e-Health applications enable one to acquire, process, and share patient medical data to improve diagnosis, treatment, and patient monitoring. Despite the undeniable benefits brought by the digitization of health systems, the transmission of and access to medical information raises critical issues, mainly related to security and privacy. While several security mechanisms exist that can be applied in an e-Health system, they may not be adequate due to the complexity of involved workflows, and to the possible inherent correlation among health-related concepts that may be exploited by unauthorized subjects. In this article, we propose a novel methodology for the validation of security and privacy policies in a complex e-Health system, that leverages a formal description of clinical workflows and a semantically enriched definition of the data model used by the workflows, in order to build a comprehensive model of the system that can be analyzed with automated model checking and ontology-based reasoning techniques. To validate the proposed methodology, we applied it to two case studies, subjected to the directives of the EU GDPR regulation for the protection of health data, and demonstrated its ability to correctly verify the fulfillment of desired policies in different scenarios.

中文翻译：

---

电子卫生系统的安全和隐私验证方法

电子健康应用程序使人们能够获取、处理和共享患者医疗数据，以改进诊断、治疗和患者监测。尽管医疗系统的数字化带来了不可否认的好处，但医疗信息的传输和访问引发了主要与安全和隐私相关的关键问题。虽然存在多种可应用于电子卫生系统的安全机制，但由于所涉及的工作流程的复杂性以及可能被未经授权的受试者利用的健康相关概念之间可能存在的内在关联，它们可能还不够。在本文中，我们提出了一种新方法，用于验证复杂电子医疗系统中的安全和隐私政策，它利用临床工作流程的正式描述和工作流程使用的数据模型的语义丰富定义，以构建系统的综合模型，该模型可以通过自动模型检查和基于本体的推理技术进行分析。为了验证所提出的方法，我们将其应用于两个案例研究，遵守欧盟 GDPR 法规关于保护健康数据的指令，并展示了其在不同情况下正确验证所需政策执行情况的能力。