Skip to main content

Find us on

facebook youtube flickr twitter itunes u logo


Recent Talks

Harold Thimbleby




The Best Way to Improve Healthcare is to Improve Computers
Harold Thimbleby
Swansea University
April 23, 2015

Craig Shue




Managing User-Level Compromises in Enterprise Network
Craig Shue
Worcester Polytechnic Institute
March 31, 2015



Oct news 2015


ISTS Information Pamphlet



Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA

Access Control
Thread 1

Thread 1 Team Members

Effective use of healthcare IT requires that the right parties (such as clinicians, patients, and insurance adjusters) be able to access the information and computational resources they need, in a timely manner. However, because the information involved is sensitive and personal, healthcare enterprises need to manage this access carefully. Permitting inappropriate disclosure or modification of this data is socially irresponsible and possibly life threatening to patients – and also exposes the enterprises to legal, regulatory and economic repercussions. Besides the obvious internal risk of users having too much access (and abusing it) or too little (threatening patient care), we see many broader system-level risks: users may find the official IT system so unusable as to move their access and processing outside it (creating security, management, and reliability nightmares), or engage in behavior that defaults to all personnel having maximal access (also creating such nightmares).


The Thread 1 team has collaborated with clinical liaisons and a number of industry partners to advance their research.  Several publications are available through the TISH publications database (see the TISH homepage) and below:

Education and Outreach

  • Seminar at the University of Pennsylvania on "The Role of Humans in Information Security Decisions", January 26, 2012.
  • Course at Dartmouth College on "Misperception and Security: CS169", Winter Term 2012.
  • Seminar on the "State of the Art Authentication in Healthcare", May 25, 2010.
  • Invited panel at SPIMACS 2010, "Talking Across the Disciplines of Technology and Health" (moderated by Graduate Student Sara Sinclair)




The Thread 1 team is led by Professor Sean Smith (Computer Science).  Other team members have included Graduate Students Gabe Weaver and Rebecca Shapiro and Undergraduates Jack Bowman and Amy Zhang.

Last Updated: 1/15/14