Skip to main content
Article
Analysis of Healthcare Workflows in Accordance with Access Control Policies
International Journal of Healthcare Information Systems and Informatics (IJHISI)
  • Sandeep Lakaraju, Dakota State University
  • DianXiang Xu, Boise State University
  • Yong Wang, Dakota State University
Document Type
Article
Publication Date
1-1-2016
Disciplines
Abstract

Healthcare information systems deal with sensitive data across complex workflows. They often allow various stakeholders from different environments to access data across organizational boundaries. This elevates the risk of exposing sensitive healthcare information to unauthorized personnel, leading ‘controlling access to resources' a major concern. To prevent unwanted access to sensitive information, healthcare organizations need to adopt effective workflows and access control mechanisms. Many healthcare organizations are not yet considering or do not know how to accommodate the ‘context' element as a crucial element in their workflows and access control policies. The authors envision the future of healthcare where ‘context' will be considered as a crucial element. They can accommodate context through a new element ‘environment' in workflows, and can accommodate context in policies through well-known attribute based access control mechanism (ABAC). This research mainly addresses these problems by proposing a model to integrate workflows and access control policies and thereby identifying workflow activities that are not being protected by access control policies and improving the workflow activities and/or existing access control policies using SARE (Subject, Action, Resource, and environment) elements.

Citation Information
Sandeep Lakaraju, DianXiang Xu and Yong Wang. "Analysis of Healthcare Workflows in Accordance with Access Control Policies" International Journal of Healthcare Information Systems and Informatics (IJHISI) (2016)
Available at: http://works.bepress.com/dianxiang_xu/24/