Consent-Based Workflows for Healthcare Management

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Giovanni Russello Articles by Changyu Dong Articles by Naranker Dulay

2008 IEEE Workshop on Policies for Distributed Systems and Networks

June 02-June 04

ISBN: 978-0-7695-3133-5

	ASCII Text	x
	Giovanni Russello, Changyu Dong, Naranker Dulay, "Consent-Based Workflows for Healthcare Management," Policies for Distributed Systems and Networks, IEEE International Workshop on, pp. 153-161, 2008 IEEE Workshop on Policies for Distributed Systems and Networks, 2008.

	BibTex	x
	@article{ 10.1109/POLICY.2008.22, author = {Giovanni Russello and Changyu Dong and Naranker Dulay}, title = {Consent-Based Workflows for Healthcare Management}, journal ={Policies for Distributed Systems and Networks, IEEE International Workshop on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3133-5}, pages = {153-161}, doi = {http://doi.ieeecomputersociety.org/10.1109/POLICY.2008.22}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Policies for Distributed Systems and Networks, IEEE International Workshop on TI - Consent-Based Workflows for Healthcare Management SN - 978-0-7695-3133-5 SP153 EP161 A1 - Giovanni Russello, A1 - Changyu Dong, A1 - Naranker Dulay, PY - 2008 KW - Patient Consent KW - Workflow System KW - Access Control KW - Policy-Based System KW - Healthcare Application VL - 0 JA - Policies for Distributed Systems and Networks, IEEE International Workshop on ER -

Giovanni Russello

Changyu Dong

Naranker Dulay

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/POLICY.2008.22

In this paper, we describe a new framework for healthcare systems where patients are able to control the disclosure of their medical data. In our framework, the patient's consent has a pivotal role in granting or removing access rights to subjects accessing patient's medical data. Depending on the context in which the access is being executed, different consent policies can be applied. Context is expressed in terms of workflows. The execution of a task in a given workflow carries the necessary information to infer whether the consent can be implicitly retrieved or should be explicitly requested from a patient. However, patients are always able to enforce their own decisions and withdraw consent if necessary. Additionally, the use of workflows enables us to apply the need-to-know principle. Even when the patient's consent is obtained, a subject should access medical data only if it is required by the actual situation. For example, if the subject is assigned to the execution of a medical diagnosis workflow requiring access to the patient's medical record. We also provide a complex medical case study to highlight the design principles behind our framework. Finally, the implementation of the framework is outlined.

Index Terms:

Patient Consent, Workflow System, Access Control, Policy-Based System, Healthcare Application

Citation:

Giovanni Russello, Changyu Dong, Naranker Dulay, "Consent-Based Workflows for Healthcare Management," policy, pp.153-161, 2008 IEEE Workshop on Policies for Distributed Systems and Networks, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.