Modeling of an intelligent e-consent system in a healthcare domain

Due to rapid advances of computing power and communications, healthcare services are increasingly rely on the electronic processing and transmission of confidential patient data to reduce the costs and improve the quality. It is becoming more and more important that accessing the health information should be both secure and privacy preserving. Therefore access control becomes an important integral part of any secure healthcare computer software systems. Specification of access control requirements at early steps of the software life cycle can provide stakeholders rapid feedback and protect the system in a best possible way. On the other hand, intelligent systems are widely used in various computing areas ranging from medicine to manufacturing industries to financial markets. This paper studies how to model an intelligent e-Consent system about the security requirements regarding healthcare information protection. In this paper, we use UML to specify and visualize the access control policies in a health application domain. These policies are represented in logic based e-Consent rules, and the patient's consents about their information access can be derived from these rules. We first identify various parts necessary to specify the e-Consent rules about patient record protection requirements, and then propose UML models to demonstrate these requirements.