EHR Confidentiality

thomas.beale · 5 November 2003 13:19

This message forwarded on behalf of Prof Bernard Cohen:

Tom_Culpepper · 5 November 2003 16:05

All,
I would like to take this opportunity to point folks to the OMG Healthcare Domain Task Force Resource Access Decision (RAD) specification as a formal computational model that can and is being used in large health care enterprises. The demanding part of the enterprise is the cumulative agreement on identifying what policies are necessary within the environment.

The RAD standard provides several mechanisms for creating polices such as attributes, timed rules, etc. It also provides the ability to assign users and associate policies with users as well as with (computational) operations.
You may find the full specification here:
http://www.omg.org/cgi-bin/doc?formal/2001-04-01

What would be nice to see happen in the Healthcare standards is to define standard policies such as:

“Review Sensitive Patient Information”
“Order Sensitive Laboratory Tests”
etc

This would ease interoperability between facilities where clinicians must access information from a variety of systems in order to make diagnosis etc.

Tom

b.cohen · 5 November 2003 16:39

It is indeed refreshing to see that access mechanisms are beginning to be
formally defined, even if the formalism is limited to the CORBA IDL with
textual pre and post conditions.
It would be even more interesting if the semantics of this model were fully
expressed using, say, the CORBA CDL, complete with invariants, so that its
behavioural properties could be determined analytically and compliance by
implementations could be verified.
What we need now are formal semantic definitions of the security policies that
healthcare organisations intend to put in place, so that:
1. their implementability on the CORBA RAD model might be checked, and
2. their semantics could be shown to meet the ethical demands of legislators and
patients.
Any takers?

Quoting Tom Culpepper <tculpepper@2ab.com>:

Philippe_AMELINE1 · 6 November 2003 09:53

Hi,

It wouldn't be honnest to say that I have correctly read the paper at (http://www.soi.city.ac.uk/~bernie/hsp.pdf) . It always takes some time to "enter" in the formalization work of someone else (I sometimes get lost in my own formalization work ;o) ).

referentials :

The health professionals referential :
At T time, there is a steady list of health professionnals (owning the system) and they see patients passing by. You have to establish confidentiality rules inside this "domain", and since data also exist inside other systems, the confidentiality rules between domains.

The patient referential :
Let's imagine the patient would posess it's own "health project manager" and this tool would be the confidentiality rule manager for his own health data. The confidentiality rules for a document (or an object in a more general case) are no longer based on a steady list of professionals, but on the "position" of the professionals inside the patient's health team.

I hope I didn't get it more complex ;o)

Philippe AMELINE

Topic		Replies	Views
EHR Confidentiality Clinical (archive)	7	2	4 November 2003
use case documents from the health care domain - ROLES Technical (archive)	1	0	18 November 2003
Antw: Author Information Mandate (Re: Archetype production: Types of Archetyp... Clinical (archive)	21	2	21 January 2008
GEHR philosophical background info Technical (archive)	13	2	29 April 2003
Security & Privacy with openEHR Technical (archive)	15	9	8 April 2008
Authorisation Technical (archive)	7	0	4 May 2006
Security, privacy and patient identity openEHR & standards	10	1875	15 March 2023
openEHR security Technical (archive)	73	12	12 May 2003
Model Code for EHRs Technical (archive)	2	3	4 September 2003
normalizing access vs. normalizing denial (was openEHR security) Technical (archive)	2	0	29 April 2003

EHR Confidentiality

Related topics