Multi-domain and privacy-aware role based access control in eHealth

Author

Martino, Lorenzo D. ; Ni, Qun ; Lin, Dan ; Bertino, Elisa

Author_Institution

Comp&Info Tech, Purdue Univ., West Lafayette, IN

fYear

2008

fDate

Jan. 30 2008-Feb. 1 2008

Firstpage

131

Lastpage

134

Abstract

Information Technology-supported Heathcare (eHealth) is crucial in order to reduce healthcare costs, and improve quality of care and patient safety. Among technologies in eHealth, Electronic Medical/Health Records (EMR/EHR) enabling communication of patient data between different healthcare professionals (e.g. specialists, pharmacy), is the most important and sensitive. There are three crucial requirements when accessing EMRs: such access must be both secure and privacy preserving; such access must be allowed to individuals from different organizations; such access should be confined based on meta information about the EMRs. In this paper, we propose a multi-domain privacy-aware role based access control meeting these requirements.

Keywords

authorisation; data privacy; health care; medical information systems; eHealth; electronic medical/health records; healthcare professionals; multidomain privacy-aware role based access control; patient safety; privacy preserving;; Access control; Computer science; Costs; Data security; Health and safety; Information security; Information technology; Medical services; National security; Privacy; Data Profile; Multi-Domain; P-RBAC; Privacy;

fLanguage

English

Publisher

ieee

Conference_Titel

Pervasive Computing Technologies for Healthcare, 2008. PervasiveHealth 2008. Second International Conference on

Conference_Location

Tampere

Print_ISBN

978-963-9799-15-8

Type

conf

DOI

10.1109/PCTHEALTH.2008.4571050

Filename

4571050