Patients with online personal health records want to control access to their information in precise, detailed ways. But the system must be responsive and no more complex than necessary to provide. This paper, in the Journal of Biomedical Informatics, details one data system method.
The logic that humans can express easily and quickly in words often represents, to data base programmers, a complex set of conditions sifting through a mountain of data. For system providers of online health records, the issue is how to give patients “fine-grained” control over access to their health records with a system that also processes queries fast and is not burdensome for the system provider to operate.
- Although the eXtensible Access Control Markup Language (XACML) would give adequate control, developers feared its complexity would make it impractical and slow.
- Instead, programmers chose a simplified model (“PDP-RDBMS”) which implemented XACML-like logic through a relational database system using ANSI-standard SQL statements.
- Access control policies are represented through Access Rules (encoded as rows in a relational table) and Role Relationships.
- Each user is assigned a “role” in relationship to the particular user-patient, such as spouse, child, physician, etc. For example, the system could grant access to the patient’s physician but not to all users who are physicians.
- A requested operation is allowed only if at least one combination of Role Relationship and Access Rule exists that permits the operation, and none exist that deny the requested operation. For example, patients may want to grant health record access to all family members but do not want their children to have access to a particular element.
- Testing has shown good response times to queries.
Although this simplified model does not have the power and flexibility of XACML, it leverages the sophisticated capabilities of modern relational databases. The authors provide extensive supplementary materials.