Acces-control authorization model for Health Information System (HIS) in Brazil


  • Marcelo Antonio de Carvalho Junior Unifesp
  • Paulo Bandiera-Paiva Unifesp


Information systems, Information security, Gatekeeping, Standards


Objective: To report access-control implementations for authorization management in Health Information Systems (HIS) using opinion polls. Method: The selected target audience was Brazilian Society of Health Informatics (SBIS) members or participants in interest groups promoted by this association, totaling 1400 respondents. A 12 questions online survey was conducted using the REDCap tool, during the period of 30 days. Results: A total of 134 valid responses were collected. Most HIS currently implement RBAC, 82.7% report that this access-control model meets current demand, 23.8% stated that they did not adhere to the model recommended by the SBIS certification manual in version 4, 6.9%, 17.2% and 17.2% of the HIS’ developers respondents declared future intention to use this model in the short, medium and long term, respectively and 17.9% stated intention to change to hybrid models with RBAC or extensions. Conclusion: The conducted survey shows Brazilian HIS current implementations of access-control and future expectations.

Biografia do Autor

Marcelo Antonio de Carvalho Junior, Unifesp

DIS - Unifesp




Como Citar

Carvalho Junior, M. A. de, & Bandiera-Paiva, P. (2018). Acces-control authorization model for Health Information System (HIS) in Brazil. Journal of Health Informatics, 10(3). Recuperado de



Artigo Original

Artigos Semelhantes

1 2 3 4 > >> 

Você também pode iniciar uma pesquisa avançada por similaridade para este artigo.