A Semantic Approach to Secure Electronic Patient Information Exchange in Distributed Environments

Modern medical information systems collect large amounts of diverse patient data in order to facilitate a higher level patient care. Although desirable, this functionality has a tremendous potential for abuse, where patient information can be shared, disclosed and used for other (secondary) purposes. In most cases, patient consent is solicited and institutional policies are put in place to limit the privacy and security risks. However, in practice these measures have proven to be inadequate, resulting in violation of patient consent even for non-life threatening scenarios. We propose a framework to capture privacy & security policies and to protect exchange of sensitive medical patient information. Our framework is comprised of distributed multiagent environments re ecting healthcare institutions and personnel. We utilize semantic techniques for data representation and reasoning. Furthermore, we do not require pre-established trust relationships to be present for exchanging private sensitive information between multiple parties. In our proposed framework, all decisions to share information, are backed up by semantic proof of authorization that can be veri ed by an independent third party.

[1]  Li Ding,et al.  Using semantic web technology in multi-agent systems: a case study in the TAGA trading agent environment , 2003, ICEC '03.

[2]  Harry Chen,et al.  Intelligent agents meet semantic web in a smart meeting room , 2004, Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems, 2004. AAMAS 2004..

[3]  James A. Hendler,et al.  Agents and the Semantic Web , 2001, IEEE Intell. Syst..

[4]  Shou-De Lin,et al.  Designing the Market Game for a Trading Agent Competition , 2001, IEEE Internet Comput..

[5]  Jason Smith,et al.  A Novel Use of RBAC to Protect Privacy in Distributed Health Care Information Systems ? , 2003 .

[6]  Steffen Staab,et al.  Ontology Learning for the Semantic Web , 2002, IEEE Intell. Syst..

[7]  Federica Paganelli,et al.  A Context-Aware Service Platform to Support Continuous Care Networks for Home-Based Assistance , 2007, HCI.

[8]  Richard O. Sinnott,et al.  Dynamic trust negotiation for flexible e-health collaborations , 2008, Mardi Gras Conference.

[9]  Andrew B. Williams,et al.  Learning to Share Meaning in a Multi-Agent System , 2004, Autonomous Agents and Multi-Agent Systems.

[10]  Nigel Shadbolt,et al.  Resource Description Framework (RDF) , 2009 .

[11]  Bernd Blobel,et al.  Authorisation and access control for electronic health record systems , 2004, Int. J. Medical Informatics.

[12]  Luo Xiaogang,et al.  Based on Ontology : Construction and application of Medical Knowledge Base , 2007, 2007 IEEE/ICME International Conference on Complex Medical Engineering.

[13]  Bernard Burg,et al.  Agentcities: Challenges and Deployment of Next- Generation Service Environments , 2002 .

[14]  Michael Wooldridge,et al.  Multiagent Systems: A Modern Approach to Distributed Artificial Intelligence , 1999 .

[15]  Shiyao Jin,et al.  Revisiting Trust and Reputation in Multi-agent Systems , 2008, 2008 ISECS International Colloquium on Computing, Communication, Control, and Management.

[16]  Osamu Akashi,et al.  Trust-Based Cooperative Action Control in Multi-agent Systems for Network Management , 2009, 2009 International Conference on Advanced Information Networking and Applications Workshops.

[17]  Jaeho Lee SweMas Toward a Practical Multi-agent Framework Utilizing the Semantic Web , 2003, PRIMA.

[18]  Damon Berry,et al.  Identity Management to Support Access Control in E-Health Systems , 2009 .

[19]  Cédric Pruski,et al.  e-CRL: A Rule-Based Language for Expressing Patient Electronic Consent , 2010, 2010 Second International Conference on eHealth, Telemedicine, and Social Medicine.

[20]  Paul Greenfield,et al.  Implementation of Electronic Consent Mechanisms , 2003 .

[21]  Nicholas L. Cassimatis Flexible Inference with Structured Knowledge through Reasoned Unification , 2009, IEEE Intelligent Systems.

[22]  Eike-Henner W. Kluge,et al.  Informed consent and the security of the electronic health record (EHR): some policy considerations , 2004, Int. J. Medical Informatics.

[23]  G.S. Cojocar,et al.  IMASC - An Intelligent MultiAgent System for Clinical Decision Support , 2008, 2008 First International Conference on Complexity and Intelligence of the Artificial and Natural Complex Systems. Medical Applications of the Complex Systems. Biomedical Computing.

[24]  Roger Clarke,et al.  Viewpoint Paper: e-Consent: The Design And Implementation of Consumer Consent Mechanisms in an Electronic Environment , 2004, J. Am. Medical Informatics Assoc..

[25]  Sarvapali D. Ramchurn,et al.  Trust in multi-agent systems , 2004, The Knowledge Engineering Review.

[26]  Nicholas R. Jennings,et al.  An integrated trust and reputation model for open multi-agent systems , 2006, Autonomous Agents and Multi-Agent Systems.

[27]  Hee Yong Youn,et al.  Dynamic Role-Based Access Control with Trust-Satisfaction and Reputation for Multi-agent System , 2010, 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops.