EPR Access Authorization of Medical Teams Based on Patient Consent
نویسندگان
چکیده
Electronic patient records (EPR) may contain highly confidential and personal medical information. It is therefore essential that medical data is properly protected and managed. Today, it is widely recognized that patients have a right to selfdetermination and to exert control of their own medical data by consent. In this paper, we present a cryptographic EPR access authorization scheme that incorporates patient consent as a basis for granting EPR access to medical teams or practitioners. This ensures that only the medical practitioners specified by a consenting patient are granted EPR access. If a patient is unconscious, the variation of the scheme allows an emergency or security team to act on behalf of the patient.
منابع مشابه
Security in Wireless Medical Networks
In the medical scenario, electronic information management and wireless computer networks provide ubiquitous access possibilities to medical databases which may comprise hundreds of thousands of electronic patient records (EPRs). Such records may contain personal and highly sensitive patient data, and it is therefore necessary to limit the accessibility of such data to only concerning medical p...
متن کاملAnonymity Preserving Authorization Granting in Medical Information Networks
Due to the sensitivity of personal medical information, this paper addresses the need of hiding patient identities — in contrast to only keeping their medical data confidential. Thus, it is desirable that personal and meaningful patient identity information like names, addresses, personal identity numbers, etc., are not to be linked to disclosed electronic patient records (EPR). To achieve this...
متن کاملSecurity, confidentiality, and privacy of information in the field of health with data EPR embedding in medical MRI images based on HVS model
the development of new technology and modern equipment has led to the development of telemedicine systems. As a result, there are dangers such as publishing patient information and intentionally or unintentionally, medical information. The forensic organization, as one of the powerful arms of the judiciary, pursues important cases in the medical and psychiatric commissions to take steps to rea...
متن کاملAuthorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملAutomating Consent Management Lifecycle for Electronic Healthcare Systems
The notion of patient’s consent plays a major role in granting access to medical data. In typical healthcare systems, consent is captured by a form that the patient has to fill in and sign. In e-Health systems, the paper-form consent is being replaced by access control mechanisms that regulate access to medical data while taking into account electronic content. This helps in empowering the pati...
متن کامل