Role-based access control through on-demand classification of electronic health record

Int J Electron Healthc. 2015;8(1):9-24. doi: 10.1504/ijeh.2015.071637.

Abstract

Electronic health records (EHR) provides convenient method to exchange medical information of patients between different healthcare providers. Access control mechanism in healthcare services characterises authorising users to access EHR records. Role Based Access Control helps to restrict EHRs to users in a certain role. Significant works have been carried out for access control since last one decade but little emphasis has been given to on-demand role based access control. Presented work achieved access control through physical data isolation which is more robust and secure. We propose an algorithm in which selective combination of policies for each user of the EHR database has been defined. We extend well known data mining technique 'classification' to group EHRs with respect to the given role. Algorithm works by taking various roles as class and defined their features as a vector. Here, features are used as a Feature Vector for classification to describe user authority.

Keywords: EHR roles; EHRs; RBAC; classification; data mining; e-healthcare; electronic health records; electronic healthcare; feature vector; role-based access control.

MeSH terms

  • Algorithms
  • Computer Security
  • Electronic Health Records / organization & administration*
  • Health Information Exchange*
  • Health Personnel*
  • Humans
  • Support Vector Machine