Clinical decision support systems – Diagnostic and prognostic attribute-based access control in acute care
Συστήματα υποστήριξης κλινικών αποφάσεων – Διαγνωστικός και προγνωστικός μηχανισμός ελέγχου έκτακτης πρόσβασης προσωπικών κλινικών δεδομένων

Doctoral Thesis
Author
Psarra, Evgenia
Ψαρρά, Ευγενία
Date
2023-07View/ Open
Keywords
Attribute-based access control ; Healthcare data security ; Cloud ; Context-aware security policies ; Context-aware services ; Decision making ; Electronic health records ; Emergency services ; Fuzzy logic ; Health information management ; Medical diagnosis ; Medical information systems ; Acute care ; Data privacy ; Cloud storage ; Context handling ; Complex fuzzy rules ; Personalized access control ; Descriptive analytics ; Descriptive synthesis ; Body mass index ; Blood pressure ; Smoking ; Hypertension ; Sequential health data ; Health records ; Long short term memory ; Machine learning ; Neural networks ; Medical diagnosis ; Medical prognosis ; Private and permissioned blockchain ; Hyperledger fabric blockchain technology ; Smart contacts ; Personalized policies ; Proactive access control ; Artificial neural networksAbstract
A Clinical Decision Support System (CDSS) is a health information technology, which provides clinicians and staff, with patients person-specific information, intelligently filtered or presented at appropriate times, to enhance healthcare. CDSSs constitute a major topic in artificial intelligence in medicine. In addition, the demand of robust means to control access to healthcare data is constantly growing as an increasing number of healthcare services are provided electronically. In critical situations where the patient’s life is in danger, several subjects participating in emergency services should be entitled to retrieve critical data concerning the patients’ Electronic Health Records (EHRs).
The focus of the current research is:
i) Τo enhance the ABAC paradigm with advanced and personalized context handlers. Therefore, this Ph.D. dissertation extends the aforementioned work with respect to the integration of fuzzy rules concerning patients’ health metrics to an ABAC mechanism that grants access to EHRs by introducing personalized context handlers that can better cope with emergency situations. More precisely, this work aims firstly at finding possible conjunctive combinations of health metrics that result in the consideration of critical conditions (e.g., hypertension) during the access control process, and secondly, at forming complex fuzzy rules that can realistically assess critical situations. Additionally, our objective is to evaluate this approach by using a web application and compare it with the existing simpler implementations studied in this dissertation.
ii) To develop and apply machine learning techniques, based on patients’ health metrics and integrate them with an ABAC paradigm. This mechanism can grant access to a sensitive EHRs system by applying personalized machine learning-based context handlers in which raw contextual information e.g., data from IoT devices, can be used in order to identify acute care conditions and grant access to sensitive medical information. More specifically, this approach uses the patient’s health history in order to predict the health metrics of the next couple of hours by implementing Long Short Term Memory (LSTM) Neural Networks (NNs). The prognosed health metrics’ values are to be evaluated by the dissertation’s personalized fuzzy context handlers, so as to estimate the criticality of the health condition of patient. Additionally, our objective is to develop a sufficient web application so as to evaluate this approach and compare with different ones of this current dissertation.
iii) Finally, to enable proactivity, we apply LSTM NNs that utilize patient’s recent health history to prognose the next two-hour health metrics values. Fuzzy logic is used to evaluate the severity of the patient’s health state. These techniques are incorporated in a private and permissioned Hyperledger-Fabric blockchain network, capable of securing patient’s sensitive information in the blockchain network. Overall, integrating this predictive mechanism within the blockchain network proved to be a robust tool to enhance the performance of the access control mechanism. Furthermore, our blockchain network can record the history of who and when had access to a specific patient’s sensitive EHRs, guaranteeing the integrity and security of the data. Our proposed mechanism informs proactively the emergency team about patients’ critical situations by combining fuzzy and predictive techniques, and it exploits the distributed data of the blockchain network, guaranteeing the integrity and security of the data, and enhancing the users’ trust to the mechanism.
iv) Last but not least, this dissertation leverages neural network-based context handlers for achieving diagnostic control in sensitive health information, and for estimating patients’ diseases, such hypertension or cerebrovascular diseases, based on their health metrics.