Embed Size (px)
Citation preview
Modelling a User Authorisation and Data Access Framework for Multi-Specialty
Research Systems in Secondary Health Care
Ire Ogunsina, Sarah N. Lim Choi Keung, Lei Zhao, Gavin Langford, Edward Tyler, Theodoros N. Arvanitis
University of Birmingham & Birmingham and Black Country Comprehensive Local Research Network, United Kingdom{i.ogunsina, s.n.limchoikeung, l.zhao, e.tyler, t.arvanitis}@bham.ac.uk,
22nd November 2011Presented by James Rossiter
[email protected] of Birmingham, UK
Research systems in Secondary Health care Part of a larger multi-specialty Electronic Healthcare
Record (EHR) system Use cases exclude emergency access to patient data Access control not authentication
Context and Scope
James Rossiter | [email protected]
Patient data is: ◦ critical for research purposes◦ stored in various EHR systems
System must be Caldicott-compliant: ◦ all access should be on ‘need to know’ basis◦ must adhere to ethical and legal standards
Researchers, our system users: ◦ belong to different specialties◦ different health organizations ◦ have different research objectives
Interoperable, multi-specialty, Hospital Enterprise Information Management Systems are the key to better research
Introduction
James Rossiter | [email protected]
Access on need to know basis Enhancements to Role-Based Access Control (RBAC)
Legitimate Relationships (LR)◦ user can only access data if involved in a patient’s care
Sealed Envelopes (SE)◦ allow selected data to be accessible by outside specialists
Patient Consent (PC)◦ indicates patient’s choice on participation in research activities
Caldicott Guardian’s Stipulation
James Rossiter | [email protected]
Standard RBAC problems include◦ separation of duty – multiple roles and permissions◦ role precedence – inconsistency with multiple role users
Extend traditional RBAC systems◦ create/define roles◦make roles hierarchical◦ assign researchers to roles
Standard RBAC Issues and Alternative Approaches
James Rossiter | [email protected]
Licensed third party resources◦ software licenses◦ algorithms ◦may have hospital or patient based terms and conditions
Protecting access to licensed resources◦ use same approach as patient data
Management of Non-Patient Resources
James Rossiter | [email protected]
Should researcher B be able to access patient identifiable data of patient A?
James Rossiter | [email protected]
Policy object can be of type:◦ trust◦ specialty◦ patient◦ researcher◦ role◦ action◦ resource
XML based descriptions of: ◦ permissions◦ dates◦ others
Our Policy Based Approach
James Rossiter | [email protected]
uc Use Case Model
Policy
Trust Role Specialty
Composite Subject Policy
James Rossiter | [email protected]
Sealed envelope
Patient consent
Patient consents but wishes to hide HIV status:
COPD researcher is member of UHB trust, which has license for HADS resource:
Composite policy type
Examples:
Availability
James Rossiter | [email protected]
Availability of data or resource determined by:◦ policy aggregation model◦ access decision framework
Conclusions
James Rossiter | [email protected]
EHR systems are critical to research quality Strict adherence to ethical and legal guidelines is
required Traditional RBAC limited in complexity and scope New systems must allow for multi-specialty
collaboration
Our policy based approach allows for more complex patient and resource based access control
Thank You
Dr James RossiterSchool of Electronic, Electrical and Computer Engineering
University of BirminghamUK
Any questions?
