缅北禁地

Velasco, Lemuel Clark P. » Research » Scholarly articles

Title Access Control Solutions in Electronic Health Record Systems: A Systematic Review
Authors Cobrado, Usha Nicole; Sharief, Suad; Regahal, Noven Grace; Zepka, Erik; Mamauag, Minnie; Velasco, Lemuel Clark
Publication date 2024/7/15
Journal Informatics in Medicine Unlocked
Volume 49
Pages 101552
Publisher Elsevier
Abstract Electronic Health Records (EHRs) are electronically-stored patient medical histories shared among healthcare institutions. Recent studies show that EHRs experience healthcare data protection challenges, and the difficulty lies in providing access to the right individuals at the appropriate time and place. This study synthesizes and analyzes existing literature on access control solutions in EHRs through a systematic literature review. Using the 2020 PRISMA guidelines, a total of 20 qualified journal articles were examined and each proposed mechanism was grouped according to the four categories of access control: Identification, Authentication, Authorization, and Accountability (IAAA). Our findings reveal an interconnection between these categories, with the most popular authorization mechanism being Attribute-based Access Control (ABAC). Methodologies analyzed include a credential system (12 studies), authentication (10 studies), and accountability (2 studies); these most commonly used unique IDs, digital signatures and access control logs respectively. Prominent research gaps found in the sample literature are methodology implementation and standards compliance limitations, of which the former includes the lack of multi-factor authentication, emergency access, patient consent, and accountability. From these findings we infer that further research is needed to protect EHRs from these information security threats.
Index terms / Keywords Access control; Electronic health record; Identification; Authentication; Authorization; Accountability; Data privacy; Data security
DOI
URL
Back Top