18th IEEE Symposium on Computer-Based Medical Systems (CBMS'05)
DOI: 10.1109/cbms.2005.89
|View full text |Cite
|
Sign up to set email alerts
|

Privacy of Medical Records: From Law Principles to Practice

Abstract: Regulating access to electronic health records has become a major social and technical challenge. Unfortunately, existing access control models fail in translating accurately basic law principles related to the safeguard of personal information (e.g., medical folder). This paper identifies the problem and proposes a solution in the EHR context.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1

Citation Types

0
4
0

Publication Types

Select...
4
1
1

Relationship

0
6

Authors

Journals

citations
Cited by 6 publications
(4 citation statements)
references
References 4 publications
0
4
0
Order By: Relevance
“…Access of that particular resource is limited to authorize users only. RBAC model lakes the ability to incorporate other access parameters or contextual information that are information access to user [3,6,10].for example, In life critical emergency cases when doctors must have access to a patient's EMR even if he has not been given the patient's consent. This poses the need to modify the RBAC to accommodate these limitations.…”
Section: Role-based Access Controlmentioning
confidence: 99%
See 1 more Smart Citation
“…Access of that particular resource is limited to authorize users only. RBAC model lakes the ability to incorporate other access parameters or contextual information that are information access to user [3,6,10].for example, In life critical emergency cases when doctors must have access to a patient's EMR even if he has not been given the patient's consent. This poses the need to modify the RBAC to accommodate these limitations.…”
Section: Role-based Access Controlmentioning
confidence: 99%
“…[60] There are some very well established Access control mechanism like Discretionary Access Control, Mandatory Access Control and Role Based Access control .these are designed according to industry standard. [3] Discretionary Access Control (DAC) is the very first standard which enables and controls the information access on the basis of user's identity and authorization [4]. Mandatory Access Control (MAC) was designed to overcome limitations of DAC, enables and controls the information access on the basis of security classification of users and objects in that particular system.…”
Section: Introductionmentioning
confidence: 99%
“…Access control mechanisms have been through many developments [14] in both academia and industry in order to satisfy the needs of healthcare domains. However, progress to date have not been sufficient to meet the security requirements of a federated healthcare environment [8]. Most of the models developed so far have been designed to satisfy healthcare security requirements in a controlled environment, such as the Electronic Medical Record database maintained within a hospital.…”
Section: Introductionmentioning
confidence: 99%
“…Several solutions can be developed to overcome the security concerns associated with EHR and cloud computing systems. However, progress to date has not been sufficient to meet the security requirements of a federated healthcare environment (cloud computing) [7]. Most of the information security models developed so far have been designed to satisfy healthcare security requirements in a controlled environment, such as the EHR database maintained within a hospital [8].…”
mentioning
confidence: 99%