Title :
Web-Based Sharing of Electrocardiograms: Privacy and Access Control
Author :
Yuan, Shizhong ; Wei, Daming ; Xu, Weimin ; Shen, Wenfeng
Author_Institution :
Biomed. Inf. Technol. Lab., Univ. of Aizu, Aizu-Wakamatsu, Japan
Abstract :
Health information exchange (HIE) across multiple organizations via the Internet is a current trend in medicine and healthcare. Protection of the sensitive data contained in health information from disclosure to unauthorized persons is challenging. In this paper, we present an access control architecture based on XACML and SAML to address privacy and security issues in our HIE application, Web-based sharing of electrocardiograms (ECGs). We also introduce a prototypical implementation of this access control architecture and a use case scenario for the experiment. It shows that the access control architecture can protect the ECGs shared among organizations from disclosure to both the individuals who have no job-related need to access them and the individuals who have been denied the privilege to access them by a patient´s privacy consent.
Keywords :
Internet; authorisation; data privacy; electrocardiography; medical computing; ECG; Internet; SAML; Web-based sharing; XACML; access control architecture; electrocardiograms; health information exchange; Access control; Authentication; Authorization; Electrocardiography; Information security; Internet; Medical services; Privacy; Protection; Prototypes; access control; electrocardiogram; privacy; web;
Conference_Titel :
Web Information Systems and Mining, 2009. WISM 2009. International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3817-4
DOI :
10.1109/WISM.2009.25
