Role-based access

From Clinfowiki
Jump to: navigation, search

Role-based Access (also role-based access control (RBAC)), is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. Role-based access is one way organizations can limit access to confidential health information as required by Health Insurance Portability and Accountability Act (HIPAA). Role-based access allows a user to view, create, or modify data based on defined competencies, authority, or responsibilities within an organization. If roles are properly defined, users should be able to perform all necessary functions of their job. Roles should not be defined rigidly, for example assigning security by credentials instead of job description, as this limits accessibility and, therefore, job performance. (2) An example of this would be a nurse who is an Informatics Resource Nurse (IRN). Limiting the role-based access to "nurse" would significantly impair the IRNs ability to access information and assist employees at all levels of the organization.

Role-based Access permits specific access according to a users role as defined by their particular role description or group. For example, a nurse access to a patients medical record would include all that is needed for the nurse to care for the patients such as medication administration. A nurse tech would have a different access for their role that would not include the medication administration module of the record. The nurse administers medications and the nurse tech does not, therefore, she would not have access to that.


It was described by Ferraiolo, Gugini, and Kuhn in 1995(1), to ensure access assigned by roles. In such a lattice framework, each user new to the system is assigned a generic role, to which is assigned certain access to the system. For example, an individual assigned in an electronic health record as a pharmacist can view medications, alerts, dispense medications, but cannot prescribe. Such assigned user roles can change when appropriate.

For example, when an individual moves from the status of a medical student to a physician, his user category is re-assigned, and he can then prescribe medications without a co-signature. In many electronic medical records applications, the category physician is allowed to view and chart on any patient, not just his own, in order to allow emergency access. This obviously must be combined with a robust monitoring system to ensure that physicians are not accessing records to which they have no justifiable reason to access, i.e. a treating relationship.


  1. Ferraiolo DF, Dugini JA, Tuhn DR. Role-Based Access Control (RBAC): Features and Motivations. Proceedings of the 11th Annual Computer Security Applications Conference, New Orleans, December 11-15, 1995, pp. 241-48.