An XACML based framework for structured patient privacy policy (s3p)

Mizani, Mehrdad Alizadeh
The emergence of electronic healthcare have caused numerous changes in both substantive and procedural aspects of healthcare processes. Such changes have introduced new risks to patient privacy and information confidentiality. Traditional privacy policies fall too short to respond to privacy needs of patients in electronic healthcare. Structured and enforceable policies are needed in order to protect patient privacy in modern healthcare with its cross organizational information sharing and decision making. Structured Patient Privacy Policy (S3P) is a framework for a formalized and enforceable privacy policy in healthcare. S3P contains a prototype implementation of a structured and enforceable privacy policy based on eXtensible Access Control Markup Language (XACML). By simulating healthcare scenarios, S3P provides a means for experts from different professional backgrounds to assess the effect of policies on healthcare processes and to reach ethically sound privacy policies suitable for electronic healthcare.
Citation Formats
M. A. Mizani, “An XACML based framework for structured patient privacy policy (s3p),” M.S. - Master of Science, Middle East Technical University, 2006.