Advanced tool kits for EPR security
暂无分享,去创建一个
Responding to the challenge for efficient and high quality health care, the shared care paradigm must be established in health. In that context, information systems such as electronic patient records (EPR) have to meet this paradigm supporting communication and interoperation between the health care establishments (HCE) and health professionals (HP) involved. Due to the sensitivity of personal medical information, this co-operation must be provided in a trustworthy way. To enable different views of HCE and HP ranging from management, doctors, nurses up to systems administrators and IT professionals, a set of models for analysis, design and implementation of secure distributed EPR has been developed and introduced. The approach is based on the popular UML methodology and the component paradigm for open, interoperable systems. Easy to use tool kits deal with both application security services and communication security services but also with the security infrastructure needed. Regarding the requirements for distributed multi-user EPRs, modelling and implementation of policy agreements, authorisation and access control are especially considered. Current developments for a security infrastructure in health care based on cryptographic algorithms as health professional cards (HPC), security services employing digital signatures, and health-related TTP services are discussed. CEN and ISO initiatives for health informatics standards in the context of secure and communicable EPR are especially mentioned.
[1] Bernd Blobel,et al. Security and Design Based on a General Conceptual Security Model and UML , 1999, HPCN Europe.
[2] Bernd Blobel. Application of the component paradigm for analysis and design of advanced health system architectures , 2000, Int. J. Medical Informatics.
[3] Hans-Erik Eriksson,et al. UML toolkit , 1997 .
[4] Bernd Blobel,et al. The Need and Practice of User Authentication and TTP Services in Distributed Health Information Systems , 2001, SEC.