An Electronic Health Record (EHR) is designed to store diverse data
accurately from a range of health care providers and to capture the status of a
patient by a range of health care providers across time. Realising the numerous
benefits of the system, EHR adoption is growing globally and many countries
invest heavily in electronic health systems. In Australia, the Government
invested $467 million to build key components of the Personally Controlled
Electronic Health Record (PCEHR) system in July 2012. However, in the last
three years, the uptake from individuals and health care providers has not been
satisfactory. Unauthorised access of the PCEHR was one of the major barriers.
We propose an improved access control model for the PCEHR system to resolve the
unauthorised access issue. We discuss the unauthorised access issue with real
examples and present a potential solution to overcome the issue to make the
PCEHR system a success in Australia