22,326 research outputs found
A Patient-centric, Attribute-based, Source-verifiable Framework for Health Record Sharing
The storage of health records in electronic format, and the
wide-spread sharing of these records among different health
care providers, have enormous potential benefits to the U.S.
healthcare system. These benefits include both improving
the quality of health care delivered to patients and reducing
the costs of delivering that care. However, maintaining the
security of electronic health record systems and the privacy
of the information they contain is paramount to ensure that
patients have confidence in the use of such systems. In this
paper, we propose a framework for electronic health record
sharing that is patient centric, i.e. it provides patients with
substantial control over how their information is shared and
with whom; provides for verifiability of original sources of
health information and the integrity of the data; and permits fine-grained decisions about when data can be shared
based on the use of attribute-based techniques for authorization and access control. We present the architecture of the
framework, describe a prototype system we have built based
on it, and demonstrate its use within a scenario involving
emergency responders' access to health record information
A Consent-based Workflow System for Healthcare Systems
In this paper, we describe a new framework for healthcare systems where patients are able to control the disclosure of their medical data. In our framework, the patient's consent has a pivotal role in granting or removing access rights to subjects accessing patient's medical data. Depending on the context in which the access is being executed, different consent policies can be applied. Context is expressed in terms of workflows. The execution of a task in a given workflow carries the necessary information to infer whether the consent can be implicitly retrieved or should be explicitly requested from a patient. However, patients are always able to enforce their own decisions and withdraw consent if necessary. Additionally, the use of workflows enables us to apply the need-to-know principle. Even when the patient's consent is obtained, a subject should access medical data only if it is required by the actual situation. For example, if the subject is assigned to the execution of a medical diagnosis workflow requiring access to the patient's medical record. We also provide a complex medical case study to highlight the design principles behind our framework. Finally, the implementation of the framework is outlined
Secure and Trustable Electronic Medical Records Sharing using Blockchain
Electronic medical records (EMRs) are critical, highly sensitive private
information in healthcare, and need to be frequently shared among peers.
Blockchain provides a shared, immutable and transparent history of all the
transactions to build applications with trust, accountability and transparency.
This provides a unique opportunity to develop a secure and trustable EMR data
management and sharing system using blockchain. In this paper, we present our
perspectives on blockchain based healthcare data management, in particular, for
EMR data sharing between healthcare providers and for research studies. We
propose a framework on managing and sharing EMR data for cancer patient care.
In collaboration with Stony Brook University Hospital, we implemented our
framework in a prototype that ensures privacy, security, availability, and
fine-grained access control over EMR data. The proposed work can significantly
reduce the turnaround time for EMR sharing, improve decision making for medical
care, and reduce the overall costComment: AMIA 2017 Annual Symposium Proceeding
Electronic health record standards
Objectives: This paper seeks to provide an overview of the initiatives that are proceeding internationally to develop standards for the exchange of electronic health record (EHR) information between EHR systems.Methods: The paper reviews the clinical and ethico-legal requirements and research background on the representation and communication of EHR data, which primarily originates from Europe through a series of EU funded Health Telematics projects over the post thirteen years. The major concept that underpin the information models and knowledge models are summarised. These provide the requirements and the best evidential basis from which HER communications standards should be developed.Results. The main focus of EHR communications standardisation is presently occurring at a European level, through the Committee for European Normalisation (CEN). The major constructs of the CEN 13606 model ate outlined. Complementary activity is taking place in ISO and in HL7, and some of these efforts are also summarised.Conclusior: There is a strong prospect that a generic EHR interoperability standard can be agreed at a European (and hopefully international) level. Parts of the challenge of EHR i interoperability cannot yet he standardised, because good solutions to the preservation of clinical meaning across heterogeneous systems remain to be explored. Further research and empirical projects are therefore also needed
An evaluation of break-the-glass access control model for medical data in wireless sensor networks
Wireless Sensor Networks (WSNs) have recently attracted a lot of attention in the research community because it is easy to deploy them in the physical environment and collect and disseminate environmental data from them. The collected data from sensor nodes can vary based on what kind of application is used for WSNs. Data confidentiality and access control to that collected data are the most challenging issues in WSNs because the users are able to access data from the different location via ad-hoc manner. Access control is one of the critical requirements to prevent unauthorised access from users. The current access control models in information systems cannot be applied straightforwardly because of some limitations namely limited energy, resource and memory, and low computation capability. Based on the requirements of WSNs, we proposed the Break-The-Glass Access Control (BTG-AC) model which is the modified and redesigned version of Break-The-Glass Role-Based Access Control (BTG-RBAC) model. The several changes within the access control engine are made in BTG-RBAC to apply and fit in WSNs. We developed the BTG-AC model in Ponder2 package. Also a medical scenario was developed to evaluate the BTG-AC model for medical data in WSNs. In this paper, detail design, implementation phase, evaluation result and policies evaluation for the BTG-AC model are presented. Based on the evaluation result, the BTG-AC model can be used in WSNs after several modifications have been made under Ponder2 Package
- …