Personalized access control for a personally controlled health record
Proceedings of the 2nd ACM workshop on Computer security architectures
MeD-Lights: a usable metaphor for patient controlled access to electronic health records
Proceedings of the 1st ACM International Health Informatics Symposium
Considering privacy and effectiveness of authorization policies for shared electronic health records
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare
International Journal of Security and Networks
Hi-index | 0.00 |
Health information about a patient is usually kept local to the hospital or clinic where the patient was treated. Patient Controlled Health Records (PCHR) has been proposed as a means to collect all this information and make it available to the patient. In a PCHR the patient is in control and determines who gets access to his health information. In this paper we present a set of usage scenarios to explore the concept of a PCHR. From the scenarios we deduce a set of concerns of relevance when designing an access control model for a PCHR. Finally we outline an initial access control model for a PCHR.