Absence makes the heart grow fonder: new directions for implantable medical device security
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Extending access control models with break-glass
Proceedings of the 14th ACM symposium on Access control models and technologies
Securing medical records on smart phones
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
A modeling approach of web-based mobile parking guidance system and secured EHR in e-healthcare
Healthcom'09 Proceedings of the 11th international conference on e-Health networking, applications and services
Remote Patient Monitoring Within a Future 5G Infrastructure
Wireless Personal Communications: An International Journal
Rumpole: a flexible break-glass access control model
Proceedings of the 16th ACM symposium on Access control models and technologies
Managing Information Access in Data-Rich Enterprises with Escalation and Incentives
International Journal of Electronic Commerce
Attribute-Based encryption with break-glass
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Protecting privacy during peer-to-peer exchange of medical documents
Information Systems Frontiers
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Privacy management in dynamic groups: understanding information privacy in medical practices
Proceedings of the 2013 conference on Computer supported cooperative work
Generic support for RBAC break-glass policies in process-aware information systems
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Enforcement of entailment constraints in distributed service-based business processes
Information and Software Technology
Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits
ACM Transactions on Management Information Systems (TMIS) - Special Issue on Informatics for Smart Health and Wellbeing
Future Generation Computer Systems
Hi-index | 0.00 |
The Electronic Medical Record (EMR) integrates heterogeneous information within a Healthcare Institution stressing the need for security and access control. The Biostatistics and Medical Informatics Department from Porto Faculty of Medicine has recently implemented a Virtual EMR (VEMR) in order to integrate patient information and clinical reports within a university hospital. With more than 500 medical doctors using the system on a daily basis, an access control policy and model were implemented. However, the healthcare environment has unanticipated situations (i.e. emergency situations) where access to information is essential. Most traditional policies do not allow for overriding. A policy that allows for "Break-The-Glass (BTG)" was implemented in order to override access control whilst providing for non-repudiation mechanisms for its usage. The policy was easily integrated within the model confirming its modularity and the fact that user intervention in defining security procedures is crucial to its successful implementation and use.