of things: A review,” Informatics, vol. 11, no. 4, 2024. Available from: https://doi.org/10.3390/informatics11040071
W. Wang, D. Ferrari, G. Haddon-Hill, and V. Curcin, “Electronic health records as source of research data,” PubMed, 2023. Available from: https://www.ncbi.nlm.nih.gov/books/NBK597466/
Liu, D. Huang, J. Yao, J. Dong, L. Song, H. Wang, C. Yao, and W. Chu, “From black box to glass box: A practical review of explainable artificial intelligence (XAI),” AI, vol. 6, no. 11, pp. 285–285, 2025. Available from: https://doi.org/10.3390/ai6110285
N. Khalid, A. Qayyum, M. Bilal, A. Al-Fuqaha, and J. Qadir, “Privacy-preserving artificial intelligence in healthcare: Techniques and applications,” Computers in Biology and Medicine, vol. 158, p. 106848, 2023. Available from: https://doi.org/10.1016/j.compbiomed.2023.106848
A. Ali, M. A. Gunavathie, V. Srinivasan, M. Aruna, R. Chennappan, and M. Matheena, “Securing electronic health records using blockchain-enabled federated learning for IoT-based smart healthcare,” Clinical eHealth, vol. 8, 2025. Available from: https://doi.org/10.1016/j.ceh.2025.04.002
Hildt, “What is the role of explainability in medical artificial intelligence? A case-based approach,” Bioengineering, vol. 12, no. 4, pp. 375–375, 2025. Available from: https://doi.org/10.3390/bioengineering12040375
Al Badawi and M. Faizal Bin Yusof, “Private pathological assessment via machine learning and homomorphic encryption,” BioData Mining, vol. 17, no. 1, 2024. Available from: https://doi.org/10.1186/s13040-024-00379-9
Zhai, O. N. Akande, S. Agarwal, and W. Pak, “Security risk assessment of internet of things health devices using DREAD and STRIDE models,” Ain Shams Engineering Journal, vol. 16, no. 11, p. 103721, 2025. Available from: https://doi.org/10.1016/j.asej.2025.103721
T. Guimarães, R. Duarte, F. Hak, and M. Santos, “Context-aware electronic health record—Internet of things and blockchain approach,” Informatics, vol. 11, no. 4, pp. 98–98, 2024. Available from: https://doi.org/10.3390/informatics11040098
S. Abdulmalek, A. Nasir, W. A. Jabbar, M. A. M. Almuhaya, A. K. Bairagi, M. A.-M. Khan, and S.-H. Kee, “IoT-based healthcare-monitoring system towards improving quality of life: A review,” Healthcare, vol. 10, no. 10, p. 1993, 2022. Available from: https://doi.org/10.3390/healthcare10101993
Samariya, J. Ma, S. Aryal, and X. Zhao, “Detection and explanation of anomalies in healthcare data,” National Library of Medicine, vol. 11, no. 1, 2023. Available from: https://doi.org/10.1007/s13755-023-00221-2
S. Mittal, “Fully homomorphic encryption-based optimal key encryption for privacy preservation in the cloud sector,” Journal of Information Security and Applications, vol. 91, p. 104048, 2025. Available from: https://doi.org/10.1016/j.jisa.2025.104048
Riou, M. El Azzouzi, A. Hespel, E. Guillou, G. Coatrieux, and M. Cuggia, “Ensuring GDPR compliance and security in a clinical data warehouse: Challenges and insights from a university hospital,” JMIR Medical Informatics, 2024. Available from: https://doi.org/10.2196/63754
P. Schummer, A. del Rio, J. Serrano, D. Jimenez, G. Sánchez, and Á. Llorente, “Machine learning-based network anomaly detection: Design, implementation, and evaluation,” AI, vol. 5, no. 4, pp. 2967–2983, 2024. Available from: https://doi.org/10.3390/ai5040143
S. Rani, R. Kumar, B. S. Panda, R. Kumar, N. F. Muften, M. A. Abass, and J. Lozanovi?, “Machine learning-powered smart healthcare systems in the era of big data,” Diagnostics, vol. 15, no. 15, pp. 1914–1914, 2025. Available from: https://doi.org/10.3390/diagnostics15151914
Thabit, O. Can, S. Alhomdy, G. H. Al-Gaphari, and S. Jagtap, “A novel effective lightweight homomorphic cryptographic algorithm for data security in cloud computing,” International Journal of Intelligent Networks, vol. 3, pp. 16–30, 2022. Available from: https://doi.org/10.1016/j.ijin.2022.04.001
M. Humbert-Droz, P. Mukherjee, and O. Gevaert, “Strategies to address the lack of labeled data for supervised machine learning training with electronic health records,” JMIR Medical Informatics, vol. 10, no. 3, p. e32903, 2022. Available from: https://doi.org/10.2196/32903
S. M. Varnosfaderani and M. Forouzanfar, “The role of AI in hospitals and clinics: Transforming healthcare in the 21st century,” Bioengineering, vol. 11, no. 4, pp. 1–38, 2024. Available from: https://www.mdpi.com/2306-5354/11/4/337
F. Agyemang, “Anomaly detection using unsupervised machine learning algorithms: A simulation study,” Scientific African, vol. 26, p. e02386, 2024. Available from: https://doi.org/10.1016/j.sciaf.2024.e02386
Lee, “Analysis of insider threats in the healthcare industry: A text mining approach,” Information, vol. 13, no. 9, p. 404, 2022. Available from: https://doi.org/10.3390/info13090404
H. Almotairi, “Application of internet of things in healthcare domain,” Journal of Umm Al-Qura University for Engineering and Architecture, 2022. Available from: https://doi.org/10.1007/s43995-022-00008-8
Yasuda, T. Shimoyama, and J. Kogure, “Secret computation of purchase history data using somewhat homomorphic encryption,” Pacific Journal of Mathematics for Industry, vol. 6, no. 1, 2014. Available from: https://doi.org/10.1186/s40736-014-0005-x
Parihar, J. B. Prajapati, B. G. Prajapati, B. Trambadiya, A. Thakkar, and P. Engineer, “Role of IoT in healthcare: Applications, security and privacy concerns,” Intelligent Pharmacy, vol. 2, no. 5, 2024. Available from: https://doi.org/10.1016/j.ipha.2024.01.003
Habehh and S. Gohel, “Machine learning in healthcare,” Current Genomics, vol. 22, no. 4, pp. 291–300, 2021. Available from: https://doi.org/10.2174/1389202922666210705124359
T. Madathil, F. K. Dankar, M. Gergely, A. N. Belkacem, and S. Alrabaee, “Revolutionizing healthcare data analytics with federated learning,” Computational and Structural Biotechnology Journal, vol. 28, pp. 217–238, 2025. Available from: https://doi.org/10.1016/j.csbj.2025.06.009
R. Foorthuis, “On the nature and types of anomalies: A review of deviations in data,” International Journal of Data Science and Analytics, vol. 12, no. 4, pp. 297–331, 2021. Available from: https://doi.org/10.1007/s41060-021-00265-1
C. Muhoza, E. Bergeret, C. Brdys, and F. Gary, “Power consumption reduction for IoT devices thanks to edge-AI,” Internet of Things, vol. 24, p. 100930, 2023. Available from: https://doi.org/10.1016/j.iot.2023.100930
T. K. Nguyen, D. H. Duong, W. Susilo, Y.-W. Chow, and T. A. Ta, “HeFUN: Homomorphic encryption for unconstrained secure neural network inference,” Future Internet, vol. 15, no. 12, p. 407, 2023. Available from: https://doi.org/10.3390/fi15120407
Grünewald et al., “Beyond the numbers: The importance of contextual data when reusing blood pressure data from electronic health records,” Frontiers in Digital Health, vol. 7, 2025. Available from: https://doi.org/10.3389/fdgth.2025.1664213
R. Almutairi, G. Bergami, and G. Morgan, “Advancements and challenges in IoT simulators: A comprehensive review,” Sensors, vol. 24, no. 5, pp. 1511–1511, 2024. Available from: https://doi.org/10.3390/s24051511
Bolhasani, M. Mohseni, and A. M. Rahmani, “Deep learning applications for IoT in healthcare: A systematic review,” Informatics in Medicine Unlocked, vol. 23, p. 100550, 2021. Available from: https://doi.org/10.1016/j.imu.2021.100550
Edemekong, M. Haydel, and P. Annamaraju, “Health insurance portability and accountability act (HIPAA),” National Library of Medicine, 2024. Available from: https://www.ncbi.nlm.nih.gov/books/NBK500019/
Shojaei, E. V. Gjorgievska, and Y.-W. Chow, “Security and privacy of technologies in health information systems: A systematic literature review,” Computers, vol. 13, no. 2, pp. 1–25, 2024. Available from: https://www.mdpi.com/2073-431X/13/2/41
V. Terziyan, B. Bilokon, and M. Gavriushenko, “Deep homeomorphic data encryption for privacy preserving machine learning,” Procedia Computer Science, vol. 232, pp. 2201–2212, 2024. Available from: https://doi.org/10.1016/j.procs.2024.02.039
Keshta and A. Odeh, “Security and privacy of electronic health records: Concerns and challenges,” Egyptian Informatics Journal, vol. 22, no. 2, pp. 177–183, 2021. Available from: https://doi.org/10.1016/j.eij.2020.07.003
Razzaq and M. Shah, “Machine learning and deep learning paradigms: From techniques to practical applications and research frontiers,” Computers, vol. 14, no. 3, pp. 93–93, 2025. Available from: https://doi.org/10.3390/computers14030093
Rejeb et al., “The internet of things (IoT) in healthcare: Taking stock and moving forward,” Internet of Things, vol. 22, p. 100721, 2023. Available from: https://doi.org/10.1016/j.iot.2023.100721
El-Yahyaoui and M. D. E. C. El Kettani, “A verifiable fully homomorphic encryption scheme for cloud computing security,” Technologies, vol. 7, no. 1, p. 21, 2019. Available from: https://doi.org/10.3390/technologies7010021
Jabir, J. Le, and C. Nguyen, “Phishing attacks in the age of generative artificial intelligence: A systematic review of human factors,” AI, vol. 6, no. 8, pp. 174–174, 2025. Available from: https://doi.org/10.3390/ai6080174
M. Masud et al., “A robust and lightweight secure access scheme for cloud-based e-healthcare services,” Peer-to-Peer Networking and Applications, vol. 14, no. 5, 2021. Available from: https://doi.org/10.1007/s12083-021-01162-x
Beniwal and A. Singhrova, “A systematic literature review on IoT gateways,” Journal of King Saud University – Computer and Information Sciences, vol. 34, no. 10, 2021. Available from: https://doi.org/10.1016/j.jksuci.2021.11.007
Sivan and Z. A. Zukarnain, “Security and privacy in cloud-based e-health system,” Symmetry, vol. 13, no. 5, p. 742, 2021. Available from: https://doi.org/10.3390/sym13050742
M. Zonayed et al., “Machine learning and IoT in healthcare: Recent advancements, challenges and future direction,” Advances in Biomarker Sciences and Technology, vol. 7, 2025. Available from: https://doi.org/10.1016/j.abst.2025.08.006
Kumari et al., “A comprehensive investigation of anomaly detection methods in deep learning and machine learning,” IET Information Security, 2024. Available from: https://doi.org/10.1049/2024/8821891
Kupcova, M. Pleva, V. Khavan, and M. Drutarovsky, “A comparative study of partially, somewhat, and fully homomorphic encryption,” Electronics, vol. 14, no. 23, p. 4753, 2025. Available from: https://doi.org/10.3390/electronics14234753
Zaraket, K. Hariss, M. Chamoun, and T. Nicolas, “Cloud-based private data analytics using secure computation over encrypted data,” Journal of King Saud University – Computer and Information Sciences, vol. 34, no. 8, pp. 4931–4942, 2022. Available from: https://doi.org/10.1016/j.jksuci.2021.06.014
Y. Majib et al., “Detecting anomalies within smart buildings using do-it-yourself internet of things,” Journal of Ambient Intelligence and Humanized Computing, vol. 14, no. 5, pp. 4727–4743, 2022. Available from: https://doi.org/10.1007/s12652-022-04376-w
Krzyszto?, I. Rojek, and D. Miko?ajewski, “A comparative analysis of anomaly detection methods in IoT networks: An experimental study,” Applied Sciences, vol. 14, no. 24, p. 11545, 2024. Available from: https://doi.org/10.3390/app142411545
Y. Lu, T. Zhou, Y. Tian, S. Zhu, and J. Li, “Web-based privacy-preserving multicenter medical data analysis tools via threshold homomorphic encryption,” Journal of Medical Internet Research, vol. 22, no. 12, p. e22555, 2020. Available from: https://doi.org/10.2196/22555
G.-Y. Kim, S.-M. Lim, and I.-C. Euom, “A study on performance metrics for anomaly detection based on industrial control system operation data,” Electronics, vol. 11, no. 8, p. 1213, 2022. Available from: https://doi.org/10.3390/electronics11081213
M. Javaid and I. H. Khan, “Internet of things (IoT) enabled healthcare helps to take the challenges of COVID-19 pandemic,” Journal of Oral Biology and Craniofacial Research, vol. 11, no. 2, pp. 209–214, 2021. Available from: https://doi.org/10.1016/j.jobcr.2021.01.015
Y. Xiao et al., “Privacy protection anomaly detection in smart grids based on combined PHE and TFHE homomorphic encryption,” Electronics, vol. 14, no. 12, pp. 2386–2386, 2025. Available from: https://doi.org/10.3390/electronics14122386
Zhang and X. Jiang, “Sensitive data detection with high-throughput machine learning models in electronic health records,” AMIA Annual Symposium Proceedings, 2023, p. 814, 2024. Available from: https://pmc.ncbi.nlm.nih.gov/articles/PMC10785837/
Manshadi, N. Alafchi, A. Tat, M. Mousavi, and A. Mosavi, “Comparative analysis of machine learning and numerical modeling for combined heat transfer in polymethylmethacrylate,” Polymers, vol. 14, no. 10, pp. 1996–1996, 2022. Available from: https://doi.org/10.3390/polym14101996

Cites this article as

G. Methari, I. Rasool, "Machine Learning Based Anomaly Detection and Homomorphic Encryption for Securing Electronic Health Records in IoT-Enabled Hospitals", International Journal of Innovative Research in Computer Science and Technology (IJIRCST), Vol-13, Issue-6, Page No-187-197, 2025. Available from: https://doi.org/10.55524/ijircst.2025.13.6.19

Corresponding Author

Gnanesh Methari

Department of Information Technology (Cybersecurity), Franklin University, Columbus, United States

Download Full Paper

Download PDF

No. of Downloads: 14 | No. of Views: 121

Machine Learning Based Anomaly Detection and Homomorphic Encryption for Securing Electronic Health Records in IoT-Enabled Hospitals

Citations

Download Full Paper PDF

Total View 121

Total Download 14