Implementing Role-Based Access Control for Healthcare Data using SharePoint
DOI:
https://doi.org/10.15662/IJEETR.2023.0502010Keywords:
Role-Based Access Control, Healthcare Data, SharePoint, Data Security, Access Control Framework, HIPAA Compliance, Healthcare ITAbstract
The increased need to have secure and efficient data management in the healthcare has resulted in the use of Role-Based Access Control (RBAC) systems that control access of sensitive information according to the role of the user. The given research is devoted to the implementation of the RBAC system in healthcare data management on the basis of the SharePoint platform that is highly popular in document management and collaboration. The paper details the creation and creation of a powerful access control system, which suits healthcare institutions, considering that it complies with strict privacy laws, including HIPAA. These frameworks involve user authentication, role assigning and data access controls that are incorporated into the SharePoint environment to establish access controls that will be based on defined user roles. The paper goes on to address the issues and best practices when implementing this system including the definition of roles and permissions, dynamic user groups and system scalability. The case study is offered to illustrate how the framework has been effective in a healthcare environment, and how it enhances data safety, efficiency, and compliance with regulations. The study provides the audience with the prospects of SharePoint as an elastic and scalable software to handle healthcare information and provide a secure access control system. The next step in work will be the optimization of the framework to cover the new challenges of healthcare data management
References
[1] Microsoft, "Authorization, Users, Groups & RBAC in SharePoint," Microsoft Learn, [Online]. Available: https://learn.microsoft.com/en-us/sharepoint/dev/general-development/authorization-users-groups-and-the-object-model-in-sharepoint.
[2] M. R. SharePoint, "Role-Based Access Control in SharePoint Online," [Online]. Available: https://www.mrsharepoint.com/role-based-access-control/.
[3] Reco.ai, "SharePoint Security Best Practices for Data Protection," [Online]. Available: https://www.reco.ai/hub/sharepoint-security-best-practices.
[4] M. D. P. I. (MDPI), "Enhancing Healthcare Security: Unified RBAC/ABAC Model," MDPI, vol. 17, no. 6, p. 262, 2021. [Online]. Available: https://www.mdpi.com/1999-5903/17/6/262.
[5] HealthManagement.org, "Ensuring Secure Access to Health Data with Role-Based Access Controls," HealthManagement.org, [Online]. Available: https://healthmanagement.org/c/cybersecurity/News/ensuring-secure-access-to-health-data-with-role-based-access-controls.
[6] M365Corner, "What is Role-Based Access Control in Microsoft 365?" [Online]. Available: https://m365corner.com/m365-glossary/role-based-access-control.html.
[7] Cabot Solutions, "RBAC for Secure Healthcare SaaS Applications," Cabot Solutions, [Online]. Available: https://www.cabotsolutions.com/blog/role-based-access-control-rbac-for-secure-healthcare-saas-applications.
[8] Enter.Health, "Role-Based Access Control in Healthcare RCM," Enter.Health, [Online]. Available: https://www.enter.health/post/role-based-access-control-healthcare-rcm.
