The electronic medical record: promises and threats
World Wide Web Journal - Special issue: Web security: a matter of trust
Security issues for implementation of e-medical records
Communications of the ACM
Digital rights management in a 3G mobile phone and beyond
Proceedings of the 3rd ACM workshop on Digital rights management
A case study in access control requirements for a Health Information System
ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
A novel use of RBAC to protect privacy in distributed health care information systems
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
A contextual role-based access control authorization model for electronic patient record
IEEE Transactions on Information Technology in Biomedicine
Securing medical records on smart phones
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
A digital rights management model for healthcare
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Establishing a trust relationship in cooperative information systems
ODBASE'06/OTM'06 Proceedings of the 2006 Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, DOA, GADA, and ODBASE - Volume Part I
| Hi-index | 0.00 |
In autonomous distributed healthcare environments, patients' electronic medical records are controlled and managed by each healthcare facility. It is important to ensure that when records are accessed and transferred that it is done securely, while still respecting patients' rights on privacy and confidentiality of their personal health information. We propose a new tag-based data model for representing patients' electronic medical records as well as access and transfer policy statements. This model helps to categorize the patient information, as well as expressing patients' consent for a variety of domains (individual, health care provider and facility). Unlike most existing data models used in healthcare information systems, our model supports patients' consent expression in terms of healthcare facilities, healthcare providers, their roles, and categories of medical records or any combination of them within a single framework. Our model has been demonstrated by developing a prototype system using some trusted computing components.