ire ogunsina, sarah n. lim choi keung, lei zhao, gavin langford, edward tyler, theodoros n....

Modelling a User Authorisation and Data Access Framework for Multi-Specialty

Research Systems in Secondary Health Care

Ire Ogunsina, Sarah N. Lim Choi Keung, Lei Zhao, Gavin Langford, Edward Tyler, Theodoros N. Arvanitis

University of Birmingham & Birmingham and Black Country Comprehensive Local Research Network, United Kingdom{i.ogunsina, s.n.limchoikeung, l.zhao, e.tyler, t.arvanitis}@bham.ac.uk,

Gavin.Langford@uhb.nhs.uk

22nd November 2011Presented by James Rossiter

j.rossiter@bham.ac.ukUniversity of Birmingham, UK

Research systems in Secondary Health care Part of a larger multi-specialty Electronic Healthcare

Record (EHR) system Use cases exclude emergency access to patient data Access control not authentication

Context and Scope

James Rossiter | j.rossiter@bham.ac.uk

Patient data is: ◦ critical for research purposes◦ stored in various EHR systems

System must be Caldicott-compliant: ◦ all access should be on ‘need to know’ basis◦ must adhere to ethical and legal standards

Researchers, our system users: ◦ belong to different specialties◦ different health organizations ◦ have different research objectives

Interoperable, multi-specialty, Hospital Enterprise Information Management Systems are the key to better research

Introduction

James Rossiter | j.rossiter@bham.ac.uk

Aim: Secure, Interoperable and Collaborative Systems

James Rossiter | j.rossiter@bham.ac.uk

Access on need to know basis Enhancements to Role-Based Access Control (RBAC)

Legitimate Relationships (LR)◦ user can only access data if involved in a patient’s care

Sealed Envelopes (SE)◦ allow selected data to be accessible by outside specialists

Patient Consent (PC)◦ indicates patient’s choice on participation in research activities

Caldicott Guardian’s Stipulation

James Rossiter | j.rossiter@bham.ac.uk

Standard RBAC problems include◦ separation of duty – multiple roles and permissions◦ role precedence – inconsistency with multiple role users

Extend traditional RBAC systems◦ create/define roles◦make roles hierarchical◦ assign researchers to roles

Standard RBAC Issues and Alternative Approaches

James Rossiter | j.rossiter@bham.ac.uk

Licensed third party resources◦ software licenses◦ algorithms ◦may have hospital or patient based terms and conditions

Protecting access to licensed resources◦ use same approach as patient data

Management of Non-Patient Resources

James Rossiter | j.rossiter@bham.ac.uk

Should researcher B be able to access patient identifiable data of patient A?

James Rossiter | j.rossiter@bham.ac.uk

How do you handle licensed resources?

James Rossiter | j.rossiter@bham.ac.uk

Policy object can be of type:◦ trust◦ specialty◦ patient◦ researcher◦ role◦ action◦ resource

XML based descriptions of: ◦ permissions◦ dates◦ others

Our Policy Based Approach

James Rossiter | j.rossiter@bham.ac.uk

uc Use Case Model

Policy

Trust Role Specialty

Composite Subject Policy

James Rossiter | j.rossiter@bham.ac.uk

Sealed envelope

Patient consent

Patient consents but wishes to hide HIV status:

COPD researcher is member of UHB trust, which has license for HADS resource:

Composite policy type

Examples:

Availability

James Rossiter | j.rossiter@bham.ac.uk

Availability of data or resource determined by:◦ policy aggregation model◦ access decision framework

Conclusions

James Rossiter | j.rossiter@bham.ac.uk

EHR systems are critical to research quality Strict adherence to ethical and legal guidelines is

required Traditional RBAC limited in complexity and scope New systems must allow for multi-specialty

collaboration

Our policy based approach allows for more complex patient and resource based access control

Thank You

Dr James RossiterSchool of Electronic, Electrical and Computer Engineering

University of BirminghamUK

j.rossiter@bham.ac.uk

Any questions?