This invention relates to a quantitative approach for consent management to confidential data. More specifically, the invention relates to access to patient medical records and employing analytical techniques to assist patient in making access control decisions.
Cloud computing is a model of service delivery for enabling convenient, on-demand network access to a shared pool of configurable computer resources, e.g. networks, network bandwidth, servers, processing, memory, storage, applications, virtual machines, and services, that can be rapidly provisioned and released with minimal management effort or interaction with a provider of service. One of the characteristics of cloud computing infrastructure is that applications can be launched from a plurality of locations and shared with multiple users. More specifically, the cloud computing infrastructure offers a collaboration system that may serve multiple clients from different organizations. Medical providers are starting to store and transmit patient medical records in electronic form, and in some embodiments to the shared pool of computer resources. Regional and nationwide health information exchange (HIE) systems are emerging within the cloud computing environment where patient medical records from different sources may be assessed in a centralized manner.
Although there is a convenience factor associated with the availability of patient medical records in the cloud computing environment, health information security is a concern. Specifically, abuse of data associated with patient medical records or security breaches on the system may lead to compromising patient privacy. As such, a security system must be employed within the system to ensure trust as health information technology systems become ubiquitous.