How to stop reinventing role based access control (RBAC) in medical/clinical apps

How to stop reinventing role based access control (RBAC) in medical/clinical apps

Every useful medical and clinical application has security requirements and most programmers end up implementing some sort of Role-Based Access Control (RBAC). Every couple of months I’m called in to do a code review or architecture assessment for the security components and it surprises me that everyone keeps reinventing the wheel when there is good thought leadership in the area. If you’re writing secured applications and you need help with role based access control, please do yourself and your programmers a favor and review the NIST Role-based Access Control research materials and standards guidelines. The documents are not healthcare-specific but they are healthcare-applicable for sure.

Role-Based Access Control

Oh, and buy the book, too.

Shahid N. Shah

Shahid N. Shah

Shahid Shah is an internationally recognized enterprise software guru that specializes in digital health with an emphasis on e-health, EHR/EMR, big data, iOT, data interoperability, med device connectivity, and bioinformatics.


Will at The Candid CIO wrote a great article today: “This is no way to run a project”. Having been in my share of demos that have no defined purpose or evaluation criteria I had a great chuckle.

Did you find this useful?

Medigy Innovation Network

Connecting innovation decision makers to authoritative information, institutions, people and insights.

Medigy Logo

The latest News, Insights & Events

Medigy accurately delivers healthcare and technology information, news and insight from around the world.

The best products, services & solutions

Medigy surfaces the world's best crowdsourced health tech offerings with social interactions and peer reviews.


© 2023 Netspective Media LLC. All Rights Reserved.

Built on Jan 17, 2023 at 9:26am