IIT Home Page CNR Home Page

Controlled Data Sharing in e-Health

In the last few years, the necessity of having documents in electronic format
 has been growing over and over.  This phenomenon affects also healthcare
 organizations that have adopted a new model for managing clinical information
 based on so called Electronic Patient Records.  On the one hand, the introduction of such
 models allows to easily share information among
 several and widespread healthcare organizations. On the other hand, this arises
 several questions, like how to guarantee security requirements as, \eg
 confidentiality, integrity, and privacy of the information shared.

In this paper, we present a formal framework for specifying and analysing
policies that regulate the information sharing, in such a way that the security
requirements of the author of the policy are satisfied.  In particular, we
consider a set of authorization, obligation, and prohibition clauses aiming at
preserving confidentiality, integrity, and privacy of the clinical data of a
patient.


IEEE STAST 2011, 1st Workshop on Socio-Technical Aspects in Security and Trust, Milano, Italy, 2011

IIT authors:

Luca Wiegand

Foto di Luca Wiegand

Type: Article in proceedings of international peer-reviewed conference
Field of reference: Computer Science & Engineering

File: e-health11STAST_final.pdf

Activity: Architetture, protocolli e meccanismi di sicurezza per sistemi e servizi distribuiti
Metodi formali per la sicurezza di sistemi ICT