Abstract
Electronic Health Records (EHRs) are electronically-stored patient medical histories shared among healthcare institutions. Recent studies show that EHRs experience healthcare data protection challenges, and the difficulty lies in providing access to the right individuals at the appropriate time and place. This study synthesizes and analyzes existing literature on access control solutions in EHRs through a systematic literature review. Using the 2020 PRISMA guidelines, a total of 20 qualified journal articles were examined and each proposed mechanism was grouped according to the four categories of access control: Identification, Authentication, Authorization, and Accountability (IAAA). Our findings reveal an interconnection between these categories, with the most popular authorization mechanism being Attribute-based Access Control (ABAC). Methodologies analyzed include a credential system (12 studies), authentication (10 studies), and accountability (2 studies); these most commonly used unique IDs, digital signatures and access control logs respectively. Prominent research gaps found in the sample literature are methodology implementation and standards compliance limitations, of which the former includes the lack of multi-factor authentication, emergency access, patient consent, and accountability. From these findings we infer that further research is needed to protect EHRs from these information security threats.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.