In our system, the access request has simply two tuples <Access-Purpose; Action>
- Access-Purpose: The data requestor’s purpose of using the data
- Action: The activity on the data. Examples are Copy, Read, etc., having access privilege levels the same as in the patient consent.
|
Whether a data access is allowed or not depends on the relationship between requestor’s Access Purpose (AP) and Intended- Purpose in the patient consent. The following is basic compliance rule to which access request is subject.
- If AP is included in Prohibited Descendant Purposes (PDP), the access request is rejected at all, i.e., AP ∉ PDP
- Any of consent, which has Allowed Intended-Purposes (AIP) that is ancestor of AP, allows the access requests excluding PDP in the AIP, i.e. AP ∈ AIP and AP ∉ PDP ⊂ AIP
|