{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,22]],"date-time":"2025-02-22T05:34:59Z","timestamp":1740202499292,"version":"3.37.3"},"reference-count":0,"publisher":"IOS Press","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"abstract":"<jats:p>Translating legislation and regulations into access control systems in healthcare is, in practice, not a straightforward task. Excessive regulation can create barriers to appropriate patient treatment. The main objective of this paper is to present a new methodology that can define, from legislation to practice, an access control policy as well as a RBAC model, in order to comprise generic legislation and regulation issues together with the access control needs from the ends users of a healthcare information system. The methodology includes the use of document analysis as well as grounded theory and mixed methods research. This methodology can be easily applied within a healthcare practice or any other domain with similar requirements. It helps to bridge the gap between legislation and end users' needs, while integrating information security into the healthcare processes in a more meaningful way.<\/jats:p>","DOI":"10.3233\/978-1-60750-588-4-666","type":"book-chapter","created":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T15:26:30Z","timestamp":1740151590000},"source":"Crossref","is-referenced-by-count":0,"title":["Access Control in Healthcare: the methodology from legislation to practice"],"prefix":"10.3233","author":[{"family":"Ferreira Ana","sequence":"additional","affiliation":[]},{"family":"Correia Ricardo","sequence":"additional","affiliation":[]},{"family":"Chadwick David","sequence":"additional","affiliation":[]},{"family":"Antunes Luis","sequence":"additional","affiliation":[]}],"member":"7437","container-title":["Studies in Health Technology and Informatics","MEDINFO 2010"],"original-title":[],"deposited":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T16:15:53Z","timestamp":1740154553000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.medra.org\/servlet\/aliasResolver?alias=iospressISSNISBN&issn=0926-9630&volume=160&spage=666"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"references-count":0,"URL":"https:\/\/doi.org\/10.3233\/978-1-60750-588-4-666","relation":{},"ISSN":["0926-9630"],"issn-type":[{"value":"0926-9630","type":"print"}],"subject":[],"published":{"date-parts":[[2010]]}}}