|
Title:
|
ORCON-BASED ELECTRONIC HEALTH RECORD ACCESS CONTROL |
|
Author(s):
|
Tomasz Hyla |
|
ISBN:
|
978-972-8939-70-0 |
|
Editors:
|
Mário Macedo |
|
Year:
|
2012 |
|
Edition:
|
Single |
|
Keywords:
|
EHR, access control, ORCON |
|
Type:
|
Poster/Demonstration |
|
First Page:
|
267 |
|
Last Page:
|
269 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Electronic Health Record is a virtual container for documents related to one patient. One of the main security problems is a question how to design and implement an efficient, flexible and secure access control mechanism for nationwide EHR systems. The paper presents an access control model based on the ORCON model. The model is patient-centric, i.e. a patient has a full control of his EHR and grants or remove read rights to physicians. The Policy Decision Point (PDP) and Policy Enforcement Point (PEP) are located inside a secure hardware at physician workstation. It is technically not possible to create a digital copy of the EHR or its part on the physician workstation. |
|
|
|
|
|
|
