Access Control in Healthcare Information Systems
Abstract
Access control is a key feature of healthcare information systems. Access control is about enforcing rules to ensure that only authorized users get access to resources in a system. In healthcare systems this means protecting patient privacy. However, the top priority is always to provide the best possible care for a patient. This depends on the clinicians having access to the information they need to make the best, most informed, care decisions. Care processes are often unpredictable and hard to map to strict access control rules. As a result, in emergency or otherwise unexpected situations, clinicians need to be able to bypass access control. In a crisis, availability of information takes precedence over privacy concerns. This duality of concerns is what makes access control in healthcare systems so challenging and interesting as a research subject.
To create access control models for healthcare we need to understand how healthcare works. Before creating a model we need to understand the requirements the model should fulfill. Though many access control models have been proposed and argued to be suitable for healthcare, little work has been published on access control requirements for healthcare. This PhD project has focused on bridging the gap between formalized models and real world requirements for access control in healthcare by targeting the following research goals:RG1 To collect knowledge that forms a foundation for access control requirements in healthcare systems.RG2 To create improved access control models for healthcare systems based on real requirements.This PhD project has consisted of a number of smaller, distinct, but relatedprojects to reach the research goals. The main contributions can be summarized as:C1 Requirements for access control in healthcare: Studies performed onaudit data, in workshops, by observation and interviews have helped discoverrequirements. Results from this work include methods for access controlrequirements elicitation in addition to the actual requirements discovered.C2 Process-based access control: The main conclusion from the requirementswork is that access control should be tailored to care processes. Care processesare highly dynamic and often unpredictable, and access control needs to adaptto this. This thesis suggests how existing sources of process information, bothexplicit and implicit, may be used for this purpose.C3 Personally controlled health records (PCHR): This thesis explores theconsequences of making the patient the administrator of access control andproposes a model based on these initial requirements. From a performedusability study it is clear that the main challenge is how to keep the patientinformed about the consequences of sharing.