Secure and Customizable EHR Management Services with COASTmed
نویسندگان
چکیده
The exchange of electronic health records (EHR) among multiple parties and for multiple purposes raises nontrivial concerns. Unfortunately, privacy and operational policies granting individual access privileges to parties are often artifacts foreign to healthcare systems, thus EHR security is all the more frail. Moreover, current web service technologies that constitute many EHR systems treat users uniformly, making it more difficult for information consumers to use this data for specific purposes. Therefore, there is a need for EHR systems that offer secure, policy compliant access to data services and enable users to obtain the required information according to their individual authority. We present COASTmed, a notional EHR system that simultaneously offers provider-controlled differential service access and user-controlled customization. Our prototype is founded on the architectural principles of the COAST style and leverages the Rei policy language.
منابع مشابه
Attribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملNurses’ Perceptions, Attitudes, and Preferences
It is estimated that by the year 2005, the majority of healthcare facilities will have implemented some type of electronic health records (EHR) and electronic documentation systems. In 2003, Tommy G. Thompson, Secretary of the Department of Health and Human Services (DHHS), asked two prestigious organizations, the Institute of Medicine and Health Level 7 (HL7), to form a national task force to ...
متن کاملElectronic Health Record System: A Perspective to Improve the Value of Services Rendered to Patients in Healthcare Organization in Rwanda, Case of CHUB and Hopital De Nemba
--In Rwanda, many healthcare organizations are still using a paper based patients’ data record system although it still present weaknesses to share health patients’ information across different services when necessary. In developed countries, the EHR has been put in place to revolutionize the paper based record system but still the EHR has some challenges related to privacy, security, or intero...
متن کاملRole-based and time-bound access and management of EHR data
Security and privacy are widely recognized as important requirements for access and management of Electronic Health Record (EHR) data. In this paper we argue that EHR data needs to be managed with customizable access control in both spatial and temporal dimensions. We present a role-based and time-bound access control model (RBTBAC) that provides more flexibility in both roles (spatial capabili...
متن کاملElectronic Health Record
The term electronic health record (EHR) refers to the complete set of information that resides in electronic form and is related to the past, present, and future health status or health care provided to a subject of care. The primary purpose of EHRs is the documentation, retrieval, transmission, linking, and processing of multimedia information to legitimate users for the delivery of knowledge ...
متن کامل