sis 16(8): e4

Research Article

The Australian PCEHR System: Ensuring Privacy and Security through an Improved Access Control Mechanism

Download1476 downloads
  • @ARTICLE{10.4108/eai.9-8-2016.151633,
        author={P. Vimalachandran and H. Wang and Y. Zhang and G. Zhuo},
        title={The Australian PCEHR System: Ensuring Privacy and Security through an Improved Access Control Mechanism},
        journal={EAI Endorsed Transactions on Scalable Information Systems},
        volume={3},
        number={8},
        publisher={EAI},
        journal_a={SIS},
        year={2016},
        month={8},
        keywords={EHR security, PCEHR privacy, information security},
        doi={10.4108/eai.9-8-2016.151633}
    }
    
  • P. Vimalachandran
    H. Wang
    Y. Zhang
    G. Zhuo
    Year: 2016
    The Australian PCEHR System: Ensuring Privacy and Security through an Improved Access Control Mechanism
    SIS
    EAI
    DOI: 10.4108/eai.9-8-2016.151633
P. Vimalachandran1,*, H. Wang1, Y. Zhang1, G. Zhuo2
  • 1: Centre for Applied Informatics, College of Engineering and Science, Victoria University, Melbourne
  • 2: Department of Computer Science, Taiyuan Normal University, China
*Contact email: Pasupathy.Vimalachandran@live.vu.edu.au

Abstract

An Electronic Health Record (EHR) is designed to store diverse data accurately from a range of healthcare providers and to capture the status of a patient by a range of healthcare providers across time. Realising the numerous benefits of the system, EHR adoption is growing globally and many countries invest heavily in electronic health systems. In Australia, the Government invested $467 million to build key components of the Personally Controlled Electronic Health Record (PCEHR) system in July 2012. However, in the last three years, the uptake from individuals and healthcare providers has not been satisfactory. Unauthorised access of the PCEHR was one of the major barriers. We propose an improved access control model for the PCEHR system to resolve the unauthorised access issue. We discuss the unauthorised access issue with real examples and present a potential solution to overcome the issue to make the PCEHR system a success in Australia.