Rights Management for Role-Based Access Control

Healthcare requires a new approach with respect to the secure management of information. For this purpose the authors extend the Role Based Access Control model with context awareness, exceptions and delegation. By combining this extended model with common notions from the field of Enterprise/Digital Rights Management they obtain a framework for controlling shared information in a distributed environment. Advances in information and communication technologies are expected to bring large benefits in the healthcare domain: the introduction of interoperable Electronic Health Record (EHR) systems can reduce the cost of the healthcare system and enhance the overall quality of treatments, whereas Remote Patient Management services will limit the time a patient stays in hospital.