Mario Sicuranza,Angelo Esposito,Mario Ciampi

DOI: https://doi.org/10.1007/s12652-015-0275-x

IF: 3.662

2015-04-01

Journal of Ambient Intelligence and Humanized Computing

Abstract:In healthcare the fast retrieval of clinical information on a patient can be vital, for example in an emergency, and allows anyway, in normal situations, an improvement in the service of care and a consequent significant reduction in costs (for example, eliminating the need to repeat medical examinations). Health information systems, and in particular Electronic Health Record Systems, enable clinical information to be found quickly and in a distributed environment. The information should be available only to authorized users, because much of it is sensitive. For this reason, it is necessary to use a mechanism that realizes access control, the main goal of which is to guarantee the confidentiality and integrity of the data, and to allow the definition of security rules which reflect the need for the privacy of the patients. In this work, we show the designed GUIs, which use the innovative access control system defined. GUIs allow patients to define in a detailed and clear manner the access rules concerning their clinical information, both in document and data form. The main innovation of this work is to provide the ability to protect the resources (documents and clinical data) of the system by presenting only the content of the information needed depending on the type of request made directly by the patients, the content being extrapolated from the resource request. This feature allows the definition of an access control model that increases the patients trust in the EHR system.

computer science, information systems,telecommunications, artificial intelligence

Pasupathy Vimalachandran,Hua Wang,Yanchun Zhang,Ben Heyward,Yueai Zhao

DOI: https://doi.org/10.48550/arXiv.1802.00575

2018-02-02

Abstract:As a consequence of the huge advancement of the Electronic Health Record (EHR) in healthcare settings, the My Health Record (MHR) is introduced in Australia. However security and privacy of the MHR system have been encumbering the development of the system. Even though the MHR system is claimed as patient-cenred and patient-controlled, there are several instances where healthcare providers (other than the usual provider) and system operators who maintain the system can easily access the system and these unauthorised accesses can lead to a breach of the privacy of the patients. This is one of the main concerns of the consumers that affect the uptake of the system. In this paper, we propose a patient centred MHR framework which requests authorisation from the patient to access their sensitive health information. The proposed model increases the involvement and satisfaction of the patients in their healthcare and also suggests mobile security system to give an online permission to access the MHR system.

Computers and Society

Daniel Agbesi Dzissah,Joong-Sun Lee,Hiroyuki Suzuki,Mie Nakamura,Takashi Obi

DOI: https://doi.org/10.4258/hir.2019.25.2.106

2019-01-01

Healthcare Informatics Research

Abstract:OBJECTIVES: Home-based nursing care services have increased over the past decade. However, accountability and privacy issues as well as security concerns become more challenging during care provider visits. Because of the heterogeneous combination of mobile and stationary assistive medical care devices, conventional systems lack architectural consistency, which leads to inherent time delays and inaccuracies in sharing information. The goal of our study is to develop an architecture that meets the competing goals of accountability and privacy and enhances security in distributed home-based care systems.METHODS: We realized this by using a context-aware approach to manage access to remote data. Our architecture uses a public certification service for individuals, the Japanese Public Key Infrastructure and Health Informatics-PKI to identify and validate the attributes of medical personnel. Both PKI mechanisms are provided by using separate smart cards issued by the government.RESULTS: Context-awareness enables users to have appropriate data access in home-based nursing environments. Our architecture ensures that healthcare providers perform the needed home care services by accessing patient data online and recording transactions.CONCLUSIONS: The proposed method aims to enhance healthcare data access and secure information delivery to preserve user's privacy. We implemented a prototype system and confirmed its feasibility by experimental evaluation. Our research can contribute to reducing patient neglect and wrongful treatment, and thus reduce health insurance costs by ensuring correct insurance claims. Our study can provide a baseline towards building distinctive intelligent treatment options to clinicians and serve as a model for home-based nursing care.

Martin Kasparick,Björn Andersen,Stefan Franke,Max Rockstroh,Frank Golatowski,Dirk Timmermann,Josef Ingenerf,Thomas Neumuth

DOI: https://doi.org/10.1080/13645706.2019.1599957

Abstract:Acute patient treatment can heavily profit from AI-based assistive and decision support systems, in terms of improved patient outcome as well as increased efficiency. Yet, only very few applications have been reported because of the limited accessibility of device data due to the lack of adoption of open standards, and the complexity of regulatory/approval requirements for AI-based systems. The fragmentation of data, still being stored in isolated silos, results in limited accessibility for AI in healthcare and machine learning is complicated by the loss of semantics in data conversions. We outline a reference model that addresses the requirements of innovative AI-based research systems as well as the clinical reality. The integration of networked medical devices and Clinical Repositories based on open standards, such as IEEE 11073 SDC and HL7 FHIR, will foster novel assistance and decision support. The reference model will make point-of-care device data available for AI-based approaches. Semantic interoperability between Clinical and Research Repositories will allow correlating patient data, device data, and the patient outcome. Thus, complete workflows in high acuity environments can be analysed. Open semantic interoperability will enable the improvement of patient outcome and the increase of efficiency on a large scale and across clinical applications.

Richard Osuala,Jieyi Li,Ognjen Arandjelovic

DOI: https://doi.org/10.1007/s41133-019-0012-7

2019-02-19

Augmented Human Research

Abstract:The increasing trend of systematic collection of medical data (diagnoses, hospital admission emergencies, blood test results, scans, etc) by healthcare providers offers an unprecedented opportunity for the application of modern data mining, pattern recognition, and machine learning algorithms. The ultimate aim is invariably that of improving outcomes, be it directly or indirectly. Notwithstanding the successes of recent research efforts in this realm, a major obstacle of making the developed models usable by medical professionals (rather than computer scientists or statisticians) remains largely unaddressed. Yet, a mounting amount of evidence shows that the ability to understand and easily use novel technologies is a major factor governing how widely adopted by the target users (doctors, nurses, and patients, amongst others) they are likely to be. In this work we address this technical gap. In particular, we describe a portable, web-based interface that allows healthcare professionals to interact with recently developed machine learning and data driven prognostic algorithms. Our application interfaces a statistical disease progression model and displays its predictions in an intuitive and readily understandable manner. Different types of geometric primitives and their visual properties (such as size or colour) are used to represent abstract quantities such as probability density functions, the rate of change of relative probabilities, and a series of other relevant statistics which the heathcare professional can use to explore patients’ risk factors or provide personalized, evidence and data driven incentivization to the patient.

Rong Jiang,Shanshan Han,Yimin Yu,Weiping Ding

DOI: https://doi.org/10.1016/j.ins.2022.11.102

IF: 8.1

2022-11-25

Information Sciences

Abstract:Access control has been widely adopted by distributed platforms, and its effectiveness is of great importance to the quality of services provided by such platforms. However, traditional access control is difficult to apply to scenarios where authorization changes frequently and to extremely large-scale datasets with limited resources. This paper proposes an access control model based on spectral clustering (SC) and risk (SC-RBAC), which is more suitable for big data medical scenarios. Based on user history access data, an improved SC algorithm is used to cluster doctor users. Then, the user classification is introduced as a parameter into the information entropy to improve the accuracy of quantifying the user's access behavior risk. Finally, based on the accurate risk value of access behavior, we assign access rights to users through the access control function constructed in the paper. Experimental results show that in three different situations, the model proposed in this paper can distinguish the two types of doctors well, the accuracy of the model can reach more than 90%, and it outperforms other access control models.

computer science, information systems

Rong Jiang,Shanshan Han,Mingyue Shi,Tilei Gao,Xusheng Zhao

DOI: https://doi.org/10.1155/2022/3086516

IF: 1.968

2022-03-15

Security and Communication Networks

Abstract:Edge computing is playing an increasingly important role in the field of health care. Edge computing provides high-quality personalized services to patients based on user and device data information. However, edge nodes will collect a large amount of sensitive patient information, and patients will also bear the risk of privacy disclosure while enjoying personalized services. How to reduce the risk of privacy disclosure while ensuring that patients enjoy personalized services brought by edge computing is the research content of this paper. In this paper, the work flow and management mode of Hospital Information System (HIS) are investigated on the spot, and the risk-adaptive access control model based on entropy is established. First, we use International Classification of Diseases, Tenth Revision (ICD-10) to mark the information resources accessed by users and use information entropy to measure the correlation “α” between medical information accessed by users and work tasks. Finally, we analyze the relationship between correlation “α” and risk through an example. The results show that users with high correlation α have low risk of access behavior, and users with low risk have high correlation α of access information resources and work goals. This discovery can help managers predict users’ access behavior in the Big Data environment, so as to dynamically formulate access control policies according to the actual access situation of users and then realize the privacy protection of medical big health data.

computer science, information systems,telecommunications

Walter V Sujansky,Sam A Faus,Ethan Stone,Patricia Flatley Brennan

DOI: https://doi.org/10.1016/j.jbi.2010.08.001

Abstract:Online personal health records (PHRs) enable patients to access, manage, and share certain of their own health information electronically. This capability creates the need for precise access-controls mechanisms that restrict the sharing of data to that intended by the patient. The authors describe the design and implementation of an access-control mechanism for PHR repositories that is modeled on the eXtensible Access Control Markup Language (XACML) standard, but intended to reduce the cognitive and computational complexity of XACML. The authors implemented the mechanism entirely in a relational database system using ANSI-standard SQL statements. Based on a set of access-control rules encoded as relational table rows, the mechanism determines via a single SQL query whether a user who accesses patient data from a specific application is authorized to perform a requested operation on a specified data object. Testing of this query on a moderately large database has demonstrated execution times consistently below 100ms. The authors include the details of the implementation, including algorithms, examples, and a test database as Supplementary materials.

Goutham Ramakrishnan,Aditya Nori,Hannah Murfet,Pashmina Cameron

DOI: https://doi.org/10.48550/arXiv.2011.07555

2020-11-15

Cryptography and Security

Abstract:The increasing popularity of machine learning approaches and the rising awareness of data protection and data privacy presents an opportunity to build truly secure and trustworthy healthcare systems. Regulations such as GDPR and HIPAA present broad guidelines and frameworks, but the implementation can present technical challenges. Compliant data management systems require enforcement of a number of technical and administrative safeguards. While policies can be set for both safeguards there is limited availability to understand compliance in real time. Increasingly, machine learning practitioners are becoming aware of the importance of keeping track of sensitive data. With sensitivity over personally identifiable, health or commercially sensitive information there would be value in understanding assessment of the flow of data in a more dynamic fashion. We review how data flows within machine learning projects in healthcare from source to storage to use in training algorithms and beyond. Based on this, we design engineering specifications and solutions for versioning of data. Our objective is to design tools to detect and track sensitive data across machines and users across the life cycle of a project, prioritizing efficiency, consistency and ease of use. We build a prototype of the solution that demonstrates the difficulties in this domain. Together, these represent first efforts towards building a compliant data management system for healthcare machine learning projects.

Chuanjia Yao,Rong Jiang,Bin Wu,Pinghui Li,Chenguang Wang

DOI: https://doi.org/10.1186/s12911-024-02638-5

2024-09-16

Abstract:Graded diagnosis and treatment, referral, and expert consultations between medical institutions all require cross domain access to patient medical information to support doctors' treatment decisions, leading to an increase in cross domain access among various medical institutions within the medical consortium. However, patient medical information is sensitive and private, and it is essential to control doctors' cross domain access to reduce the risk of leakage. Access control is a continuous and long-term process, and it first requires verification of the legitimacy of user identities, while utilizing control policies for selection and management. After verifying user identity and access permissions, it is also necessary to monitor unauthorized operations. Therefore, the content of access control includes authentication, implementation of control policies, and security auditing. Unlike the existing focus on authentication and control strategy implementation in access control, this article focuses on the control based on access log security auditing for doctors who have obtained authorization to access medical resources. This paper designs a blockchain based doctor intelligent cross domain access log recording system, which is used to record, query and analyze the cross domain access behavior of doctors after authorization. Through DBSCAN clustering analysis of doctors' cross domain access logs, we find the abnormal phenomenon of cross domain access, and build a penalty function to dynamically control doctors' cross domain access process, so as to reduce the risk of Data breach. Finally, through comparative analysis and experiments, it is shown that the proposed cross domain access control model for medical consortia based on DBSCAN and penalty function has good control effect on the cross domain access behavior of doctors in various medical institutions of the medical consortia, and has certain feasibility for the cross domain access control of doctors.

Toomas Klementi,Gunnar Piho,Peeter Ross

DOI: https://doi.org/10.3389/fmed.2024.1411013

IF: 3.9

2024-07-16

Frontiers in Medicine

Abstract:Introduction This paper addresses the dilemmas of accessibility, comprehensiveness, and ownership related to health data. To resolve these dilemmas, we propose and justify a novel, globally scalable reference architecture for a Personal Health Data Space (PHDS). This architecture leverages decentralized content-addressable storage (DCAS) networks, ensuring that the data subject retains complete control and ownership of their personal health data. In today's globalized world, where people are increasingly mobile for work and leisure, healthcare is transitioning from episodic symptom-based treatment toward continuity of care. The main aims of this are patient engagement, illness prevention, and active and healthy longevity. This shift, along with the secondary use of health data for societal benefit, has intensified the challenges associated with health data accessibility, comprehensiveness, and ownership. Method The study is structured around four health data use case scenarios from the Estonian National Health Information System (EHIS): primary medical use, medical emergency use, secondary use, and personal use. We analyze these use cases from the perspectives of accessibility, comprehensiveness, and ownership. Additionally, we examine the security, privacy, and interoperability aspects of health data. Results The proposed architectural solution allows individuals to consolidate all their health data into a unified Personal Health Record (PHR). This data can come from various healthcare institutions, mobile applications, medical devices for home use, and personal health notes. Discussions The comprehensive PHR can then be shared with healthcare providers in a semantically interoperable manner, regardless of their location or the information systems they use. Furthermore, individuals maintain the autonomy to share, sell, or donate their anonymous or pseudonymous health data for secondary use with different systems worldwide. The proposed reference architecture aligns with the principles of the European Health Data Space (EHDS) initiative, enhancing health data management by providing a secure, cost-effective, and sustainable solution.

medicine, general & internal

Abdullah Alabdulatif,Navod Neranjan Thilakarathne,Kassim Kalinaki

DOI: https://doi.org/10.3390/electronics12122646

IF: 2.9

2023-06-13

Electronics

Abstract:In the context of healthcare, big data refers to a complex compilation of digital medical data collected from many sources that are difficult to manage with normal technology and software due to its size and complexity. These big data are useful in various aspects of healthcare, such as disease diagnosis, early prevention of diseases, and predicting epidemics. Even though medical big data has many advantages and a lot of potential for revolutionizing healthcare, it also has a lot of drawbacks and problems, of which security and privacy are of the utmost concern, owing to the severity of the complications once the medical data is compromised. On the other hand, it is evident that existing security and privacy safeguards in healthcare organizations are insufficient to protect their massive, big data repositories and ubiquitous environment. Thus, motivated by the synthesizing of the current knowledge pertaining to the security and privacy of medical big data, including the countermeasures, in the study, firstly, we provide a comprehensive review of the security and privacy of medical big data, including countermeasures. Secondly, we propose a novel cloud-enabled hybrid access control framework for securing the medical big data in healthcare organizations, and the result of this research indicates that the proposed access control model can withstand most cyber-attacks, and it is also proven that the proposed framework can be utilized as a primary base to build secure and safe medical big data solutions. Thus, we believe this research would be useful for future researchers to comprehend the knowledge on the security and privacy of medical big data and the development of countermeasures.

engineering, electrical & electronic,computer science, information systems,physics, applied

Xuetao Pu,Rong Jiang,Zhiming Song,Zhihong Liang,Liang Yang

DOI: https://doi.org/10.3389/fpubh.2024.1358184

IF: 5.2

2024-03-29

Frontiers in Public Health

Abstract:The rapid development of the Hospital Information System has significantly enhanced the convenience of medical research and the management of medical information. However, the internal misuse and privacy leakage of medical big data are critical issues that need to be addressed in the process of medical research and information management. Access control serves as a method to prevent data misuse and privacy leakage. Nevertheless, traditional access control methods, limited by their single usage scenario and susceptibility to single point failures, fail to adapt to the polymorphic, real-time, and sensitive characteristics of medical big data scenarios. This paper proposes a smart contracts and risk-based access control model (SCR-BAC). This model integrates smart contracts with traditional risk-based access control and deploys risk-based access control policies in the form of smart contracts into the blockchain, thereby ensuring the protection of medical data. The model categorizes risk into historical and current risk, quantifies the historical risk based on the time decay factor and the doctor's historical behavior, and updates the doctor's composite risk value in real time. The access control policy, based on the comprehensive risk, is deployed into the blockchain in the form of a smart contract. The distributed nature of the blockchain is utilized to automatically enforce access control, thereby resolving the issue of single point failures. Simulation experiments demonstrate that the access control model proposed in this paper effectively curbs the access behavior of malicious doctors to a certain extent and imposes a limiting effect on the internal abuse and privacy leakage of medical big data.

public, environmental & occupational health

S. Arunprasath,Suresh Annamalai

DOI: https://doi.org/10.1007/s11042-024-18253-5

IF: 2.577

2024-01-31

Multimedia Tools and Applications

Abstract:The healthcare industry is increasingly reliant on access to large volumes of patient data, which is critical for improving patient outcomes, reducing costs, and ensuring regulatory compliance. However, there are significant challenges facing healthcare organizations in retrieving patient data from databases and ensuring the security and privacy of this data. Addressing these challenges is vital to the future success of the healthcare industry. This paper proposes two solutions to these challenges: a simplified ontology-based retrieval algorithm for healthcare multimedia data to enhance the retrieval process, and Hierarchical learning: ensemble model-based reinforcement learning to improve patient data security. An ontology-based retrieval algorithm was a method used to retrieve relevant information from large datasets. It filtered out irrelevant data and provided contextually relevant results. Hierarchical learning involved organizing learning tasks in a hierarchical structure, with higher-level policies guiding lower-level policies. Ensemble model-based reinforcement learning combined multiple models to improve the performance of a reinforcement learning system. The Simplified Ontology-Based Retrieval Algorithm had excellent performance with an accuracy of 92%, making it highly effective in information retrieval tasks. The paper highlights the importance of using advanced technologies and prioritizing cyber security in healthcare to maintain trust and optimal patient care. Cutting-edge technologies transformed healthcare by enhancing patient data retrieval and cyber security. Examples included encrypted computations, multi-party privacy, query result anonymization, real-time monitoring through IoMT, and secure data sharing. Adopting these solutions ultimately contributed to the protection of sensitive patient data and the overall security of healthcare organizations.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Nicole Martinez-Martin,Zelun Luo,Amit Kaushal,Ehsan Adeli,Albert Haque,Sara S Kelly,Sarah Wieten,Mildred K Cho,David Magnus,Li Fei-Fei,Kevin Schulman,Arnold Milstein

DOI: https://doi.org/10.1016/s2589-7500(20)30275-2

IF: 36.615

2021-02-01

The Lancet Digital Health

Abstract:<h2 class="section-title u-h3 u-margin-l-top u-margin-xs-bottom">Summary</h2><p>Ambient intelligence is increasingly finding applications in health-care settings, such as helping to ensure clinician and patient safety by monitoring staff compliance with clinical best practices or relieving staff of burdensome documentation tasks. Ambient intelligence involves using contactless sensors and contact-based wearable devices embedded in health-care settings to collect data (eg, imaging data of physical spaces, audio data, or body temperature), coupled with machine learning algorithms to efficiently and effectively interpret these data. Despite the promise of ambient intelligence to improve quality of care, the continuous collection of large amounts of sensor data in health-care settings presents ethical challenges, particularly in terms of privacy, data management, bias and fairness, and informed consent. Navigating these ethical issues is crucial not only for the success of individual uses, but for acceptance of the field as a whole.</p>

medicine, general & internal

David Leimstädtner,Peter Sörries,Claudia-Müller Birn

2024-07-04

Abstract:In the digital health domain, ethical data collection practices are crucial for ensuring the availability of quality datasets that drive medical advancement. Data donation, allowing patients to share their clinical data for secondary research use, presents a promising resource for such datasets. Yet, current consent interfaces mediating data-sharing decisions are found to favor data-collectors' values by leveraging cognitive biases in data-subjects towards higher data-sharing rates. This raises ethical concerns about the use of data collected, as well as concerning the quality of the resulting datasets. Seeking to establish patient-centered data collection practices in digital health, we investigate the design of consent interfaces that support end-users in making value-congruent health data-sharing decisions. Focusing our research efforts on the situated context of health data donation at the psychosomatic unit of a German university hospital, we demonstrate how a human-centered design can ground technology within the perspective of a vulnerable group. We employed an exploratory sequential mixed-method approach consisting of five phases: Participatory workshops explore patient values, informing the design of a proposed Value-Centered Consent Interface. An online experiment demonstrates our interface element's effect, increasing value-congruence in data-sharing decisions. Our proposed consent interface design is then adapted to the research context through a co-creation workshop with subject experts and a user evaluation with patients. Our work contributes to recent discourse in CSCW concerning ethical implications of new data practices within their socio-technological context by exploring patient values on medical data sharing, introducing a novel consent interface to support value-congruent decision-making, and providing a situated evaluation of the proposed interface with patients.

Human-Computer Interaction

Ngoc Hong Tran,Thien-An Nguyen-Ngoc,Nhien-An Le-Khac,M-Tahar Kechadi

DOI: https://doi.org/10.48550/arXiv.1908.10229

2019-08-27

Abstract:Digital healthcare systems are very popular lately, as they provide a variety of helpful means to monitor people's health state as well as to protect people against an unexpected health situation. These systems contain a huge amount of personal information in a form of electronic health records that are not allowed to be disclosed to unauthorized users. Hence, health data and information need to be protected against attacks and thefts. In this paper, we propose a secure distributed architecture for healthcare data storage and analysis. It uses a novel security model to rigorously control permissions of accessing sensitive data in the system, as well as to protect the transmitted data between distributed system servers and nodes. The model also satisfies the NIST security requirements. Thorough experimental results show that the model is very promising.

Cryptography and Security,Computers and Society

Subhash Nerella,Ziyuan Guan,Scott Siegel,Jiaqing Zhang,Kia Khezeli,Azra Bihorac,Parisa Rashidi

2024-07-12

Abstract:The intensive care unit (ICU) is a specialized hospital space where critically ill patients receive intensive care and monitoring. Comprehensive monitoring is imperative in assessing patients conditions, in particular acuity, and ultimately the quality of care. However, the extent of patient monitoring in the ICU is limited due to time constraints and the workload on healthcare providers. Currently, visual assessments for acuity, including fine details such as facial expressions, posture, and mobility, are sporadically captured, or not captured at all. These manual observations are subjective to the individual, prone to documentation errors, and overburden care providers with the additional workload. Artificial Intelligence (AI) enabled systems has the potential to augment the patient visual monitoring and assessment due to their exceptional learning capabilities. Such systems require robust annotated data to train. To this end, we have developed pervasive sensing and data processing system which collects data from multiple modalities depth images, color RGB images, accelerometry, electromyography, sound pressure, and light levels in ICU for developing intelligent monitoring systems for continuous and granular acuity, delirium risk, pain, and mobility assessment. This paper presents the Intelligent Intensive Care Unit (I2CU) system architecture we developed for real-time patient monitoring and visual assessment.

Artificial Intelligence

Chinasa T. Okolo,Michelle González Amador

2023-10-14

Abstract:In healthcare, the role of AI is continually evolving, and understanding the challenges its introduction poses on relationships between healthcare providers and patients will require a regulatory and behavioral approach that can provide a guiding base for all users involved. In this paper, we present IAC (Informing, Assessment, and Consent), a framework for evaluating patient response to the introduction of AI-enabled digital technologies in healthcare settings. We justify the need for IAC with a general introduction of the challenges with and perceived relevance of AI in human-welfare-centered fields, with an emphasis on the provision of healthcare. The framework is composed of three core principles that guide how healthcare practitioners can inform patients about the use of AI in their healthcare, how practitioners can assess patients' acceptability and comfortability with the use of AI, and how patient consent can be gained after this process. We propose that the principles composing this framework can be translated into guidelines that improve practitioner-patient relationships and, concurrently, patient agency regarding the use of AI in healthcare while broadening the discourse on this topic.

Computers and Society,Human-Computer Interaction

Raza Nowrozy,Khandakar Ahmed,Hua Wang

DOI: https://doi.org/10.48550/arXiv.2403.08264

2024-03-13

Abstract:As digital healthcare evolves, the security of electronic health records (EHR) becomes increasingly crucial. This study presents the GPT-Onto-CAABAC framework, integrating Generative Pretrained Transformer (GPT), medical-legal ontologies and Context-Aware Attribute-Based Access Control (CAABAC) to enhance EHR access security. Unlike traditional models, GPT-Onto-CAABAC dynamically interprets policies and adapts to changing healthcare and legal environments, offering customized access control solutions. Through empirical evaluation, this framework is shown to be effective in improving EHR security by accurately aligning access decisions with complex regulatory and situational requirements. The findings suggest its broader applicability in sectors where access control must meet stringent compliance and adaptability standards.

Computers and Society,Artificial Intelligence,Cryptography and Security