Automating Consent Management Lifecycle for Electronic Healthcare Systems

  • Muhammad Rizwan Asghar
  • Giovanni Russello


The notion of patient’s consent plays a major role in granting access to medical data. In typical healthcare systems, consent is captured by a form that the patient has to fill-in and sign. In e-Health systems, the paper-form consent is being replaced by access control mechanisms that regulate access to medical data, while taking into account electronic content. This helps in empowering the patient with the capability of granting and revoking consent in a more effective manner. However, the process of granting and revoking consent greatly varies according to the situation in which the patient is. Our main argument is that such a level of detail is very difficult and error-prone to capture as a set of authorisation policies. In this chapter, we present ACTORS (Automatic Creation and lifecycle managemenT Of authoRisation policieS), a goal-driven approach to manage consent. The main idea behind ACTORS is to leverage the goal-driven approach of Teleo-Reactive (TR) programming for managing consent that takes into account changes regarding the domains and contexts in which the patient is providing her consent.


Data Subject Policy Decision Point Authorisation Policy Policy Enforcement Point Security Administrator 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aboelfotoh, M., Martin, P., Hassanein, H.: A mobile-based architecture for integrating personal health record data. In: IEEE 16th International Conference on e-Health Networking, Applications and Services (Healthcom), 2014, pp. 269–274 (2014)Google Scholar
  2. 2.
    Asghar, M., Russello, G.: Flexible and dynamic consent-capturing. In: Camenisch, J., Kesdogan, D. (eds.) Open Problems in Network Security. Lecture Notes in Computer Science, vol. 7039, pp. 119–131. Springer, Berlin (2012)CrossRefGoogle Scholar
  3. 3.
    Asghar, M.R., Russello, G.: ACTORS: A goal-driven approach for capturing and managing consent in e-health systems. In: 2012 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 61–69 (2012)Google Scholar
  4. 4.
    Chan, H., Kwok, T.: A policy-based management system with automatic policy selection and creation capabilities by using a singular value decomposition technique. In: Seventh IEEE International Workshop on Policies for Distributed Systems and Networks, 2006. Policy 2006, pp. 96–99 (2006)Google Scholar
  5. 5.
    Clarke, R.: econsent: A critical element of trust in ebusiness. In: BLED 2002 Proceedings, p. 12 (2002)Google Scholar
  6. 6.
    Coiera, E., Clarke, R.: e-consent: the design and implementation of consumer consent mechanisms in an electronic environment. J. Am. Med. Inform. Assoc. 11(2), 129–140 (2004)Google Scholar
  7. 7.
    Communities, E.: Directive 1999/93/EC of the european parliament and of the council of 13 december 1999 on a community framework for electronic signatures (1999).
  8. 8.
    Curren, L., Kaye, J.: Revoking consent: a “blind spot” in data protection law? Comput. Law Secur. Rev. 26(3), 273–283 (2010)CrossRefGoogle Scholar
  9. 9.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lupu, E., Lobo, J. (eds.) Policies for Distributed Systems and Networks. Lecture Notes in Computer Science, vol. 1995, pp. 18–38. Springer, Berlin (2001)CrossRefGoogle Scholar
  10. 10.
    Dolin, R.H., Alschuler, L., Boyer, S., Beebe, C., Behlen, F.M., Biron, P.V., Shvo, A.S.: Hl7 clinical document architecture, release 2. J. Am. Med. Inform. Assoc. 13(1), 30–39 (2006)CrossRefGoogle Scholar
  11. 11.
    Earp, J.B., He, Q., Stufflebeam, W., Bolchini, D., Jensen, C., et al.: Financial privacy policies and the need for standardization. IEEE Secur. Priv. 2(2), 36–45 (2004)CrossRefGoogle Scholar
  12. 12.
    European Communities: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, year=1995, howpublished =
  13. 13.
    Fu, Z.: Network management and intrusion detection for quality of network services. Computer Science, North Carolina State University (2001)Google Scholar
  14. 14.
    Fu, Z.J., Wu, S.F.: Automatic generation of IPSec/VPN security policies in an intra-domain environment. In: 12th International Workshop on Distributed Systems: Operations & Management (2001)Google Scholar
  15. 15.
    Health Level Seven International: Hl7 implementation guide for cda release 2: Privacy consent directives, release 1. (2013)
  16. 16.
    Illner, S., Krumm, H., Pohl, A., Lück, I., Manka, D., Sparenberg, T.: Policy controlled automated management of distributed and embedded service systems. In: Parallel and Distributed Computing and Networks, pp. 710–715 (2005)Google Scholar
  17. 17.
    Illner, S., Pohl, A., Krumm, H., Luck, I., Manka, D., Sparenberg, T.: Automated runtime management of embedded service systems based on design-time modeling and model transformation. In: 2005 3rd IEEE International Conference on Industrial Informatics, INDIN ’05, pp. 134–139 (2005)Google Scholar
  18. 18.
    Jin, J., Ahn, G.J., Hu, H., Covington, M.J., Zhang, X.: Patient-centric authorization framework for sharing electronic health records. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT ’09, pp. 125–134. ACM, New York, NY (2009)Google Scholar
  19. 19.
    Johnson, M., Karat, J., Karat, C., Grueneberg, K.: Usable policy template authoring for iterative policy refinement. In: 2010 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 18–21 (2010)Google Scholar
  20. 20.
    Lawson, P., O’Donoghue, M.: Approaches to consent in Canadian data protection law. In: Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society, pp. 23–42 (2009)
  21. 21.
    Luger, E., Rodden, T.: An informed view on consent for ubicomp. In: Proceedings of the 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing, UbiComp ’13, pp. 529–538. ACM, New York, NY (2013)Google Scholar
  22. 22.
    Luger, E., Rodden, T.: Terms of agreement: rethinking consent for pervasive computing. Interact. Comput. 25(3), 229–241 (2013) doi:10.1093/iwc/iws017CrossRefGoogle Scholar
  23. 23.
    Malone, P., McLaughlin, M., Leenes, R., Ferronato, P., Lockett, N., Guillen, P.B., Heistracher, T., Russello, G.: ENDORSE: a legal technical framework for privacy preserving data management. In: Proceedings of the 2010 Workshop on Governance of Technology, Information and Policies, pp. 27–34. ACM (2010)Google Scholar
  24. 24.
    Marinovic, S., Twidle, K., Dulay, N., Sloman, M.: Teleo-reactive policies for managing human-centric pervasive services. In: Network and Service Management (CNSM), 2010 International Conference on, pp. 80–87 (2010)Google Scholar
  25. 25.
    McDonald, A.M., Cranor, L.F.: Cost of reading privacy policies, the. ISJLP 4, 543 (2008)Google Scholar
  26. 26.
    McNair, L., Costello, A.: Electronic informed consent: a new industry standard (2014)
  27. 27.
    Mont, M.C., Pearson, S., Kounga, G., Shen, Y., Bramhall, P.: On the management of consent and revocation in enterprises: setting the context. HP Laboratories, Technical Report HPL-2009-49 (2009)Google Scholar
  28. 28.
    Nilsson, N.J.: Teleo-reactive programs for agent control. J. Artif. Intell. Res. 1, 139–158 (1994)Google Scholar
  29. 29.
    Nissenbaum, H.: Privacy in context: technology, policy, and the integrity of social life. Stanford University Press, Stanford (2009)Google Scholar
  30. 30.
    OASIS Standard: eXtensible Access Control Markup Language (XACML) Version 3.0. (2013)
  31. 31.
    O’Keefe, C.M., Greenfield, P., Goodchild, A.: A decentralised approach to electronic consent and health information access control. J. Res. Pract. Inf. Technol. 37(2), 161–178 (2005)Google Scholar
  32. 32.
    Pruski, C.: e-CRL: A rule-based language for expressing patient electronic consent. In: Second International Conference on eHealth, Telemedicine, and Social Medicine, 2010. ETELEMED ’10, pp. 141–146 (2010)Google Scholar
  33. 33.
    Report of the Secretary’s advisory committee on automated personal data systems. U.S. Department of Health, Education & Welfare, Records, Computers, and the Rights of Citizens (1973)Google Scholar
  34. 34.
    Russello, G., Dong, C., Dulay, N.: Authorisation and conflict resolution for hierarchical domains. In: Eighth IEEE International Workshop on Policies for Distributed Systems and Networks, 2007. POLICY ’07, pp. 201–210 (2007)Google Scholar
  35. 35.
    Russello, G., Dong, C., Dulay, N.: Consent-based workflows for healthcare management. In: IEEE Workshop on Policies for Distributed Systems and Networks, 2008. POLICY 2008, pp. 153–161 (2008)Google Scholar
  36. 36.
    Saltzer, J., Schroeder, M.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)CrossRefGoogle Scholar
  37. 37.
    Schwartz, P.M.: The eu-us privacy collision: a turn to institutions and procedures (2013)Google Scholar
  38. 38.
    Schwartz, P.M., Solove, D.J.: The PII problem: privacy and a new concept of personally identifiable information. NYUL Rev. 86, 1814 (2011)Google Scholar
  39. 39.
    Solove, D.J.: Introduction: Privacy self-management and the consent dilemma. Harv. Law Rev. 126, 1880 (2012)Google Scholar
  40. 40.
    Turow, J., Feldman, L., Meltzer, K.: Open to exploitation: America’s shoppers online and offline (2005)Google Scholar
  41. 41.
    Twidle, K., Dulay, N., Lupu, E., Sloman, M.: Ponder2: a policy system for autonomous pervasive environments. In: International Conference on Autonomic and Autonomous Systems, pp. 330–335 (2009)Google Scholar
  42. 42.
    Whitley, E.A.: Informational privacy, consent and the “control” of personal data. Inf. Secur. Tech. Rep. 14(3), 154–159 (2009)CrossRefGoogle Scholar
  43. 43.
    Wuyts, K., Scandariato, R., Verhenneman, G., Joosen, W.: Integrating patient consent in e-Health access control. Int. J. Secure Softw. Eng. IGI Global 2(2), 1–24 (2011). Partner: KUL; project: NESSoSGoogle Scholar
  44. 44.
    Zhou, X., Demetriou, S., He, D., Naveed, M., Pan, X., Wang, X., Gunter, C.A., Nahrstedt, K.: Identity, location, disease and more: inferring your secrets from android public resources. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp. 1017–1028. ACM, New York (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Department of Computer ScienceThe University of AucklandAucklandNew Zealand

Personalised recommendations