Abstract | ||
---|---|---|
In modern healthcare environments, a fundamental requirement for achieving continuity of care is the seamless access to distributed patient health records in an integrated and unified manner, directly at the point of care. However, Electronic Health Records (EHRs) contain a significant amount of sensitive information, and allowing data to be accessible at many different sources increases concerns related to patient privacy and data theft. Access control solutions must guarantee that only authorized users have access to such critical records for legitimate purposes, and access control policies from distributed EHR sources must be accurately reflected and enforced accordingly in the integrated EHRs. In this paper, we propose a unified access control scheme that supports patient-centric selective sharing of virtual composite EHRs using different levels of granularity, accommodating data aggregation and privacy protection requirements. We also articulate and address issues and mechanisms on policy anomalies that occur in the composition of discrete access control policies from different data sources. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1016/j.cose.2010.09.001 | Computers and Security |
Keywords | Field | DocType |
electronic health records(ehrs),electronic health records,policy composition,patient-centric authorization,policy anomaly analysis,selective sharing,point of care,access control,data aggregation | Health care,Computer access control,Internet privacy,Point of care,Computer science,Computer security,Authorization,Access control,Information sensitivity,Data theft,Data aggregator | Journal |
Volume | Issue | ISSN |
30 | 2-3 | Computers & Security |
Citations | PageRank | References |
30 | 1.67 | 11 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jing Jin | 1 | 111 | 9.59 |
Gail-Joon Ahn | 2 | 3012 | 203.39 |
Hongxin Hu | 3 | 1230 | 82.32 |
Michael J. Covington | 4 | 574 | 34.07 |
Xinwen Zhang | 5 | 697 | 46.90 |