Enhancing security and improving interoperability in healthcare information systems.

Security is a key issue in healthcare information systems, since most aspects of security become of considerable or even critical importance when handling healthcare information. In addition, the intense need for information exchange has revealed interoperability of systems and applications as another key issue. Standardization can play an important role towards both these issues. In this paper, relevant standardization activities are briefly presented, and existing and emerging healthcare information security standards are identified and critically analysed. The analysis is based on a framework which has been developed for this reason. Therefore, the identification of gaps and inconsistencies in current standardization, the description of the conflicts of standards with legislation, and the analysis of implications of these standards to user organizations, are the main results of this paper.

[1]  S. M. Shah,et al.  Information technology and health care. , 1998, JPMA. The Journal of the Pakistan Medical Association.

[2]  Dimitris Gritzalis,et al.  High Level Security Policy Guidelines , 1996, Data Security for Health Care.

[3]  Thomas C. Rindfleisch,et al.  Privacy, information technology, and health care , 1997, CACM.

[4]  Panagiotis Georgiadis,et al.  Security profile for interconnected open distributed systems with varying vulnerability , 1996, SEC.

[5]  Ted Humphreys Security Standards for Medical Information Systems , 1996, Towards Security in Medical Telematics.