Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers

Research Article

Access Control Model for Sharing Composite Electronic Health Records

Download260 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-03354-4_25,
        author={Jing Jin and Gail-Joon Ahn and Michael Covington and Xinwen Zhang},
        title={Access Control Model for Sharing Composite Electronic Health Records},
        proceedings={Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers},
        proceedings_a={COLLABORATECOM},
        year={2012},
        month={5},
        keywords={},
        doi={10.1007/978-3-642-03354-4_25}
    }
    
  • Jing Jin
    Gail-Joon Ahn
    Michael Covington
    Xinwen Zhang
    Year: 2012
    Access Control Model for Sharing Composite Electronic Health Records
    COLLABORATECOM
    Springer
    DOI: 10.1007/978-3-642-03354-4_25
Jing Jin1,*, Gail-Joon Ahn2,*, Michael Covington3,*, Xinwen Zhang4,*
  • 1: University of North Carolina at Charlotte
  • 2: Arizona State University
  • 3: Intel Corporation
  • 4: Samsung Information Systems America
*Contact email: jjin@uncc.edu, Gail-Joon.Ahn@asu.edu, michael.j.covington@intel.com, xinwen.z@samsung.com

Abstract

The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.