Privacy oriented access control for electronic health records

Gajanayake, Randike, Iannella, Renato, & Sahama, Tony R. (2014) Privacy oriented access control for electronic health records. Electronic Journal of Health Informatics, 8(2).

View at publisher (open access)


Information privacy is a critical success/failure factor in information technology supported healthcare (eHealth). eHealth systems utilise electronic health records (EHR) as the main source of information, thus, implementing appropriate privacy preserving methods for EHRs is vital for the proliferation of eHealth. Whilst information privacy may be a fundamental requirement for eHealth consumers, healthcare professionals demand non-restricted access to patient information for improved healthcare delivery, thus, creating an environment where stakeholder requirements are contradictory. Therefore, there is a need to achieve an appropriate balance of requirements in order to build successful eHealth systems. Towards achieving this balance, a new genre of eHealth systems called Accountable-eHealth (AeH) systems has been proposed. In this paper, an access control model for EHRs is presented that can be utilised by AeH systems to create information usage policies that fulfil both stakeholders’ requirements. These policies are used to accomplish the aforementioned balance of requirements creating a satisfactory eHealth environment for all stakeholders. The access control model is validated using a Web based prototype as a proof of concept.

Impact and interest:

4 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 63620
Item Type: Journal Article
Refereed: Yes
Additional URLs:
Keywords: Access Control, Information Privacy, eHealth, Electronic Health Records, Accountable-eHealth
ISSN: 1446-4381
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000)
Australian and New Zealand Standard Research Classification > TECHNOLOGY (100000)
Australian and New Zealand Standard Research Classification > MEDICAL AND HEALTH SCIENCES (110000)
Divisions: Past > Institutes > Information Security Institute
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2014 The Authors
Deposited On: 22 Oct 2013 22:57
Last Modified: 24 Jun 2017 14:36

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page