Preserving patient-centred controls in electronic health record systems: A reliance-based model implication

As a consequence of the huge advancement of the Electronic Health Record (EHR) in healthcare settings, the My Health Record (MHR) is introduced in Australia. However security and privacy of the MHR system have been encumbering the development of the system. Even though the MHR system is claimed as patient-centred and patient-controlled, there are several instances where healthcare providers (other than the usual provider) and system operators who maintain the system can easily access the system and these unauthorised accesses can lead to a breach of the privacy of the patients. This is one of the main concerns of the consumers that affect the uptake of the system. In this paper, we propose a patient centred MHR framework which requests authorisation from the patient to access their sensitive health information. The proposed model increases the involvement and satisfaction of the patients in their healthcare and also suggests mobile security system to give an online permission to access the MHR system.

[1]  Xiuzhen Zhang,et al.  A probabilistic method for emerging topic tracking in Microblog stream , 2016, World Wide Web.

[2]  F. Huang,et al.  Breast cancer survivability via AdaBoost algorithms , 2008 .

[3]  Xuemin Shen,et al.  PEACE: An efficient and secure patient-centric access control scheme for eHealth care system , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[4]  Thomas Wetter,et al.  Data security and protection in cross-institutional electronic patient records , 2003, Int. J. Medical Informatics.

[5]  Yanchun Zhang,et al.  Gait Classificaiton in Children with Cerebral Palsy by Bayesian Approach , 2007, 2007 3rd International Conference on Intelligent Sensors, Sensor Networks and Information.

[6]  Hua Wang,et al.  Semantic access control for cloud computing based on e-Healthcare , 2012, Proceedings of the 2012 IEEE 16th International Conference on Computer Supported Cooperative Work in Design (CSCWD).

[7]  Maria E. Orlowska,et al.  On data allocation with minimum overall communication costs in distributed database design , 1993, Proceedings of ICCI'93: 5th International Conference on Computing and Information.

[8]  Bradley Malin,et al.  Learning relational policies from electronic health record access logs , 2011, J. Biomed. Informatics.

[9]  Jian Pei,et al.  Publishing anonymous survey rating data , 2011, Data Mining and Knowledge Discovery.

[10]  R. Epstein,et al.  Why the nation needs a policy push on patient-centered health care. , 2010, Health affairs.

[11]  Eric Horvitz,et al.  Patient controlled encryption: ensuring privacy of electronic medical records , 2009, CCSW '09.

[12]  Leandro Balby Marinho,et al.  Event Recommendation in Event-based Social Networks , 2014, HT.

[13]  Renato Iannella,et al.  Privacy oriented access control for electronic health records , 2012, WWW 2012.

[14]  Georgios Kambourakis,et al.  Special issue on Security, Privacy and Trust in network-based Big Data , 2015, Inf. Sci..

[15]  ZhangBai-ling,et al.  Gait classification in children with cerebral palsy by Bayesian approach , 2009 .

[16]  Yun Ding,et al.  Model-Driven Application-Level Encryption for the Privacy of E-health Data , 2010, 2010 International Conference on Availability, Reliability and Security.

[17]  Yanchun Zhang,et al.  Shilling attack detection utilizing semi-supervised learning method for collaborative recommender system , 2013, World Wide Web.

[18]  Yanchun Zhang,et al.  A flexible payment scheme and its role-based access control , 2005, IEEE Transactions on Knowledge and Data Engineering.

[19]  Hua Wang,et al.  Purpose Based Access Control for Privacy Protection in E-Healthcare Services , 2012, J. Softw..

[20]  ZhangYanchun,et al.  Shilling attack detection utilizing semi-supervised learning method for collaborative recommender system , 2013 .

[21]  Huidong Jin,et al.  Current developments of k-anonymous data releasing , 2008 .

[22]  Yanchun Zhang,et al.  An agent-based negotiation model supporting transactions in electronic commerce , 2000, Proceedings 11th International Workshop on Database and Expert Systems Applications.

[23]  Yu Zhang,et al.  The Australian PCEHR system: Ensuring Privacy and Security through an Improved Access Control Mechanism , 2016, EAI Endorsed Trans. Scalable Inf. Syst..

[24]  Vimla L. Patel,et al.  Considering complexity in healthcare systems , 2011, J. Biomed. Informatics.

[25]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[26]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[27]  Yanchun Zhang,et al.  Satisfying Privacy Requirements Before Data Anonymization , 2012, Comput. J..

[28]  Yanchun Zhang,et al.  Ensuring data integrity in electronic health records: A quality health care implication , 2016, 2016 International Conference on Orange Technologies (ICOT).

[29]  Yanchun Zhang,et al.  Effective Collaboration with Information Sharing in Virtual Universities , 2009, IEEE Transactions on Knowledge and Data Engineering.

[30]  Yanchun Zhang,et al.  Securing Electronic Medical Record and Electronic Health Record Systems Through an Improved Access Control , 2015, HIS.

[31]  Hua Wang,et al.  Detection of motor imagery EEG signals employing Naïve Bayes based learning process , 2016 .

[32]  Cátia Santos-Pereira,et al.  A secure RBAC mobile agent access control model for healthcare institutions , 2013, Proceedings of the 26th IEEE International Symposium on Computer-Based Medical Systems.

[33]  E. Keeler,et al.  Costs and benefits of health information technology. , 2006, Evidence report/technology assessment.

[34]  Richard L. Street,et al.  Patient-centered communication in cancer care: Promoting healing and reducing suffering , 2007 .

[35]  Mark Evered,et al.  A Case Study in Access Control Requirements for a Health Information System , 2004, ACSW.

[36]  Sérgio Shiguemi Furuie,et al.  A contextual role-based access control authorization model for electronic patient record , 2003, IEEE Transactions on Information Technology in Biomedicine.