Hi, It wouldn't be honnest to say that I have correctly read the paper at (http://www.soi.city.ac.uk/~bernie/hsp.pdf) . It always takes some time to "enter" in the formalization work of someone else (I sometimes get lost in my own formalization work ;o) ).
From my point of view, the "confidentiality" job can be thought inside 2 referentials : The health professionals referential : At T time, there is a steady list of health professionnals (owning the system) and they see patients passing by. You have to establish confidentiality rules inside this "domain", and since data also exist inside other systems, the confidentiality rules between domains. The patient referential : Let's imagine the patient would posess it's own "health project manager" and this tool would be the confidentiality rule manager for his own health data. The confidentiality rules for a document (or an object in a more general case) are no longer based on a steady list of professionals, but on the "position" of the professionals inside the patient's health team. I hope I didn't get it more complex ;o) Philippe AMELINE >This message forwarded on behalf of Prof Bernard Cohen: > > > > > > Merely providing the mechanisms for access control will not suffice. > > > That was the basis of Ross Anderson's withering attack on the NHS > network, > > on > > > behalf of the BMC, that led to a great deal of embarrassment for the NHS > > > and the UK government. > > > The hard part is to define a security policy model that: > > > -- is provably adequate with respect to the relevant legislative and > > ethical > > > environments; > > > -- is demonstrably implementable by the technical and social > > infrastructure; > > > -- comes complete with compliance checks that are necessary and > sufficient > > for > > > validating any proposed implementation. > > > As far as I know, my preliminary paper on this matter > > > (http://www.soi.city.ac.uk/~bernie/hsp.pdf), incomplete though it is, is > > the > > > only work done in this area. As you'll see, it requires a degree of > > semantic > > > formalisation that is beyond the scope of any of the currently proposed > > EPR > > > standards, GEHR included. The fact that this degree of formalisation is > > also > > > beyond the comprehansion of most of the stakeholders is irrelevant. You > > don't > > > have to understand computational fluid dynamics to use a weather > forecast. > > > > > > Quoting Thomas Beale <thomas at deepthought.com.au>: > > > > > > > "Bennett Quinn" <bnq at bneq.net>, > > > > > > > > > What is the proposed confidentiality model? > > > > > > > > > > >-- >__ >Prof Bernard Cohen, Dept of Comp Sc, City Univ, Northampton Sq. >London EC1V 0HB tel: ++44-20-7040-8448 fax: ++44-20-7040-8587 >b.cohen at city.ac.uk WWW: http://www.soi.city.ac.uk/~bernie >"Patterns lively of the things rehearsed" > >---------------------------------------------------------------- >This message was sent using IMP, the Internet Messaging Program. > >-- >Ocean Informatics: http://www.OceanInformatics.biz >Deep Thought: http://www.deepthought.com.au >openEHR: http://www.openEHR.org > > > >- >If you have any questions about using this list, >please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
