Abstract
In the next 10 years there will be rapid adoption of health information technology - electronic medical records by providers and personal health records by patients - linked via health information exchange. There is an emergent need to provide secure access to information spread across multiple repositories for health care providers (e.g., physicians, nurses, home health aides, etc.) who collaborate with one another across cyberspace to deliver patient care. Are available security models capable of supporting collaborative access where providers are simultaneously modifying a patient’s medical record? To address this question, this paper details collaborative security extensions to NIST RBAC.
Chapter PDF
Similar content being viewed by others
Keywords
- Health Information Technology
- Personal Health Record
- Health Information Exchange
- Access Control Model
- Collaboration Team
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abraham, J., Reddy, M.: Moving Patients Around: A Field Study of Coord. Between Clinical and Non-Clinical Staff in Hospitals. In: Proc. of ACM 2008 Conf. on Computer Supported Cooperative Work (2008)
Agrawal, R., et al.: Enabling the 21st Century Health Care Information Technology Revolution. Comm. of the ACM
Ahn, G.-J., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Trans. Inf. Syst. Secur. 3(4) (2000)
Ajayi, O., et al.: Dynamic Trust Negotiation for Flexible E-Health Collaborations. In: Proc. of 15th ACM Mardi Gras Conf. (2008)
American Academy of Pediatrics Web Page and Discussion on Medical Home, http://www.medicalhomeinfo.org/
American College of Physicians Web Page and Discussion on Medical Home, http://www.acponline.org/advocacy/where_we_stand/medical_home/
Biskup, J.: Protection of Privacy and Confidentiality in Medical Information Systems: Problems and Guidelines. In: Spooner, D., Landwehr, C. (eds.) Database Security, III: Status and Prospects. North-Holland, Amsterdam (1990)
Chen, H., Li, N.: Constraint Generation for Separation of Duty. In: Proc. of 11th ACM Symp. on Access Control Models and Technologies (2006)
D’Amour, D., et al.: A Model and Typology of Collaboration Between Professionals in Healthcare Organizations. BMC Health Services Research (2008)
Ferraiolo, D., et al.: Proposed NIST Standard for Role-Based Access Control. ACM Trans. on Information and Sys. Sec. 4(3) (2001)
Kenny, P., et al.: Virtual Humans for Assisted Health Care. In: Proc. of 1st Intl. Conf. on PErvasive Technologies Related to Assistive Environments (2008)
Nakae, M., et al.: A General Design Towards Secure Ad-hoc Collaboration. In: Proc. of 2006 Symp. on Information, Computer and Communications Security (2006)
NIST RBAC Standard, http://csrc.nist.gov/rbac/sandhu-ferraiolo-kuhn-00.pdf
Ali Pabrai, U.O.: Getting Started with HIPAA. Course Technology Press (2003)
Park, J., et al.: A Secure Workflow System for Dynamic Collaboration. In: Sec 2001: Proc. of 16th Intl. Conf. on Information Security: Trusted Information (2001)
Rindfleisch, T.: Privacy, Information Technology, and Health Care. J. of the ACMÂ 40(8) (1997)
Sandhu, R., et al.: Role-Based Access Control Models. IEEE Computer 29(2) (1996)
Sims, S., et al.: Surveillance of Methadone-Related Adverse Drug Events Using Multiple Public Health Data Sources. J. of Biomedical Informatics 40(4) (2007)
Ting, T.C.: A User-Role Based Data Security Approach. In: Landwehr, C. (ed.) Database Security: Status and Prospects. North-Holland, Amsterdam (1988)
Ting, T.C.: Application Information Security Semantics: A Case of Mental Health Delivery. In: Spooner, D., Landwehr, C. (eds.) Database Security, III: Status and Prospects. North-Holland, Amsterdam (1990)
Tolone, W., et al.: Access Control in Collaborative Systems. ACM Computing Surveys 37(1) (2005)
Xiao, Y.: Artifacts and Collaborative Work in Healthcare: Methodological, Theoretical, and Technological Implications of the Tangible. J. of Biomedical Informatics 38(1) (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Berhe, S., Demurjian, S., Agresta, T. (2009). Emerging Trends in Health Care Delivery: Towards Collaborative Security for NIST RBAC. In: Gudes, E., Vaidya, J. (eds) Data and Applications Security XXIII. DBSec 2009. Lecture Notes in Computer Science, vol 5645. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03007-9_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-03007-9_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03006-2
Online ISBN: 978-3-642-03007-9
eBook Packages: Computer ScienceComputer Science (R0)