A Knowledge-Constrained Access Control Model for Protecting Patient Privacy in Hospital Information Systems

A medical big data access control model based on smart contracts and risk in the blockchain environment

The rapid development of the Hospital Information System has significantly enhanced the convenience of medical research and the management of medical information. However, the internal misuse and privacy leakage of medical big data are critical issues that need to be addressed in the process of medical research and information management. Access control serves as a method to prevent data misuse and privacy leakage. Nevertheless, traditional access control methods, limited by their single usage scenario and susceptibility to single point failures, fail to adapt to the polymorphic, real-time, and sensitive characteristics of medical big data scenarios. This paper proposes a smart contracts and risk-based access control model (SCR-BAC). This model integrates smart contracts with traditional risk-based access control and deploys risk-based access control policies in the form of smart contracts into the blockchain, thereby ensuring the protection of medical data. The model categorizes risk into historical and current risk, quantifies the historical risk based on the time decay factor and the doctor's historical behavior, and updates the doctor's composite risk value in real time. The access control policy, based on the comprehensive risk, is deployed into the blockchain in the form of a smart contract. The distributed nature of the blockchain is utilized to automatically enforce access control, thereby resolving the issue of single point failures. Simulation experiments demonstrate that the access control model proposed in this paper effectively curbs the access behavior of malicious doctors to a certain extent and imposes a limiting effect on the internal abuse and privacy leakage of medical big data.

Security, confidentiality, privacy and patient safety in the hospital information systems from the users' perspective: A cross-sectional study

INTRODUCTION

Patient safety maintenance and improvement is an expected core function of Hospital Information Systems (HISs). Patient safety can be affected by the privacy, confidentiality, and security of patient information. This study aimed to evaluate the security, confidentiality, privacy, and patient safety in the HISs from the users' perspective.

METHODS

A descriptive, analytical, cross-sectional study was conducted in five teaching hospitals affiliated with Zahedan University of Medical Sciences in 2022. The research population consisted of users of HISs in the nursing, medical records, radiology, laboratory, and pharmacy departments. The sample included 397 participants. The data were collected using a researcher-made questionnaire and analyzed with the SPSS software using descriptive (mean, standard deviation, frequency, and percentage) and analytical (Pearson, Spearman, and chi-square tests) statistics.

RESULTS

The mean score of patient information privacy, confidentiality, security, and patient safety was 3.19 ± 0.585, 2.48 ± 1.143, 2.53 ± 0.940, and 2.60 ± 0.959, respectively. Patient safety had a strong positive correlation with security and confidentiality, and a moderate positive correlation with patient information privacy (P < 0.05).

CONCLUSION

The given HISs were at a relatively desirable level in terms of information privacy, security, and patient safety and at an undesirable level concerning confidentiality from the users' perspective. Developing guidelines and regulations regarding the privacy, confidentiality, security, and patient safety of HISs, supervising their implementation by responsible agencies and departments, and educating and training healthcare professionals about these concepts are essential to improve the existing situation in HISs of the evaluated hospitals.

Methodology and mechanisms for federation of heterogeneous metadata sources and ontology development in emerging collaborative environment

Purpose

Leading-edge information and communication technology provides the base to facilitate obtaining, interoperating and federating shared metadata knowledge in collaborative networks from multiple heterogeneous data sources. The purpose of this study is to develop a methodology and a set of mechanisms to support this task in the collaborative environment.

Design/methodology/approach

In this paper, the authors first identify and capture four main typical sources to find or generate metadata knowledge for shared data in emerging networked environments, including existing well-designed metadata, the typical ones are relational schemas of existing databases in the environment; fragmented metadata sources, i.e. metadata that can be realized from existing mission statements and example application scenarios in the environment, usually characterized by their fragmented, lightweight and behavior-intensive features; extracting metadata for simple labeled unstructured data, e.g. textual communications among its stakeholders; and semantic constraints on metadata, e.g. the temporal data behavior could be generated from governance policies in the environment. Second, the authors introduce their systematic methodology to the unification of the resulted metadata consisting of four semiautomated unification steps that gradually develops and enhances a unified ontology for the environment, formalized in web ontology language.

Findings

The methodology steps and their corresponding mechanisms are described and exemplified in detail in this paper. Furthermore, this paper presents the outcome of applying the authors’ methodology to an example emerging case through the generation of a unified ontology for that environment.

Originality/value

The addressed example application area is a real case in the field of higher education in China and therefore serves as a proof of concept and verification of the effectiveness of the authors’ proposed approach.