Affiliation:
1. IITM, India
2. Amity University, India
3. Sedulity Groups, India
Abstract
Health professionals need an access to various dimensions of Electronic Health Records (EHR). Depending on technical constraints, each organization defines its own access control schema exhibiting heterogeneity in organizational rules and policies. Achieving interoperability between such schemas often result in contradictory rules thereby exposing data to undue disclosures. Permitting interoperable sharing of EHRs and simultaneously restricting unauthorized access is the major objective of this paper. An Extensible Access Control Markup Language (XACML)-based framework, Hierarchy Similarity Analyser (HSA), is proposed which fine-grains access control policies of disparate healthcare organizations to achieve interoperable and secured sharing of EHR under set authorizations. The proposed framework is implemented and verified using automated Access Control Policy Testing (ACPT) tool developed by NIST. Experimental results identify the users receive secured and restricted access as per their authorizations and role hierarchy in the organization.
Reference29 articles.
1. Amini, M, & Jalili, R. (2010). Multi-level authorization model and framework for distributed semantic-aware environments. Information Security, 4(4), 301-321.
2. Bai, Y., Dai, L. & Li, J. (2014). Issues and Challenges in Securing eHealth Systems. International Journal of E-Health and Medical Communications, 5(4), 1-19.
3. Bhartiya, S. & Mehrotra, D. (2014). Challenges and Recommendations to Healthcare Data Exchange in an Interoperable Environment. Journal of Health Informatics, 8(2), e16.
4. An Access Control Framework for Secured Sharing of Electronic Health Records using Hierarchy Similarity Analyzer. Int. J. of Electronic Healthcare;S.Bhartiya
5. Data Access Framework (DAF) Charter and Members. (2015). Project Charter, Creative Commons Attribution Share-Alike 3.0 License. Retrieved from http://wiki.siframework.org/Data+Access+Framework+Charter+and+Members