中文摘要：

通过对医院病人的就诊、检查、治疗、护理、收费等流程步骤进行综合分析,并结合医院工作人员职务、业务范围和工作性质,将系统管理层次分为五级,分别为院长、副院长、科室主任、医疗工作人员和护理工作人员,同时采用权限与编码映射的方法,将权限、角色和用户间的对应关系通过编码表现出来,即通过编码可以直接判断用户是否具有某种权限,实现了RBAC（the role-based access control基于角色访问控制）模型的、权限明确的、高效的且具有良好扩展性的医疗信息权限分配系统.

英文摘要：

By the comprehensive analysis of the process steps of the visit,diagnosis,treatment,care and fees,and combined with hospital staff＇s positions,business scope and nature of work,the users of the management system are divided into five levels,which are president,vice president,department director,medical staff and nursing staff.Using the mapping code with permission method,the corresponding relationships among privileges,roles,and users are shown by the code,in other words,using the code to determine directly whether the user can have some rights.So,the privilege-clear,efficient,and extendable medical information privilege distribution system based on RBAC（the role-based access control）model was implemented.