Privacy aware access controls for medical data disclosure on European healthgrids

Abstract

To be processed within a healthgrid environment, medical data goes through a complete lifecycle and several stages until it is finally used for the primary reason it has been collected for. This stage is not always the final occurrence of when the data would have been manipulated. The data could rather continue to be needed for secondary purposes of legitimate or non legitimate nature. Although other privacy issues are related to the processing of patient data while it is residing on a healthgrid environment, the control of data disclosure is our primary interest. When sharing medical data between different Healthcare and biomedical research organizations in Europe, it is important that the different parties involved in the sharing handle the data in the same way indicated by the legislation of the member state where the data was originally collected as the requirements might differ from one state to another. Privacy requirements, such as patient consent, may be subject to conflicting conditions between different national frameworks as well as between different legal and ethical frameworks within a single member state. These circumstances have made the compliance management process in European healthgrid very challenging. In this paper we are presenting an approach to tackle these issues by relying on several technologies contained in the semantic web stack. Our work suggests a direct mapping from high level legislation on privacy and data protection to operational level privacy aware controls. Additionally we suggest an architecture for the enforcement of these controls on access control models adopted by healthgrids security infrastructures.