A. Faxvaag, L. Røstad, I. A. Tøndel, A. R. Seim, and P. J. Toussaint, Visualizing patient trajectories on wall-mounted boards -information security challenges, MIE, ser. Studies in Health Technology and Informatics, pp.715-719, 2009.

E. A. Gjaere, I. A. Tøndel, M. B. Line, H. Andresen, and P. Toussaint, Personal health information on display: Balancing needs, usability and legislative requirements, MIE , ser. Studies in Health Technology and Informatics, 2011.

G. B. Shoemaker and K. M. Inkpen, Single display privacyware, Proceedings of the SIGCHI conference on Human factors in computing systems , CHI '01, pp.522-529, 2001.
DOI : 10.1145/365024.365349

P. Tarasewich and C. Campbell, What are you looking at, The first Symposium on Usable Privacy and Security, 2005.

A. Bullock and S. Benford, An access control framework for multi-user collaborative environments, Proceedings of the international ACM SIGGROUP conference on Supporting group work , GROUP '99, pp.140-149, 1999.
DOI : 10.1145/320297.320313

A. and A. Incits, American National Standard for Information Technology -Role Based Access Control, pp.359-2004

A. Appari and M. E. Johnson, Information security and privacy in healthcare: current state of research, International Journal of Internet and Enterprise Management, vol.6, issue.4, 2009.
DOI : 10.1504/IJIEM.2010.035624

A. Ferreira, R. Cruz-correira, L. Antunes, and D. Chadwick, Access control: how can it improve patients' healthcare?, Studies in Health Technology and Informatics, vol.127, pp.65-76, 2007.

L. Røstad and O. Edsberg, A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06), pp.175-186, 2006.
DOI : 10.1109/ACSAC.2006.8

J. Hu and A. Weaver, Dynamic, context-aware access control for distributed healthcare applications, Proceedings of the First Workshop on Pervasive Security , Privacy and Trust (PSPT), 2004.

M. Alam, M. Hafner, M. Memon, and P. Hung, Modeling and enforcing advanced access control policies in healthcare systems with SECTET, 1st International Workshop on Model-Based Trustworthy Health Informaton Systems (MOTHIS 07), 2007.

P. Cheng, P. Fohatgi, and C. Keser, Fuzzy mls: An experiment on quantified risk-adaptive access control, IBM Thomas J. Watson Research Center, 2007.

N. Dimmock, A. Belokosztolszki, D. Eyers, J. Bacon, and K. Moody, Using trust and risk in role-based access control policies, Proceedings of the ninth ACM symposium on Access control models and technologies , SACMAT '04, pp.156-162, 2004.
DOI : 10.1145/990036.990062

N. N. Diep, L. X. Hung, Y. Zhung, S. Lee, Y. Lee et al., Enforcing Access Control Using Risk Assessment, Fourth European Conference on Universal Multiservice Networks (ECUMN'07), pp.419-424, 2007.
DOI : 10.1109/ECUMN.2007.19

M. G. Jaatun and I. A. , Covering Your Assets in Software Engineering, 2008 Third International Conference on Availability, Reliability and Security, pp.1172-1179, 2008.
DOI : 10.1109/ARES.2008.8

L. W. Wienhofen and A. D. Landmark, Poster: Representing events in a clinical environment -a case study, The 5th ACM International Conference on Distributed Event-Based Systems, 2011.

J. Fernando and L. Dawson, The health information system security threat lifecycle: An informatics theory, International Journal of Medical Informatics, vol.78, issue.12, pp.815-826, 2009.
DOI : 10.1016/j.ijmedinf.2009.08.006

E. Vaast, Danger is in the eye of the beholders: Social representations of Information Systems security in healthcare, The Journal of Strategic Information Systems, vol.16, issue.2, pp.130-152, 2007.
DOI : 10.1016/j.jsis.2007.05.003