Semantic-Based Privacy Protection of Electronic Health Records for Collaborative Research

Combined health information and web-based technologies can be used to support healthcare and research activities associated with electronic health records (EHRs). EHRs used for research purposes demand privacy, confidentiality and all information governance concerns are addressed. However, existing solutions are unable to meet the evolving research needs especially when supporting data access and linkage across organization boundaries. In this work, we show how semantic methods can aid in the specification and enforcement of policies for privacy protection. This is illustrated through a case study associated with the Australasian Diabetes Data Network (ADDN), the national paediatric type-1 diabetes data registry and the Australian Urban Research Infrastructure Network (AURIN) platform that supports Australia-wide access to urban and built environment data sets. Specifically we show that through extending the eXtensible Access Control Markup Language (XACML) with semantic capabilities, we are able to support fine-grained privacy-preserving policies leveraging semantic reasoning that is not directly available in XACML or other existing security policy specification languages

Semantic privacy-preserving framework for electronic health record linkage

The combination of digitized health information and web-based technologies offers many possibilities for data analysis and business intelligence. In the healthcare and biomedical research domain, applications depending on electronic health records (EHRs) identify privacy preservation as a major concern. Existing solutions cannot always satisfy the evolving research demands such as linking patient records across organizational boundaries due to the potential for patient re-identification. In this work, we show how semantic methods can be applied to support the formulation and enforcement of access control policy whilst ensuring that privacy leakage can be detected and prevented. The work is illustrated through a case study associated with the Australasian Diabetes Data Network (ADDN – www.addn.org.au), the national paediatric type-1 diabetes data registry, and the Australian Urban Research Infrastructure Network (AURIN – www.aurin.org.au) platform that supports Australia-wide access to urban and built environment data sets. We demonstrate that through extending the eXtensible Access Control Markup Language (XACML) with semantic capabilities, finer-grained access control encompassing data risk disclosure mechanisms can be supported. We discuss the contributions that can be made using this approach to socio-economic development and political management within business systems, and especially those situations where secure data access and data linkage is required

Formalizing Semantic Differences Between Combining Algorithms in XACML 3.0 Policies

XACML is a standard language for specifying attribute-based access control policies of computer and software systems. It offers a variety of combining algorithms for flexible policy composition. While they are intended to be different, they also bear similarities. Some combining algorithms can be functionally equivalent with respect to the given policy or policies. To correctly use the combining algorithms, it is important to understand the subtle similarities and differences. This paper presents a formal treatment of the semantic differences between the commonly used combining algorithms in XACML 3.0. For each pair of the selected combining algorithms, we identify when they are functionally equivalent and when they are not equivalent. This rigorous understanding helps minimize incorrect uses of combining algorithms that may lead to unauthorized access and denial of service. It also provides a foundation for determining equivalent mutants of combining algorithms in mutation testing of XACML policies