An access control model for easy management of patient privacy in EHR systems

In EHR systems most of the data are confidential concerning the health of a patient, so it is necessary to provide a mechanism for access control. This has to ensure not only the confidentiality and integrity of the data, but also to allow the definition of security policies which reflect the need for privacy of the health care organization that manages the data; of the patient, who the documents refer to; and finally of international and national directives and norms. In literature there are several access control models, each of which responds just partially to the need for patient privacy. In this paper an innovative access control model is defined. It meets the main features that have to be satisfied by an EHR. Our proposal is an advanced access control model that combines several access control models known in the literature. It adds the characteristics of modularity and easiness in the management of access policies, focusing attention on privacy and patient´s consent (patient privacy centric). The model provides the ability to define and to realize fine-grained access policies, which can be defined independently by both healthcare organizations and by patients. Our model is Attribute-based, multi-level, modular and with a dynamic and temporal management of the users´ lists.