• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

电子健康记录中的访问控制与权限管理:一项系统文献综述

Access control and privilege management in electronic health record: a systematic literature review.

作者信息

Jayabalan Manoj, O'Daniel Thomas

机构信息

Asia Pacific University of Technology and Innovation, Technology Park Malaysia, Bukit Jalil, 57000, Kuala Lumpur, Malaysia.

出版信息

J Med Syst. 2016 Dec;40(12):261. doi: 10.1007/s10916-016-0589-z. Epub 2016 Oct 8.

DOI:10.1007/s10916-016-0589-z
PMID:27722981
Abstract

This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

摘要

本研究对电子健康记录系统的访问控制进行了系统的文献综述,以保护患者隐私。2006年至2016年的文章是从美国计算机协会数字图书馆、电气与电子工程师协会(IEEE)Xplore数字图书馆、科学Direct、医学文献数据库(MEDLINE)和MetaPress中提取的,采用了广泛的纳入标准,并根据ISO22600的分析进行选择。加密标准和方法不在本综述范围内。目前正在积极研究和开发三大类模型:电子健康记录的访问控制、互操作性的访问控制和风险分析的访问控制。传统的基于角色的访问控制模型通过空间、时间、概率、动态和语义等方面进行扩展,以捕获上下文信息并提供细粒度的访问控制。维护审计跟踪以及在紧急情况下允许完全访问的覆盖正常角色的设施是常见特征。利用基于本体的知识表示来定义规则的访问权限框架引起了相当大的兴趣,因为其较高的抽象级别使得能够对领域知识进行建模并有效地验证访问请求。

相似文献

1
Access control and privilege management in electronic health record: a systematic literature review.电子健康记录中的访问控制与权限管理:一项系统文献综述
J Med Syst. 2016 Dec;40(12):261. doi: 10.1007/s10916-016-0589-z. Epub 2016 Oct 8.
2
[Access control management in electronic health records: a systematic literature review].电子健康记录中的访问控制管理:一项系统文献综述
Gac Sanit. 2012 Sep-Oct;26(5):463-8. doi: 10.1016/j.gaceta.2011.11.019. Epub 2012 Mar 15.
3
Blockchain Integration With Digital Technology and the Future of Health Care Ecosystems: Systematic Review.区块链与数字技术融合与医疗保健生态系统的未来:系统评价。
J Med Internet Res. 2021 Nov 2;23(11):e19846. doi: 10.2196/19846.
4
Technologies for Interoperable Internet of Medical Things Platforms to Manage Medical Emergencies in Home and Prehospital Care: Scoping Review.用于管理家庭和院前护理中医疗紧急情况的可互操作医疗物联网平台技术:范围审查
J Med Internet Res. 2025 Jan 23;27:e54470. doi: 10.2196/54470.
5
A knowledge-based taxonomy of critical factors for adopting electronic health record systems by physicians: a systematic literature review.基于知识的医师采用电子健康记录系统的关键因素分类法:系统文献回顾。
BMC Med Inform Decis Mak. 2010 Oct 15;10:60. doi: 10.1186/1472-6947-10-60.
6
Experiences of gynecological cancer patients receiving care from specialist nurses: a qualitative systematic review.妇科癌症患者接受专科护士护理的体验:一项定性系统综述。
JBI Database System Rev Implement Rep. 2017 Aug;15(8):2087-2112. doi: 10.11124/JBISRIR-2016-003126.
7
Blockchain Personal Health Records: Systematic Review.区块链个人健康记录:系统评价。
J Med Internet Res. 2021 Apr 13;23(4):e25094. doi: 10.2196/25094.
8
Computerised decision support systems in order communication for diagnostic, screening or monitoring test ordering: systematic reviews of the effects and cost-effectiveness of systems.计算机决策支持系统在诊断、筛查或监测检验申请方面的交流应用:系统的效果和成本效益的系统评价。
Health Technol Assess. 2010 Oct;14(48):1-227. doi: 10.3310/hta14480.
9
Education support services for improving school engagement and academic performance of children and adolescents with a chronic health condition.改善患有慢性病的儿童和青少年的学校参与度和学业成绩的教育支持服务。
Cochrane Database Syst Rev. 2023 Feb 8;2(2):CD011538. doi: 10.1002/14651858.CD011538.pub2.
10
Effectiveness and cost-effectiveness of computer and other electronic aids for smoking cessation: a systematic review and network meta-analysis.计算机和其他电子戒烟辅助手段的有效性和成本效益:系统评价和网络荟萃分析。
Health Technol Assess. 2012;16(38):1-205, iii-v. doi: 10.3310/hta16380.

引用本文的文献

1
Transforming Health Data to Actionable Information: Recent Progress and Future Opportunities in Health Information Exchange.将健康数据转化为可操作的信息:健康信息交换的最新进展和未来机遇。
Yearb Med Inform. 2022 Aug;31(1):203-214. doi: 10.1055/s-0042-1742519. Epub 2022 Dec 4.
2
Assessment of Doctors' Knowledge and Attitudes Towards Confidentiality in Hospital Care.评估医生在医院护理中对保密性的知识和态度。
Sci Eng Ethics. 2019 Oct;25(5):1531-1548. doi: 10.1007/s11948-018-0078-5. Epub 2019 Jan 2.
3
Cerberus, an Access Control Scheme for Enforcing Least Privilege in Patient Cohort Study Platforms : A Comprehensive Access Control Scheme Applied to the GENIDA Project - Study of Genetic Forms of Intellectual Disabilities and Autism Spectrum Disorders.

本文引用的文献

1
Designing for privacy management in hospitals: Understanding the gap between user activities and IT staff's understandings.医院隐私管理设计:理解用户活动与IT人员认知之间的差距。
Int J Med Inform. 2015 Dec;84(12):1065-75. doi: 10.1016/j.ijmedinf.2015.09.006. Epub 2015 Oct 3.
2
Dynamic access control model for privacy preserving personalized healthcare in cloud environment.云环境下用于隐私保护个性化医疗保健的动态访问控制模型
Technol Health Care. 2015;24 Suppl 1:S123-9. doi: 10.3233/THC-151059.
3
New threats to health data privacy.
塞伯鲁斯:一种用于在患者队列研究平台中实施最小特权的访问控制方案:一种综合访问控制方案在 GENIDA 项目中的应用——研究智力残疾和自闭症谱系障碍的遗传形式。
J Med Syst. 2017 Nov 16;42(1):1. doi: 10.1007/s10916-017-0844-y.
新的健康数据隐私威胁。
BMC Bioinformatics. 2011 Nov 24;12 Suppl 12(Suppl 12):S7. doi: 10.1186/1471-2105-12-S12-S7.
4
Advances and current state of the security and privacy in electronic health records: survey from a social perspective.电子健康记录的安全性和隐私性的进展和现状:从社会角度的调查。
J Med Syst. 2012 Oct;36(5):3019-27. doi: 10.1007/s10916-011-9779-x. Epub 2011 Sep 21.
5
A method to implement fine-grained access control for personal health records through standard relational database queries.通过标准关系型数据库查询实现个人健康记录细粒度访问控制的方法。
J Biomed Inform. 2010 Oct;43(5 Suppl):S46-S50. doi: 10.1016/j.jbi.2010.08.001. Epub 2010 Aug 7.
6
Aspect-oriented design and implementation of adaptable access control for electronic medical records.面向方面的设计和电子病历可适应访问控制的实现。
Int J Med Inform. 2010 Mar;79(3):181-203. doi: 10.1016/j.ijmedinf.2009.12.007. Epub 2010 Feb 1.
7
The PRISMA statement for reporting systematic reviews and meta-analyses of studies that evaluate health care interventions: explanation and elaboration.《系统评价与Meta分析优先报告条目声明》:针对评估卫生保健干预措施的研究的报告规范解释与阐述
Ann Intern Med. 2009 Aug 18;151(4):W65-94. doi: 10.7326/0003-4819-151-4-200908180-00136. Epub 2009 Jul 20.
8
Situation-Based Access Control: privacy management via modeling of patient data access scenarios.基于情境的访问控制:通过对患者数据访问场景进行建模实现隐私管理。
J Biomed Inform. 2008 Dec;41(6):1028-40. doi: 10.1016/j.jbi.2008.03.014. Epub 2008 Apr 10.