Publications

HL7

• M. Jafari, et. al., Consent at Scale, August 20, 2023.
• M. Jafari, K. Connor, et. al., An Interoperable Architecture for Security Labeling Rules – Based on CQL and FHIR Clinical Reasoning Module, September 22, 2021.
• M. Jafari, K. Connor, et. al., Security Labeling Service: Notes on Implementation, Mar. 18, 2021.
• M. Jafari, K. Connor, et. al., Security and Privacy Requirements for Sub-Resource Access in FHIR, Mar. 9, 2020.
• M. Jafari, K. Connor, et. al., Security and Privacy Issues in FHIR Subscription, Dec. 2019.
• M. Jafari, K. Connor, et. al., Privacy-Aware Bulk Data Transfer Demonstration, Jul. 2019.
• M. Jafari, K. Connor, et. al., Bulk Data Transfer Privacy Requirements, Jun. 2019.
• M. Jafari, K. Connor, et. al., Report on Trust Framework Technical Requirements for OAuth 2.0, Mar. 2019.
• M. Jafari, K. Connor, Privacy-Preserving Authorization Service, Jan. 2018.
• M. Jafari, K. Connor, Cascaded Authorization Service, Jan. 2018.
• M. Jafari, K. Connor, et. al., FHIR Consent Management Using UMA/OAuth 2.0, Nov. 2017.

Academic Publications

For the list of citations and alternative links to the papers, see my Google Scholar profile.

Consent and Data Segmentation

• M. Eluru, D. H. Mendoza, A. Wong, M. Jafari, et. al., Physicians’ Perspectives on HL7 Information Policy Sensitive Value Set: A Validation Study through Health Concept Categorization, Healthcare 2023, 11(21), Oct. 2023.

• A. Voronov, M. Jafari, L. Zhao, et. al. Pediatric Consent on FHIR, Applied Clinical Informatics, Mar. 2024.

Purpsose of Use

• M. Jafari, P. W. L. Fong, R. Safavi-Naini, K. Barker, A Framework for Expressing and Enforcing Purpose-Based Privacy Policies, ACM Transactions on Information and System Security (TISSEC) 17 (1), 3.
• M. Jafari, P. W. L. Fong, R. Safavi-Naini, K. Barker, A Framework for Expressing and Enforcing Purpose-Based Privacy Policies, Technical Report 2013-1037-04, Department of Computer Science, University of Calgary, 66 pages, Jan. 2013.
• M. Jafari, P. W. L. Fong, R. Safavi-Naini, K. Barker, and N. P. Sheppard, Towards Defining Semantic Foundations for Purpose-Based Privacy Policies, In CODASPY’11: Proceedings of the First ACM Conference on Data and Application Security and Privacy, San Antonio, Taxas, USA, Feb. 2011.
• M. Jafari, R. Safavi-Naini, N. P. Sheppard, Enforcing Purpose of Use via Workflows, In WPES’09: Proceedings of the 8th ACM Workshop on Privacy in the Electronic Society, Chicago, IL, USA, Nov. 2009, pp. 113-116.

Digital Rights Management for Health Information

• M. Jafari, R. Safavi-Naini, N. P. Sheppard, A Rights Management Approach to Protection of Privacy in a Cloud of Electronic Health Records, In ACM-DRM’11: Proceedings of the 11th ACM Workshop on Digital Rights Management, Chicago, IL, US, Oct. 2011.
• M. Jafari, R. Safavi-Naini, C. Saunders, N. P. Sheppard, Using Digital Rights Management for Securing Data in a Medical Research Environment, In ACM-DRM’10: Proceedings of the 10th ACM Workshop on Digital Rights Management, Chicago, IL, US, Oct. 2010.
• M. Jafari, R. Safavi-Naini, C. Saunders, N. P. Sheppard, Securing Medical Research Data with a Rights Management System, In HealthSec’10: 1st USENIX Workshop on Health Security and Privacy, 2-page short paper, Washington, DC, US, Aug. 2010.
• N. P. Sheppard, R. Safavi-Naini, M. Jafari, A Digital Rights Management Model for Healthcare, In POLICY’09: Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, pp. 106-109, London, UK, Jul. 2009.
• N. P. Sheppard, R. Safavi-Naini, M. Jafari, A Secure Electronic Healthcare Record Infrastructure in the Digital Rights Management Model, Technical Report 2009-939-18, Department of Computer Science, University of Calgary, 68 pages, Mar. 2009.