A Flexible Solu on for Privilege Management and Access Control in EHR Systems
نویسندگان
چکیده
Background: Inter-organiza onal healthcare businesses are ruled by a huge set of policies: legal policies, organiza onal policies, medical policies, ethical policies, etc., which are quite sta c, pa ents policy and process, social and environmental condi ons, which are highly dynamic. In the context of a business case, those diff erent policies must be harmonized to enable privilege management and access control decisions. Objec ves: The authors off er a methodology to achieve interoperability through policies harmoniza on in a privilege management and access control solu on for EHR systems, to be later on implemented in a cancer care network using HL7 specifi ca ons. Methods: To meet the objec ve, the authors make use of a system-theore cal, architecture-centric, ontology-based approach to formally represen ng the aforemen oned polices for harmoniza on. Results: Because of its fl exibility and generality, a policydriven RBAC model is used to formally represent all the other access control models such as MAC, DAC, RBAC, ABAC, HL7 Data Segmenta on and Labeling Services. All the policies deployed in the context of an inter-organiza onal collabora on for cancer care can be formalized and then harmonized. Conclusions: The authors provide an implementa onindependent methodology to enable policies harmoniza on in EHR systems. The methodology described in the paper is independent on the maturity of organiza ons’ privilege management and access control system. Furthermore, it does not hamper organiza ons progressing to more advanced solu ons over the me. Even dynamic policies can be harmonized at run me, allowing advancement towards a pa ent-centered care.
منابع مشابه
Attribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملInformation Security Requirements for Implementing Electronic Health Records in Iran
Background and Goal: ICT development in recent years has created excellent developments in human social and economic life. One of the most important opportunities to use information technology is in the medical field, that the result would be electronic health record (EHR).The purpose of this research is to investigate the effects information securi...
متن کاملInformation Security Requirements for Implementing Electronic Health Records in Iran
Background and Goal: ICT development in recent years has created excellent developments in human social and economic life. One of the most important opportunities to use information technology is in the medical field, that the result would be electronic health record (EHR).The purpose of this research is to investigate the effects information securi...
متن کاملImplementing security and access control mechanisms for an electronic healthcare record
Personal Electronic Health Records (EHR) have recently been published as one means to support patient empowerment and patient control over their personal health record. The functionality of such an EHR may vary from a simple web-based interface for interactive data entry and data review up to a much more powerful system additionally supporting electronic data/document communication between clin...
متن کاملActive privilege management for distributed access control systems
The last decade has seen the explosive uptake of technologies to support true Internet-scale distributed systems, many of which will require security. The policy dictating authorisation and privilege restriction should be decoupled from the services being protected: (1) policy can be given its own independent language syntax and semantics, hopefully in an application independent way; (2) policy...
متن کامل