Towards a cross-context identity management framework in e-health

Purpose – Modern e‐health systems incorporate different healthcare providers in one system and provide an electronic platform to share medical information efficiently. In cross‐context communications between healthcare providers, the same information can be interpreted as different types or values, so that one patient will be issued different identifiers by different healthcare providers. This paper aims to provide a solution to ensure interoperability so that multiple healthcare providers will be able to collaborate in one e‐health system.Design/methodology/approach – This paper primarily focuses on how different healthcare providers, instead of the patients, are able to interact and share information on a common e‐health platform.Findings – In the course of the work, it was found that previous e‐health solutions mainly have a limited view of patient information, where a user‐centric approach for identity management is usually restricted to a single healthcare provider. Interoperability in an e‐health sy...

[1]  Scott Cantor,et al.  Shibboleth Architecture Technical Overview , 2005 .

[2]  A. Jøsang,et al.  User Centric Identity Management , 2005 .

[3]  Ronald Leenes,et al.  FIDIS - the Future of IDentity in the Information Society , 2006 .

[4]  Wouter Joosen,et al.  Hardening XDS-Based Architectures , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[5]  Fareed Bashir,et al.  European Convention on Human Rights , 2003 .

[6]  L. Peyton,et al.  Addressing Privacy in a Federated Identity Management Network for EHealth , 2007, Eighth World Congress on the Management of eBusiness (WCMeB 2007).

[7]  Luigi Lo Iacono Multi-centric Universal Pseudonymisation for Secondary Use of the EHR , 2007, HealthGrid.

[8]  Peter R. Croll,et al.  Consumer-Centric and Privacy-Preserving Identity Management for Distributed E-Health Systems , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[9]  Herbert Burkert,et al.  Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. , 1996 .

[10]  K. Pommerening,et al.  Secondary use of the EHR via pseudonymisation. , 2004, Studies in health technology and informatics.

[11]  HIPAA administrative simplification: enforcement. Final rule. , 2006, Federal register.

[12]  Eliot L. Siegel,et al.  Integrating the Healthcare Enterprise: A Primer , 2001 .

[13]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[14]  Wei-hua Yao,et al.  [Integrating the healthcare enterprise: an overview]. , 2003, Di 1 jun yi da xue xue bao = Academic journal of the first medical college of PLA.