|
Title:
|
SECURITY MODELS FOR MEDICAL AND GENETIC INFORMATION |
|
Author(s):
|
Eduardo B. Fernandez , María M. Larrondo Petrie , Tami Sorgente |
|
ISBN:
|
972-98947-5-2 |
|
Editors:
|
Pedro Isaías, Piet Kommers and Maggie McPherson |
|
Year:
|
2004 |
|
Edition:
|
1 |
|
Keywords:
|
Access Control, Genetic Data, Medical Data, Object-Oriented Modeling, Security Engineering. |
|
Type:
|
Full Paper |
|
First Page:
|
509 |
|
Last Page:
|
516 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
In the past, medical information was physically stored in hospitals, laboratories, and doctors offices. Access to this
sensitive data was limited, and it was protected by its physical isolation and ignorance of its existence. With the
digitization of medical data, this information is becoming accessible through distributed systems, including the Internet.
This has increased the numbers of people that can potentially access medical information by orders of magnitude, often
providing more efficient transfer of medical records and related information. Misuse of a persons medical and genetic
data could potentially negatively impact his ability to be hired, and limit his career path and his insurability. Clearly
medical information is one of the most sensitive types of information and requires strong security measures. We discuss
the requirements and policies required for an access control model suitable for medical and genetic information. We
indicate the general structure of such a model and conclude that it requires a layered structure. We then show its highest
level. We use the Unified Modeling Language (UML) to model a patient record and we make it more precise by defining
constraints using the Object Constraint Language (OCL). |
|
|
|
|
|
|
