Access Control Requirements for Processing Electronic Health Records

  • Bandar Alhaqbani
  • Colin Fidge
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4928)

Abstract

There is currently a strong focus worldwide on the potential of large-scale Electronic Health Record systems to cut costs and improve patient outcomes through increased efficiency. A number of countries are developing nationwide EHR systems to aggregate services currently provided by isolated Electronic Medical Record databases. However, such aggregation introduces new risks for patient privacy and data security, both by linking previously-separate pieces of information about an individual, and by creating single access points to a wide range of personal data. It is thus essential that new access control policies and mechanisms are devised for federated Electronic Health Record systems, to ensure not only that sensitive patient data is accessible by authorized personnel only, but also that it is available when needed in life-critical situations. Here we review the traditional security models for access control, Discretionary Access Control, Mandatory Access Control and Role-Based Access Control, and use a case study to demonstrate that no single one of them is sufficient in a federated healthcare environment. We then show how the required level of data security can be achieved through a judicious combination of all three mechanisms.

Keywords

Access Control Electronic Health Record Access Control Policy Access Control Model Electronic Health Record System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Biba, K.J.: Integrity Considerations for Secure Computer System. Technical report, Mitre Corporation (1977)Google Scholar
  2. 2.
    Chhanabhai, P., Holt, A.: Consumers are Ready to Accept the Transition to Online and Electronic Records if They can be Assured of the Security Measures. Medscape General Medicine 9(1) (2007)Google Scholar
  3. 3.
    Demuynck, L., De Decker, B.: Privacy-Preserving Electronic Health Records. In: Dittmann, J., Katzenbeisser, S., Uhl, A. (eds.) CMS 2005. LNCS, vol. 3677, pp. 150–159. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Eichelberg, M., et al.: A Survey and Analysis of Electronic Healthcare Record Standards. ACM Computing Surveys 37(4), 277–315 (2005)CrossRefGoogle Scholar
  5. 5.
    HealthConnect Business Architecture, version 1.0 (2003)Google Scholar
  6. 6.
    Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Unified Exposition and Multics Interpretation. Technical report, Mitre Corporation (1976)Google Scholar
  7. 7.
    Ferraiolo, D., Kuhn, D., Chandramouli, R.: Role-Based Access Control. Artech House (2003)Google Scholar
  8. 8.
    Finance, B., Medjdoub, S., Pucheral, P.: Privacy of Medical Records: From Law Principles to Practice. In: Computer-Based Medical Systems. Proceedings. 18th IEEE Symposium on, pp. 220–225 (2005)Google Scholar
  9. 9.
    Tracy Gunter, D., Nicolas Terry, P.: The Emergence of National Electronic Health Record Architectures in the United States and Australia: Models, Costs, and Questions. Journal of Medical Internet Research 3, e3 (2005)CrossRefGoogle Scholar
  10. 10.
    Hu, V., Ferraiolo, D., Kuhn, D.: Assessment of Access Control Systems. Technical report, National Institute of Standards and Technology (September 2006)Google Scholar
  11. 11.
    Iacovino, L.: Trustworthy Shared Electronic Health Records: Recordkeeping Requirements and HealthConnect. Journal of Law and Medicine 12, 40–60 (2004)Google Scholar
  12. 12.
    Iakovidis, I.: Towards Personal Health Record: Current Situation, Obstacles and Trends in Implementation of Electronic Healthcare Record in Europe. International Journal of Medical Informatics 52(1–3), 105–115 (1998)CrossRefGoogle Scholar
  13. 13.
    Motta, G., Furuie, S.S.: A Contextual Role-Based Access Control Authorization Model for Electronic Patient Record. IEEE Transactions on Information Technology in Biomedicine 7(3), 202–207 (2003)CrossRefGoogle Scholar
  14. 14.
    Park, J., Sandhu, R.: Towards Usage Control Models: Beyond Traditional Access Control. In: SACMAT 2002. Proceedings of the 7th ACM symposium on Access Control Models and Technologies, pp. 57–64. ACM Press, New York (2002)CrossRefGoogle Scholar
  15. 15.
    Ray, P., Wimalasiri, J.: The Need for Technical Solutions for Maintaining the Privacy of EHR. In: EMBS 2006. 28th Annual International Conference of the IEEE, Engineering in Medicine and Biology Society, pp. 4686–4689 (2006)Google Scholar
  16. 16.
    Rishel, W., Handler, T., Edwards, J.: A Clear Definition of the Electronic Health Record. Technical report, Gartner (2005)Google Scholar
  17. 17.
    Sandhu, R., Samarati, P.: Access Control: Principles and Practice. IEEE Communications Magazine 32(9), 40–48 (1994)CrossRefGoogle Scholar
  18. 18.
    Simon, R., Zurko, M.: Separation of Duty in Role-Based Environments. In: IEEE Computer Security Foundations Workshop, pp. 183–194 (1997)Google Scholar
  19. 19.
    Wilikens, M., Feriti, S., Sanna, A., Masera, M.: A Context-Related Authorization and Access Control Method Based on RBAC: A Case Study from the Health Care Domain. In: Proceedings of the 7th ACM symposium on Access control models and technologies, pp. 117–124. ACM Press, New York (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Bandar Alhaqbani
    • 1
  • Colin Fidge
    • 2
  1. 1.Information Security Institute 
  2. 2.School of Software Engineering and Data CommunicationsQueensland University of TechnologyBrisbaneAustralia

Personalised recommendations