In emergency situations, different actors involved in first aid services should be authorized to retrieve information from the patient’s Electronic Health Records (EHRs). The research objectives of this work involve the development and implementation of methods to characterise emergency situations requiring extraordinary access to healthcare data. The aim is to implement such methods based on contextual information pertaining to specific patients and emergency situations and also leveraging personalisation aspects which enable the efficient access control on sensitive data during emergencies. The Attribute Based Access Control paradigm is used in order to grant access to EHRs based on contextual information. We introduce an ABAC approach using personalized context handlers, in which raw contextual information can be uplifted in order to recognize critical situations and grant access to healthcare data. Results indicate that context-aware ABAC is a very effective method for detecting critical situations that require emergency access to personal health records. In comparison to RBAC implementations of emergency access control to EHRs, the proposed ABAC implementation leverages contextual information pertaining to the specific patient and emergency situations. Contextual information increases the capability of ABAC to recognize critical situations and grant access to healthcare data.
Effective access control techniques are in demand, as electronically assisted healthcare services require the patient’s sensitive health records. In emergency situations, where the patient’s well-being is jeopardized, different healthcare actors associated with emergency cases should be granted permission to access Electronic Health Records (EHRs) of patients. The research objective of our study is to develop machine learning techniques based on patients’ time sequential health metrics and integrate them with an Attribute Based Access Control (ABAC) mechanism. We propose an ABAC mechanism that can yield access to sensitive EHRs systems by applying prognostic context handlers where contextual information, is used to identify emergency conditions and permit access to medical records. Specifically, we use patients’ recent health history to predict the health metrics for the next two hours by leveraging Long Short Term Memory (LSTM) Neural Networks (NNs). These predicted health metrics values are evaluated by our personalized fuzzy context handlers, to predict the criticality of patients’ status. The developed access control method provides secure access for emergency clinicians to sensitive information and simultaneously safeguards the patient’s well-being. Integrating this predictive mechanism with personalized context handlers proved to be a robust tool to enhance the performance of the access control mechanism to modern EHRs System.
Background As digital healthcare services handle increasingly more sensitive health data, robust access control methods are required. Especially in emergency conditions, where the patient’s health situation is in peril, different healthcare providers associated with critical cases may need to be granted permission to acquire access to Electronic Health Records (EHRs) of patients. The research objective of our work is to develop a proactive access control method that can grant emergency clinicians access to sensitive health data, guaranteeing the integrity and security of the data, and generating trust without the need for a trusted third party.Methods To enable proactivity, we apply Long Short Term Memory (LSTM) Neural Networks (NNs) that utilize patient’s recent health history to prognose the next two-hour health metrics values. Fuzzy logic is used to evaluate the severity of the patient’s health state. These techniques are incorporated in a private and permissioned Hyperledger-Fabric blockchain network, capable of securing patient’s sensitive information in the blockchain network.Results Integrating this predictive mechanism within the blockchain network proved to be a robust tool to enhance the performance of the access control mechanism. Furthermore, our blockchain network can record the history of who and when had access to a specific patient’s sensitive EHRs, guaranteeing the integrity and security of the data.Conclusions Our proposed mechanism informs proactively the emergency team about patients’ critical situations by combining fuzzy and predictive techniques, and it exploits the distributed data of the blockchain network, guaranteeing the integrity and security of the data, and enhancing the users’ trust to the mechanism.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.