Fine Grained Access Security Module for DentISt: Dental Information System (DentISt) 3.0

Abstract

DentISt 3.0 is the third version of the electronic patient record of UPCD. Compare to earlier version, the new one no longer uses OpenMRS as its EMR engine thus fixing the compatibility issues that was seen in the earlier version and give a more student-teacher approach.

As security in a system is one of the main concerns in converting from paper-based to electronic-based; DentISt has one module concerning the fine-grained access control of the system. To strengthen the access control, the usual placement of the access control in the application layer is change to the database layer and also using some HIPAA policies for sensitive data. Having the access control in the database layer helps us to have a multi-user database login and the use of stored procedure to avoid SQL injection. Some policies also provide us to provide three important security features - data integrity, confidentiality and availability, and audit trail of the system.