Model of accountability, confidentiality and override for healthcare and other applications

Jim Longstaff, M. A. Lockyer, G. Capper, M. G. Thick

Research output: Contribution to conferencePaperResearchpeer-review

16 Citations (Scopus)

Abstract

A UML model of Authorization is described, which was developed for an Electronic Medical Records application in collaboration with the UK NHS Information Authority. The model is an enhancement of the UK Healthcare Model (HcM), in that it provides extra classes for use with HcM classes. It provides powerful confidentiality specification capabilities, which can also be used in other applications. A Role (actually called AgentActivityType for consistency with the HcM) may be directly associated with an Accountability. An Accountability is an agreement where one Party commissions a second Party to undertake Activities under the authority of that Accountability. Four types of Confidentiality Permission are defined which allow access to data items (SubjectPhenomena), or to data items with specific types (SubjectPhenomenonType). Access can be granted to individual Agents, or to AuthorizedAgents acting in specified Roles. A model of override allows the Confidentiality Permissions to be overridden in a strictly controlled way. Override facilities are granted to Agents by establishing appropriate Accountabilities, and any use of override is logged. Access to data can be granted to groups of Agents, and to groups of Roles. Establishing access rights for a group involves defining a set of Confidentiality Permissions for the group. The Authorization Model is illustrated throughout the paper by examples from healthcare. In particular a demanding scenario (child abuse) is presented. In this scenario complex restrictions must be placed on the data, which might result in inappropriate actions if clinicians and other professionals are denied access to the data.

Original languageEnglish
Pages71-76
Number of pages6
Publication statusPublished - 1 Jan 2000
Event5th ACM Workshop on Role-Based Access Control - Berlin, Ger
Duration: 26 Jul 200027 Jul 2000

Conference

Conference5th ACM Workshop on Role-Based Access Control
Abbreviated titleRBAC
CityBerlin, Ger
Period26/07/0027/07/00

Fingerprint

Electronic medical equipment
Specifications

Cite this

Longstaff, J., Lockyer, M. A., Capper, G., & Thick, M. G. (2000). Model of accountability, confidentiality and override for healthcare and other applications. 71-76. Paper presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Ger, .
Longstaff, Jim ; Lockyer, M. A. ; Capper, G. ; Thick, M. G. / Model of accountability, confidentiality and override for healthcare and other applications. Paper presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Ger, .6 p.
@conference{b8e2376493234da9a6f51e9d03c8f533,
title = "Model of accountability, confidentiality and override for healthcare and other applications",
abstract = "A UML model of Authorization is described, which was developed for an Electronic Medical Records application in collaboration with the UK NHS Information Authority. The model is an enhancement of the UK Healthcare Model (HcM), in that it provides extra classes for use with HcM classes. It provides powerful confidentiality specification capabilities, which can also be used in other applications. A Role (actually called AgentActivityType for consistency with the HcM) may be directly associated with an Accountability. An Accountability is an agreement where one Party commissions a second Party to undertake Activities under the authority of that Accountability. Four types of Confidentiality Permission are defined which allow access to data items (SubjectPhenomena), or to data items with specific types (SubjectPhenomenonType). Access can be granted to individual Agents, or to AuthorizedAgents acting in specified Roles. A model of override allows the Confidentiality Permissions to be overridden in a strictly controlled way. Override facilities are granted to Agents by establishing appropriate Accountabilities, and any use of override is logged. Access to data can be granted to groups of Agents, and to groups of Roles. Establishing access rights for a group involves defining a set of Confidentiality Permissions for the group. The Authorization Model is illustrated throughout the paper by examples from healthcare. In particular a demanding scenario (child abuse) is presented. In this scenario complex restrictions must be placed on the data, which might result in inappropriate actions if clinicians and other professionals are denied access to the data.",
author = "Jim Longstaff and Lockyer, {M. A.} and G. Capper and Thick, {M. G.}",
year = "2000",
month = "1",
day = "1",
language = "English",
pages = "71--76",
note = "5th ACM Workshop on Role-Based Access Control, RBAC ; Conference date: 26-07-2000 Through 27-07-2000",

}

Longstaff, J, Lockyer, MA, Capper, G & Thick, MG 2000, 'Model of accountability, confidentiality and override for healthcare and other applications' Paper presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Ger, 26/07/00 - 27/07/00, pp. 71-76.

Model of accountability, confidentiality and override for healthcare and other applications. / Longstaff, Jim; Lockyer, M. A.; Capper, G.; Thick, M. G.

2000. 71-76 Paper presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Ger, .

Research output: Contribution to conferencePaperResearchpeer-review

TY - CONF

T1 - Model of accountability, confidentiality and override for healthcare and other applications

AU - Longstaff, Jim

AU - Lockyer, M. A.

AU - Capper, G.

AU - Thick, M. G.

PY - 2000/1/1

Y1 - 2000/1/1

N2 - A UML model of Authorization is described, which was developed for an Electronic Medical Records application in collaboration with the UK NHS Information Authority. The model is an enhancement of the UK Healthcare Model (HcM), in that it provides extra classes for use with HcM classes. It provides powerful confidentiality specification capabilities, which can also be used in other applications. A Role (actually called AgentActivityType for consistency with the HcM) may be directly associated with an Accountability. An Accountability is an agreement where one Party commissions a second Party to undertake Activities under the authority of that Accountability. Four types of Confidentiality Permission are defined which allow access to data items (SubjectPhenomena), or to data items with specific types (SubjectPhenomenonType). Access can be granted to individual Agents, or to AuthorizedAgents acting in specified Roles. A model of override allows the Confidentiality Permissions to be overridden in a strictly controlled way. Override facilities are granted to Agents by establishing appropriate Accountabilities, and any use of override is logged. Access to data can be granted to groups of Agents, and to groups of Roles. Establishing access rights for a group involves defining a set of Confidentiality Permissions for the group. The Authorization Model is illustrated throughout the paper by examples from healthcare. In particular a demanding scenario (child abuse) is presented. In this scenario complex restrictions must be placed on the data, which might result in inappropriate actions if clinicians and other professionals are denied access to the data.

AB - A UML model of Authorization is described, which was developed for an Electronic Medical Records application in collaboration with the UK NHS Information Authority. The model is an enhancement of the UK Healthcare Model (HcM), in that it provides extra classes for use with HcM classes. It provides powerful confidentiality specification capabilities, which can also be used in other applications. A Role (actually called AgentActivityType for consistency with the HcM) may be directly associated with an Accountability. An Accountability is an agreement where one Party commissions a second Party to undertake Activities under the authority of that Accountability. Four types of Confidentiality Permission are defined which allow access to data items (SubjectPhenomena), or to data items with specific types (SubjectPhenomenonType). Access can be granted to individual Agents, or to AuthorizedAgents acting in specified Roles. A model of override allows the Confidentiality Permissions to be overridden in a strictly controlled way. Override facilities are granted to Agents by establishing appropriate Accountabilities, and any use of override is logged. Access to data can be granted to groups of Agents, and to groups of Roles. Establishing access rights for a group involves defining a set of Confidentiality Permissions for the group. The Authorization Model is illustrated throughout the paper by examples from healthcare. In particular a demanding scenario (child abuse) is presented. In this scenario complex restrictions must be placed on the data, which might result in inappropriate actions if clinicians and other professionals are denied access to the data.

UR - http://www.scopus.com/inward/record.url?scp=0033646048&partnerID=8YFLogxK

M3 - Paper

SP - 71

EP - 76

ER -

Longstaff J, Lockyer MA, Capper G, Thick MG. Model of accountability, confidentiality and override for healthcare and other applications. 2000. Paper presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Ger, .