Achieving Patient-Centered Fine-Grained Access Control in Hospital Information Systems - Using Business Process Management Systems

Nahid AlThqafi; Hessah AlSalamah; Ahmad Daraiseh

doi:10.5220/0005630200390048

Achieving Patient-Centered Fine-Grained Access Control in Hospital Information Systems - Using Business Process Management Systems

Nahid AlThqafi, Hessah AlSalamah, Ahmad Daraiseh

2016

Abstract

Access Control to patients’ medical information in Hospital Information Systems (HIS) is a challenge in modern Patient-Centered (PC) healthcare. Fine–Grained Access Control (FGAC) in particular has been identified as one of the security requirements in these systems. In FGAC, only parts of medical information that are relevant and required by healthcare providers are accessed at the point of care. This cannot be achieved without a holistic view of a medical condition through a Patient-Centered Fine-Grained Access Control (PCFGAC), in which patient-centricity is considered. This research proposes using Business Process Management (BPM) to achieve PCFGAC in order to provide a real-time access control based on a “need-to-know” principle. Through a prototype that uses BPM, security requirements of PCFGAC were met. These include: authority control, informed decision support, fine-grained access control, and dynamic policies support. Thus, a contribution to the knowledge and practice has been introduced.

Download

Paper Citation

in Harvard Style

AlThqafi N., AlSalamah H. and Daraiseh A. (2016). Achieving Patient-Centered Fine-Grained Access Control in Hospital Information Systems - Using Business Process Management Systems . In Proceedings of the 9th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5: HEALTHINF, (BIOSTEC 2016) ISBN 978-989-758-170-0, pages 39-48. DOI: 10.5220/0005630200390048

in Bibtex Style

@conference{healthinf16,
author={Nahid AlThqafi and Hessah AlSalamah and Ahmad Daraiseh},
title={Achieving Patient-Centered Fine-Grained Access Control in Hospital Information Systems - Using Business Process Management Systems},
booktitle={Proceedings of the 9th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5: HEALTHINF, (BIOSTEC 2016)},
year={2016},
pages={39-48},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005630200390048},
isbn={978-989-758-170-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 9th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5: HEALTHINF, (BIOSTEC 2016)
TI - Achieving Patient-Centered Fine-Grained Access Control in Hospital Information Systems - Using Business Process Management Systems
SN - 978-989-758-170-0
AU - AlThqafi N.
AU - AlSalamah H.
AU - Daraiseh A.
PY - 2016
SP - 39
EP - 48
DO - 10.5220/0005630200390048