Volume 11, Number 2/3

Authorization Framework for Medical Data

  Authors

Geetha Madadevaiah1, RV Prasad1, Amogh Hiremath1, Michel Dumontier2, Andre Dekker3, 1Philips Research, India, 2Maastricht University, The Netherlands and 3Maastricht University Medical Centre+, The Netherlands

  Abstract

In this paper, the authors describe an approach for sharing sensitive medical data with the consent of the data owner. The framework builds on the advantages of the Semantic Web technologies and makes it secure and robust for sharing sensitive information in a controlled environment. The framework uses a combination of Role-Based and Rule-Based Access Policies to provide security to a medical data repository as per the FAIR guidelines. A lightweight ontologywas developed, to collect consent from the users indicating which part of their data they want to share with another user having a particular role. Here, the authors have considered the scenario of sharing the medical data by the owner of data, say the patient, with relevant persons such as physicians, researchers, pharmacist, etc. To prove this concept, the authors developed a prototype and validated using the Sesame OpenRDF Workbench with 202,908 triples and a consent graph stating consents per patient.

  Keywords

Access Policies, Semantic Web, RDF/SPARQL, Role Based, Rule Based, FAIR, Consent