Security modelling for protecting electronic patients’ consent.
Loading...
Date
2018
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of Dar es Salaam
Abstract
The adoption of Health Information System (HIS) in the health sector has emerged as a significant element in the healthcare domain. Electronic Patient Records (EPR), which are part of HIS, represents patients’ medical records electronically. Patients' consent to EPR access is crucial for patients' privacy to be achieved. Research studies were done on Consent Management System (CMS) adoption and integration with HIS as the way to manage EPR access in HIS. However, majority of them provides inadequate security mechanisms to protect the patients’ consent. This study has developed a model to protect patients’ consent. The model development process involved identification of HIS and CMS as assets. Then, identification of threats on CMS was performed to determine the types of threats that may affect patients’ consent. This was performed together with attack trees analysis and risk assessment. Then, the model was designed by applying cryptography techniques to ensure CMS security requirements are achieved. Simulated and collected data from the University of Dar Es Salaam Medical Center were used to test the developed model. Developed model enforced CMS to process requests from trusted and registered sources only. It also provides assurance of consent integrity and confidentiality without depending on third party technologies such as Secure Socket Layer (SSL). In addition, audit trails, authorization and reliable availability of consent are provided by the developed model. Therefore, the developed model has improved patients’ consent security significantly compared to other studies in the reviewed literature.
Description
Available in print form, East Africana Collection, Dr. Wilbert Chagula Library, Class mark (THS EAF QA76.6.T34D352)
Keywords
Computer programming, Security modelling, Electronic patients', Data protection
Citation
Damas, E. (2018). Security modelling for protecting electronic patients’ consent. Master dissertation, University of Dar es Salaam. Dar es Salaam.