Title: Security Modeling for Protecting Electronic Patients’ Consent

Issue Number: Vol. 8, No. 2
Year of Publication: Jun - 2019
Page Numbers: 152-165
Authors: Kosmas Kapis, Emmanuel Damas
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong


The adoption of Health Information System (HIS) has emerged as a significant element in the healthcare domain. HIS comprises of Electronic Patient Records (EPR) whose confidentiality is crucial. Patients' consent to EPR access is needed for patients' privacy to be achieved. Research studies have been conducted on Consent Management System (CMS) adoption and integration with HIS as the way to manage EPR access in HIS. However, majority of them provides inadequate security mechanisms to protect the patients’ consent. Attackers could launch attacks such as tampering, repudiation and information disclosure attacks against patients’ consent. These threats could eradicate the relevance f patents’ consent in protecting patient’s privacy. Better security mechanisms should be adopted in order to improve security state of patients’ consent. This study has developed a security model to protect patients’ consent. The developed model has improved patients’ consent security significantly compared to other studies in the reviewed literature.