Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ire Ogunsina, Sarah N. Lim Choi Keung, Lei Zhao, Gavin Langford, Edward Tyler, Theodoros N. Arvanitis University of Birmingham & Birmingham and Black Country.

Published byEgbert Kennedy Modified over 8 years ago

Similar presentations

Presentation on theme: "Ire Ogunsina, Sarah N. Lim Choi Keung, Lei Zhao, Gavin Langford, Edward Tyler, Theodoros N. Arvanitis University of Birmingham & Birmingham and Black Country."— Presentation transcript:

1 Ire Ogunsina, Sarah N. Lim Choi Keung, Lei Zhao, Gavin Langford, Edward Tyler, Theodoros N. Arvanitis University of Birmingham & Birmingham and Black Country Comprehensive Local Research Network, United Kingdom {i.ogunsina, s.n.limchoikeung, l.zhao, e.tyler, t.arvanitis}@bham.ac.uk, Gavin.Langford@uhb.nhs.uk 22 nd November 2011 Presented by James Rossiter j.rossiter@bham.ac.uk University of Birmingham, UK

2  Research systems in Secondary Health care  Part of a larger multi-specialty Electronic Healthcare Record (EHR) system  Use cases exclude emergency access to patient data  Access control not authentication James Rossiter | j.rossiter@bham.ac.uk

3  Patient data is: ◦ critical for research purposes ◦ stored in various EHR systems  System must be Caldicott-compliant: ◦ all access should be on ‘need to know’ basis ◦ must adhere to ethical and legal standards  Researchers, our system users: ◦ belong to different specialties ◦ different health organizations ◦ have different research objectives  Interoperable, multi-specialty, Hospital Enterprise Information Management Systems are the key to better research James Rossiter | j.rossiter@bham.ac.uk

4

5  Access on need to know basis  Enhancements to Role-Based Access Control (RBAC)  Legitimate Relationships (LR) ◦ user can only access data if involved in a patient’s care  Sealed Envelopes (SE) ◦ allow selected data to be accessible by outside specialists  Patient Consent (PC) ◦ indicates patient’s choice on participation in research activities James Rossiter | j.rossiter@bham.ac.uk

6  Standard RBAC problems include ◦ separation of duty – multiple roles and permissions ◦ role precedence – inconsistency with multiple role users  Extend traditional RBAC systems ◦ create/define roles ◦ make roles hierarchical ◦ assign researchers to roles James Rossiter | j.rossiter@bham.ac.uk

7  Licensed third party resources ◦ software licenses ◦ algorithms ◦ may have hospital or patient based terms and conditions  Protecting access to licensed resources ◦ use same approach as patient data James Rossiter | j.rossiter@bham.ac.uk

8

9

10  Policy object can be of type: ◦ trust ◦ specialty ◦ patient ◦ researcher ◦ role ◦ action ◦ resource  XML based descriptions of: ◦ permissions ◦ dates ◦ others James Rossiter | j.rossiter@bham.ac.uk

11 Sealed envelope Patient consent Patient consents but wishes to hide HIV status: COPD researcher is member of UHB trust, which has license for HADS resource: Composite policy type

12 James Rossiter | j.rossiter@bham.ac.uk  Availability of data or resource determined by: ◦ policy aggregation model ◦ access decision framework

13 James Rossiter | j.rossiter@bham.ac.uk  EHR systems are critical to research quality  Strict adherence to ethical and legal guidelines is required  Traditional RBAC limited in complexity and scope  New systems must allow for multi-specialty collaboration  Our policy based approach allows for more complex patient and resource based access control

14 Dr James Rossiter School of Electronic, Electrical and Computer Engineering University of Birmingham UK j.rossiter@bham.ac.uk  Any questions?

Download ppt "Ire Ogunsina, Sarah N. Lim Choi Keung, Lei Zhao, Gavin Langford, Edward Tyler, Theodoros N. Arvanitis University of Birmingham & Birmingham and Black Country."

Similar presentations

Security standardization for Health Informatics ITU-T eHealth conference Geneva 2003-05-23 Dr Gunnar O. Klein convenor of ISO/TC 215/WG 4 Security Karolinska.

Security standardization for Health Informatics ITU-T eHealth conference Geneva Dr Gunnar O. Klein convenor of ISO/TC 215/WG 4 Security Karolinska.
Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.

Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.
NIGB NATIONAL INFORMATION GOVERNANCE BOARD Harry Cayton, Chair, National Information Governance Board.

NIGB NATIONAL INFORMATION GOVERNANCE BOARD Harry Cayton, Chair, National Information Governance Board.
A Plan for a Sustainable Community Behavioral Health Information Network Western States Health-e Connection Summit & Trade Show September 10, 2013.

A Plan for a Sustainable Community Behavioral Health Information Network Western States Health-e Connection Summit & Trade Show September 10, 2013.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
PATIENTS’ PERSPECTIVE ON e-HEALTH EPF AGM, Brussels 19 May 2010.

PATIENTS’ PERSPECTIVE ON e-HEALTH EPF AGM, Brussels 19 May 2010.
Bakheet Aldosari, Ph.D. Health 305 Health Information Management Bakheet Aldosari, Ph.D.

Bakheet Aldosari, Ph.D. Health 305 Health Information Management Bakheet Aldosari, Ph.D.
Consultancy Infrastructure Requirements for Fast, Reliable and Secure HL7 V3 Messaging Andrew Hinchley CPL Consulting.

Consultancy Infrastructure Requirements for Fast, Reliable and Secure HL7 V3 Messaging Andrew Hinchley CPL Consulting.
A Model of eHealth Interoperability Craig Kuziemsky, Telfer School of Mgmt, University of Ottawa. James Williams, Community Care Information Management.

A Model of eHealth Interoperability Craig Kuziemsky, Telfer School of Mgmt, University of Ottawa. James Williams, Community Care Information Management.
Community of Interest for Patient Identifiers AGENDA 1.NHII’s Unique Health Information Identification Requirements - Soloman I. Appavu, SIG Leader 2.Identification.

Community of Interest for Patient Identifiers AGENDA 1.NHII’s Unique Health Information Identification Requirements - Soloman I. Appavu, SIG Leader 2.Identification.
The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.

The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.
Chapter 3 Health Care Information Systems: A Practical Approach for Health Care Management 2nd Edition Wager ~ Lee ~ Glaser.

Chapter 3 Health Care Information Systems: A Practical Approach for Health Care Management 2nd Edition Wager ~ Lee ~ Glaser.
Confidentiality & Records Management. What is Information Governance? What is Records Management?

Confidentiality & Records Management. What is Information Governance? What is Records Management?
ATA Practice Guidelines for Video- based Online Mental Health Services “The guidelines pertain to telemental health conducted between two parties, and.

ATA Practice Guidelines for Video- based Online Mental Health Services “The guidelines pertain to telemental health conducted between two parties, and.
Information for Decision Makers Acknowledgement: Adapted from Liverpool CCG, with kind permission.

Information for Decision Makers Acknowledgement: Adapted from Liverpool CCG, with kind permission.
Purpose Vision Values Version 1.0. Core Purpose The Health and Social Care Information Centre is a ground-breaking data, information and technology resource.

Purpose Vision Values Version 1.0. Core Purpose The Health and Social Care Information Centre is a ground-breaking data, information and technology resource.
Massachusetts: Transforming the Healthcare Economy John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.

Massachusetts: Transforming the Healthcare Economy John D. Halamka MD CIO, Harvard Medical School and Beth Israel Deaconess Medical Center.
Interoperability in the Collaborative Medical Information Systems Dragan Janković, Ivica Marković Faculty of Electronic Engineering University of Niš.

Interoperability in the Collaborative Medical Information Systems Dragan Janković, Ivica Marković Faculty of Electronic Engineering University of Niš.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
Www.england.nhs.uk NHS England Interoperability Programme Workshop Information Governance 16 th December 2014.

NHS England Interoperability Programme Workshop Information Governance 16 th December 2014.

Similar presentations

Ads by Google