A Study of Access Control for Electronic Health Records

Author

Sergio Vincent Senese, Governors State University

Publication Date

Spring 2015

Document Type

Thesis

Degree Name

Master of Science

Department

Computer Science

First Advisor

(Clare) Xueqing Tang, Ph.D.

Second Advisor

Soon-Ok Park, Ph.D.

Third Advisor

Stephen Hyzny, M.S.

Abstract

The expansion between Information Technology and Healthcare has created many new options for both disciplines, as well as challenges. One of these topics is the Electronic Health Record (EHR) and the push for a universal record. A challenge for this topic is access control: how to keep patient’s personal health information secure, but at the same time accessible to all fields of healthcare and accomplish this within the federal privacy laws made by our government. This study focuses on the idea of a single EHR containing all the different medical information for all the areas of healthcare for a patient. This single EHR would be stored in a database and its use secured though the use of access control using a hierarchy of user groups, which would be divided into different roles to assign access privileges. This access control method would be implemented by possibly using mechanisms such as Bell-LaPadulla Model, The Strawman Design, Public/Private Key algorithms, or other methods. The first goal would be to create this structure for a single entity (e.g., One Hospital, Clinic, or Doctor’s office) and then progress to a distributed model where multiple entities can store and share information.

Comments

GSU logo removed from presentation's first slide by OPUS staff.

Recommended Citation

Senese, Sergio Vincent, "A Study of Access Control for Electronic Health Records" (2015). All Student Theses. 55.
https://opus.govst.edu/theses/55