Título: MEDINFO 2010, PTS I AND II Pesquisar Publicações da Ata de Conferência

Páginas: 666-670

13th World Congress on Medical and Health Informatics of International-Medical-Informatics-Association (Medinfo)

Cape Town, SOUTH AFRICA, SEP 12-15, 2010

ISI Web of Knowledge - 5 Citações

Scopus - 10 Citações

ID Authenticus: P-007-WCN

DOI: 10.3233/978-1-60750-588-4-666

Abstract (EN): Translating legislation and regulations into access control systems in healthcare is, in practice, not a straightforward task. Excessive regulation can create barriers to appropriate patient treatment. The main objective of this paper is to present a new methodology that can define, from legislation to practice, an access control policy as well as a RBAC model, in order to comprise generic legislation and regulation issues together with the access control needs from the ends users of a healthcare information system. The methodology includes the use of document analysis as well as grounded theory and mixed methods research. This methodology can be easily applied within a healthcare practice or any other domain with similar requirements. It helps to bridge the gap between legislation and end users' needs, while integrating information security into the healthcare processes in a more meaningful way.

Idioma: Inglês

Tipo (Avaliação Docente): Científica

Nº de páginas: 5