Authorization Framework for Medical Data

摘要

In this paper, the authors describe an approach for sharing sensitive medical data with the consent of the data owner. The framework builds on the advantages of the Semantic Web technologies and makes it secure and robust for sharing sensitive information in a controlled environment. The framework uses a combination of Role-Based and Rule-Based Access Policies to provide security to a medical data repository as per the FAIR guidelines. A lightweight ontologywas developed, to collect consent from the users indicating which part of their data they want to share with another user having a particular role. Here, the authors have considered the scenario of sharing the medical data by the owner of data, say the patient, with relevant persons such as physicians, researchers, pharmacist, etc. To prove this concept, the authors developed a prototype and validated using the Sesame OpenRDF Workbench with 202,908 triples and a consent graph stating consents per patient.