A model of accountability, confidentiality and override for healthcare and other applications

ACM Workshop on Role-Based Access Control Pub Date : 2000-07-26 DOI:10.1145/344287.344304

J. Longstaff, M. Lockyer, M. Thick

{"title":"A model of accountability, confidentiality and override for healthcare and other applications","authors":"J. Longstaff, M. Lockyer, M. Thick","doi":"10.1145/344287.344304","DOIUrl":null,"url":null,"abstract":"A UML model of Authorisation is described, which was developed for an Electronic Medical Records application in collaboration with the UK NHS Information Authority. The model is an enhancement of the UK Healthcare Model (HcM), in that it provides extra classes for use with HcM classes. It provides powerful confidentiality specification capabilities, which can also be used in other applications.\nA Role (actually called AgentActivityType for consistency with the HcM) may be directly associated with an Accountability. An Accountability is an agreement where one Party commissions a second Party to undertake Activities under the authority of that Accountability.\nFour types of Confidentiality Permission are defined which allow access to data items (SubjectPhenomena), or to data items with specific types (SubjectPhenomenonType). Access can be granted to individual Agents, or to AuthorizedAgents acting in specified Roles. A model of override allows the Confidentiality Permissions to be overridden in a strictly controlled way. Override facilities are granted to Agents by establishing appropriate Accountabilities, and any use of override is logged.\nAccess to data can be granted to groups of Agents, and to group of Roles. Establishing access rights for a group involves defining a set of Confidentiality Permissions for the group.\nThe Authorisation Model is illustrated throughout the paper by examples from healthcare. In particular a demanding scenario (child abuse) is presented. In this scenario complex restrictions must be placed on the data, which might result in inappropriate actions if clinicians and other professionals are denied access to the data.","PeriodicalId":355233,"journal":{"name":"ACM Workshop on Role-Based Access Control","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2000-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"29","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Role-Based Access Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/344287.344304","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 29

Abstract

A UML model of Authorisation is described, which was developed for an Electronic Medical Records application in collaboration with the UK NHS Information Authority. The model is an enhancement of the UK Healthcare Model (HcM), in that it provides extra classes for use with HcM classes. It provides powerful confidentiality specification capabilities, which can also be used in other applications. A Role (actually called AgentActivityType for consistency with the HcM) may be directly associated with an Accountability. An Accountability is an agreement where one Party commissions a second Party to undertake Activities under the authority of that Accountability. Four types of Confidentiality Permission are defined which allow access to data items (SubjectPhenomena), or to data items with specific types (SubjectPhenomenonType). Access can be granted to individual Agents, or to AuthorizedAgents acting in specified Roles. A model of override allows the Confidentiality Permissions to be overridden in a strictly controlled way. Override facilities are granted to Agents by establishing appropriate Accountabilities, and any use of override is logged. Access to data can be granted to groups of Agents, and to group of Roles. Establishing access rights for a group involves defining a set of Confidentiality Permissions for the group. The Authorisation Model is illustrated throughout the paper by examples from healthcare. In particular a demanding scenario (child abuse) is presented. In this scenario complex restrictions must be placed on the data, which might result in inappropriate actions if clinicians and other professionals are denied access to the data.

查看原文本刊更多论文

医疗保健和其他应用程序的问责制、保密性和覆盖模型

描述了授权的UML模型，该模型是与英国NHS信息管理局合作为电子医疗记录应用程序开发的。该模型是对英国医疗保健模型(HcM)的增强，因为它提供了与HcM类一起使用的额外类。它提供了强大的机密性规范功能，也可以在其他应用程序中使用。角色(为了与HcM保持一致，实际上称为AgentActivityType)可以直接与责任相关联。问责制是指一方委托另一方在该问责制授权下开展活动的协议。定义了四种类型的机密权限，它们允许访问数据项(SubjectPhenomena)或具有特定类型的数据项(SubjectPhenomenonType)。可以将访问权限授予单个代理，也可以授予在指定角色中工作的AuthorizedAgents。覆盖模型允许以严格控制的方式覆盖机密性权限。通过建立适当的责任制，授予代理重写权限，并且记录任何重写的使用。可以将数据访问权限授予agent组和role组。为组建立访问权限涉及为组定义一组机密权限。授权模型通过来自医疗保健的示例在整篇论文中进行了说明。特别提出了一个苛刻的情景(虐待儿童)。在这种情况下，必须对数据施加复杂的限制，如果临床医生和其他专业人员被拒绝访问数据，可能会导致不适当的行动。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Workshop on Role-Based Access Control

自引率

0.00%

发文量