Policy resolution in workflow management systems
Digital Technical Journal
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Computer monitoring: benefits and pitfalls facing management
Information and Management
On Privacy-Preserving Access to Distributed Heterogeneous Healthcare Information
HICSS '04 Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 6 - Volume 6
Privacy-preserving data integration and sharing
Proceedings of the 9th ACM SIGMOD workshop on Research issues in data mining and knowledge discovery
Access control in collaborative systems
ACM Computing Surveys (CSUR)
How to Break Access Control in a Controlled Manner
CBMS '06 Proceedings of the 19th IEEE Symposium on Computer-Based Medical Systems
Secure Integration of Distributed Medical Data Using Mobile Agents
IEEE Intelligent Systems
Privacy-Aware Autonomous Agents for Pervasive Healthcare
IEEE Intelligent Systems
Partitioning knowledge bases between advanced notification and clinical decision support systems
Decision Support Systems
Role engineering: From design to evolution of security schemes
Journal of Systems and Software
Access Governance: Flexibility with Escalation and Audit
HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
A novel use of RBAC to protect privacy in distributed health care information systems
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
A cost-based analysis of intrusion detection system configuration under active or passive response
Decision Support Systems
Security and performance in service-oriented applications: Trading off competing objectives
Decision Support Systems
A new role mining framework to elicit business roles and to mitigate enterprise risk
Decision Support Systems
Fundamentals of Queueing Theory
Fundamentals of Queueing Theory
An integrated approach for identity and access management in a SOA context
Proceedings of the 16th ACM symposium on Access control models and technologies
On the Prevention of Fraud and Privacy Exposure in Process Information Flow
INFORMS Journal on Computing
Pricing and disseminating customer data with privacy awareness
Decision Support Systems
| Hi-index | 0.00 |
This paper addresses two critical challenges faced by healthcare organizations: significant personnel shortages and mandates to safeguard patient safety and information security. We develop a two-stage decision making methodology to optimize the healthcare workflow task assignments and mitigate information disclosure risks. While the first stage throughput optimization formulation maximizes operational efficiencies, it can expose organizations to information disclosure risks that can be exploited to violate patient safety and information security. To address the ensuing privacy and fraud concerns we define task-based conflict sets to assess disclosure risks with optimal task assignments. In the second stage of the solution methodology, various security control strategies - task based and employee based - are incorporated into a decision support model to help decision makers to effectively manage and achieve workflow efficiency and meet information security requirements. For practical settings where certain parameters are not obtainable or the problem is computationally intractable, we provide a sequential-decision approach that could yield approximate partial solutions. We conduct an extensive computational analysis of a clinical workflow process to illustrate the practical benefits of the proposed methodology.