A Personal Health Record System for Emergency Case Management

  • Vassiliki Koufi
  • Flora Malamateniou
  • George Vassilacopoulos
Part of the Communications in Computer and Information Science book series (CCIS, volume 127)


Recent trends in healthcare delivery have led to a shift towards a patient-centric care model which depends on the evolution of information access and tools beyond Electronic Health Record (EHR) systems controlled by healthcare providers to Personal Health Record (PHR) systems whose architectures are based on the fundamental assumptions that the complete records are centrally stored and that each patient retains authority over access to any portion of his/her record. PHRs offer significant potential to stimulate transformational changes in emergency healthcare delivery since they can provide a complete picture of a person’s healthcare record when and where needed. However, a security issue of prominent importance arises which is concerned with the process of granting (revoking) authorization to (from) healthcare professionals without the patient’s involvement. This paper presents an approach to automating the authorization propagation process in PHR systems by means of context-aware technology, which is used to regulate user access to data via a fine-grained access control mechanism.


Personal health records Information availability Access control Emergency Authorization propagation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Koufi, V., Vassilacopoulos, G.: HDGPortal: A Grid Portal Application for Pervasive Access to Process-Based Healthcare Systems. In: 2nd International Conference in Pervasive Computing Technologies in Healthcare (PervasiveHealth 2008), Tampere, Finland (2008)Google Scholar
  2. 2.
    Tang, P.C., Ash, J.S., Bates, D.W., Overhage, J.M., Sands, D.Z.: Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. JAMIA 13(2), 121–126 (2006)Google Scholar
  3. 3.
    Lauer, G.: Health Record Banks Gaining Traction in Regional Projects (2009),
  4. 4.
    Wiljer, D., Urowitz, S., Apatu, E., DeLenardo, C., Eysenbach, G., Harth, T., Pai, H., Leonard, K.J.: Patient accessible electronic health records: exploring recommendations for successful implementation strategies. J. Med. Internet Res. 10(4) (2008)Google Scholar
  5. 5.
    Yasnoff, W.A.: Electronic Records are Key to Health-care Reform, BusinessWeek (2008)Google Scholar
  6. 6.
    Comini, L., Mazzu, M., Scalvini, S.: Security aspects in electronic personal health record: data access and preservation, Digital Prevention Europe, Briefing Paper (2008)Google Scholar
  7. 7.
    Win, K.T., Susilo, W., Mu, Y.: Personal Health Record Systems and Their Security Protection. J. Med. Syst. 30, 309–315 (2006)CrossRefGoogle Scholar
  8. 8.
    ICW eHealth Framework, Lifesensor (2009),
  9. 9.
    National Institute of Standards and Technology (NIST), Role Based Access Control (RBAC) and Role Based Security,
  10. 10.
    Røstad, L., Nytrø, Ø.: Personalized Access Control for a Personally Controlled Health Record. In: 2nd ACM Workshop on Computer Security Architectures (CSAW 2008), Virginia, USA (2008)Google Scholar
  11. 11.
    Metavante: In Case of Emergency Personal Health Record,
  12. 12.
    My Personal Health Record (MyPHR),
  13. 13.
    Wikipedia: Emergency Department,
  14. 14.
    Java Agent Development Framework,
  15. 15.
    Organization for the Advancement of Structured Information Standards (OASIS): Core and Hierarchical Role Based Access Control (RBAC) Profile of XACML v2.0,
  16. 16.
  17. 17.
    U.S. Congress: Health Insurance Portability and Accountability Act (HIPAA) (1996),
  18. 18.
    Personal Information Protection and Electronic Documents Act, Second Session, Thirty-sixth Parliament, 48–49, Elizabeth II, 1999–2000, Statutes of Canada (2000)Google Scholar
  19. 19.
    European Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data (1995)Google Scholar
  20. 20.
    Bundesdatenschutzgesetz (German Federal Data Protection Act), Bundesgesetzblatt 2001, Nr. 23 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Vassiliki Koufi
    • 1
  • Flora Malamateniou
    • 1
  • George Vassilacopoulos
    • 1
  1. 1.Department of Digital SystemsUniversity of PiraeusPiraeusGreece

Personalised recommendations