As a guest user you are not logged in or recognized by your IP address. You have
access to the Front Matter, Abstracts, Author Index, Subject Index and the full
text of Open Access publications.
Translating legislation and regulations into access control systems in healthcare is, in practice, not a straightforward task. Excessive regulation can create barriers to appropriate patient treatment. The main objective of this paper is to present a new methodology that can define, from legislation to practice, an access control policy as well as a RBAC model, in order to comprise generic legislation and regulation issues together with the access control needs from the ends users of a healthcare information system. The methodology includes the use of document analysis as well as grounded theory and mixed methods research. This methodology can be easily applied within a healthcare practice or any other domain with similar requirements. It helps to bridge the gap between legislation and end users' needs, while integrating information security into the healthcare processes in a more meaningful way.
This website uses cookies
We use cookies to provide you with the best possible experience. They also allow us to analyze user behavior in order to constantly improve the website for you. Info about the privacy policy of IOS Press.
This website uses cookies
We use cookies to provide you with the best possible experience. They also allow us to analyze user behavior in order to constantly improve the website for you. Info about the privacy policy of IOS Press.