In healthcare the fast retrieval of clinical information on a patient can be vital, for example in an emergency, and allows anyway, in normal situations, an improvement in the service of care and a consequent significant reduction in costs (for example, eliminating the need to repeat medical examinations). Health information systems, and in particular Electronic Health Record Systems, enable clinical information to be found quickly and in a distributed environment. The information should be available only to authorized users, because much of it is sensitive. For this reason, it is necessary to use a mechanism that realizes access control, the main goal of which is to guarantee the confidentiality and integrity of the data, and to allow the definition of security rules which reflect the need for the privacy of the patients. In this work, we show the designed GUIs, which use the innovative access control system defined. GUIs allow patients to define in a detailed and clear manner the access rules concerning their clinical information, both in document and data form. The main innovation of this work is to provide the ability to protect the resources (documents and clinical data) of the system by presenting only the content of the information needed depending on the type of request made directly by the patients, the content being extrapolated from the resource request. This feature allows the definition of an access control model that increases the patients trust in the EHR system.

• 出版日期2015-12