Affiliation:
1. Horizon Health Care, Inc., USA
2. Boise State University, USA
3. Dakota State University, USA
Abstract
In a complex healthcare world, health information technology integrated workflows play a crucial role in improving healthcare workflow efficiency. Healthcare organizations often allow various stakeholders to access sensitive data across organizational boundaries. This increases the need to secure and restrict access to this sensitive data. In a complex environment like healthcare, the need for access to data highly depends on context, and many of the traditional access control mechanisms cannot accommodate “context.” In this process, there is need for healthcare organizations to look for more efficient access control mechanisms which work in accordance with workflows and accommodates “context” as a critical element. As a solution to this problem, this chapter presents a model to integrate workflows and access control policies and thereby identifying workflow activities that are not being protected by access control policies and improving the workflow activities and/or existing access control policies using SARE (subject, action, resource, and environment) elements.
Reference29 articles.
1. AHRQ. (2017). What is Workflow? Retrieved January 1, 2017, from https://healthit.ahrq.gov/health-it-tools-and-resources/evaluation-resources/workflow-assessment-health-it-toolkit/workflow
2. Securing electronic medical records using attribute-based encryption on mobile devices
3. Alder, S., Kelleher, A., & Greene, S. (2017). HIPAA Compliance Guide. HIPAA Journal. Retrieved from http://www.hipaajournal.com/wp-content/uploads/2015/05/HIPAAJournal-com-HIPAA-Compliance-Guide.pdf
4. Quo vadisventricular tachycardia ablation: new horizons and developments