sis 16(8): e4

Research Article

The Australian PCEHR System: Ensuring Privacy and Security through an Improved Access Control Mechanism

Download1349 downloads
Cite
BibTeX Plain Text
  • @ARTICLE{10.4108/eai.9-8-2016.151633,
    author={P. Vimalachandran and H. Wang and Y. Zhang and G. Zhuo},
    title={The Australian PCEHR System: Ensuring Privacy and Security through an Improved Access Control Mechanism},
    journal={EAI Endorsed Transactions on Scalable Information Systems},
    volume={3},
    number={8},
    publisher={EAI},
    journal_a={SIS},
    year={2016},
    month={8},
    keywords={EHR security, PCEHR privacy, information security},
    doi={10.4108/eai.9-8-2016.151633}
}
  • P. Vimalachandran
    H. Wang
    Y. Zhang
    G. Zhuo
    Year: 2016
    The Australian PCEHR System: Ensuring Privacy and Security through an Improved Access Control Mechanism
    SIS
    EAI
    DOI: 10.4108/eai.9-8-2016.151633
P. Vimalachandran1,*, H. Wang1, Y. Zhang1, G. Zhuo2
  • 1: Centre for Applied Informatics, College of Engineering and Science, Victoria University, Melbourne
  • 2: Department of Computer Science, Taiyuan Normal University, China
*Contact email: Pasupathy.Vimalachandran@live.vu.edu.au

Abstract

An Electronic Health Record (EHR) is designed to store diverse data accurately from a range of healthcare providers and to capture the status of a patient by a range of healthcare providers across time. Realising the numerous benefits of the system, EHR adoption is growing globally and many countries invest heavily in electronic health systems. In Australia, the Government invested $467 million to build key components of the Personally Controlled Electronic Health Record (PCEHR) system in July 2012. However, in the last three years, the uptake from individuals and healthcare providers has not been satisfactory. Unauthorised access of the PCEHR was one of the major barriers. We propose an improved access control model for the PCEHR system to resolve the unauthorised access issue. We discuss the unauthorised access issue with real examples and present a potential solution to overcome the issue to make the PCEHR system a success in Australia.

Keywords
EHR security, PCEHR privacy, information security
Received
2016-07-07
Accepted
2016-06-05
Published
2016-08-09
Publisher
EAI
http://dx.doi.org/10.4108/eai.9-8-2016.151633

Copyright © 2016 Vimalachandran et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution licence (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.