TY - JOUR
T1 - The tees confidentiality model
T2 - Mechanisms for implementing the sealed envelope
AU - Longstaff, Jim
AU - Lockyer, Mike
PY - 2005/6/1
Y1 - 2005/6/1
N2 - This paper offers mechanisms capable of implementing the authorization functionality to be supported by the NHS Care Records Service. The patient-confidentiality model for the Care Records Service includes restricting access to data by placing the data in a Sealed Envelope; providing access to data based on Legitimate Relationship, and other concepts; and the overriding of access restrictions in extraordinary or emergency situations. We informally show through examples how the Tees Confidentiality Model, a sophisticated model of authorization, can be used to implement Care Records Service authorization functionality to the level currently proposed, and also to much greater levels if they ever were to be required. The mechanisms discussed include using a range of permission types, called Confidentiality Permission Types; processing Confidentiality Permissions in a defined order according to complexity of type; using negative permissions to deny access; and providing override mechanisms for negative permissions.
AB - This paper offers mechanisms capable of implementing the authorization functionality to be supported by the NHS Care Records Service. The patient-confidentiality model for the Care Records Service includes restricting access to data by placing the data in a Sealed Envelope; providing access to data based on Legitimate Relationship, and other concepts; and the overriding of access restrictions in extraordinary or emergency situations. We informally show through examples how the Tees Confidentiality Model, a sophisticated model of authorization, can be used to implement Care Records Service authorization functionality to the level currently proposed, and also to much greater levels if they ever were to be required. The mechanisms discussed include using a range of permission types, called Confidentiality Permission Types; processing Confidentiality Permissions in a defined order according to complexity of type; using negative permissions to deny access; and providing override mechanisms for negative permissions.
UR - http://www.scopus.com/inward/record.url?scp=28944442031&partnerID=8YFLogxK
U2 - 10.1080/14639230500298792
DO - 10.1080/14639230500298792
M3 - Article
C2 - 16338804
AN - SCOPUS:28944442031
SN - 1463-9238
VL - 30
SP - 157
EP - 166
JO - Medical Informatics and the Internet in Medicine
JF - Medical Informatics and the Internet in Medicine
IS - 2
ER -