Please Note:

The Open Access Repository will be moving to a new authentication system on the 1st of November.

From this date onwards, account holders will be required to login using their University of Tasmania credentials.
If your current repository username differs from your University username, please email E.Prints@utas.edu.au so we can update these details on your behalf.

Due to the change, there will be a short outage of the repository from 9am on the morning of the 1st of November

Open Access Repository

Using a Client-Task Based Approach to Achieve a Privacy Compliant Access Control System

Downloads

Downloads per month over past year

de la Motte, L and Hartnett, J (2006) Using a Client-Task Based Approach to Achieve a Privacy Compliant Access Control System. In: 1st Electronic Health Privacy and Security Symposium EhPASS2006, 24-25 Oct 2006, Brisbane, Australia.

[img]
Preview
PDF
ClientPrivacy.pdf | Download (235kB)
Available under University of Tasmania Standard License.

| Preview

Abstract

This paper seeks a solution to the problem of assuring the privacy of low value client information such as that maintained by a hospital. The proposed solution involves the development of a compliant low-cost system. It is based on the fundamental requirement that such a system needs to provide integration, generalization and inbuilt consent. Integration brings together the technical, managerial and regulatory components of an organisation's system. Generalization provides all the access control functionalities that are necessary for the system to be
useful in a diverse range of organisations. Inbuilt consent ensures that data owners consent to the use of their personally identified data. The Integrated System proposed here uses a Client-Task approach. It is based on the observation that a client is not a user of the system yet has a form of ownership over their personally identified data held within the system. Furthermore, in industries such as health, it is often the professionals and managers who determine who has access rather than systems administrators.

Item Type: Conference or Workshop Item (Paper)
Keywords: Health Informatics, Medical Records, Privacy, Access Control, Computer Security, Workflow Management, Consent, Roles
Date Deposited: 19 Feb 2007
Last Modified: 18 Nov 2014 03:13
Item Statistics: View statistics for this item

Actions (login required)

Item Control Page Item Control Page
TOP