Abstract
The healthcare systems in all developed countries are changing to labour-shared structures as Shared Care. Such structures require an extended communication and co-operation. Medical information systems integrated into the care processes must be able to support that communication and co-operation adequately, representing an active and distributed Electronic Health Record (EHR) system. Distributed health record systems must meet high demands for data protection and data security, which concern integrity, availability, confidentiality including access management, and accountability. Communication and cooperation in information systems can be provided by middleware architectures. For the different middleware architectures used in healthcare as EDI (HL7, EDIFACT), CORBA or DHE, the architectural principles and security solutions are shortly described in the paper. Supporting open information systems, these security solutions are independent of applications and transparent to the user. For trusted communication and cooperation, application-related and user-related security mechanisms are required. Such mechanisms have to fulfil the security policy of the application domain. They are using the basic security mechanisms of the underlying communication- and cooperation-supporting systems.
The discussed policy, threats, and countermeasures are referred to the first German regional distributed medical record, which is developed and step by step refined in the Clinical Cancer Registry Magdeburg/Saxony-Anhalt.
Chapter PDF
Similar content being viewed by others
References
Arbeitskreis (1996) „Health Professional Card“ der Arbeitsgemeinschaft „Karten im Gesundheitswesen”: Deutscher Modellversuch „Health Professional Card (HPC) “, Göttingen, Stand Oktober 1996.
Blobel, B. (1996a) Konzeption für Telematikanwendungen im Gesundheitswesen sowie für ältere und behinderte Menschen. Telematik-Initiative des Landes Sachsen-Anhalt. Magdeburg, 19. Februar 1996.
Blobel, B. (1996b) Clinical Record Systems in Oncology. Experiences and Developments on Cancer Registers in Eastern Germany, in Preproceedings of the International Workshop “Personal Information - Security, Engineering and Ethics” pp 37–54
Cambridge, 21–22 June, 1996 (announced in LNCS, Spinger-Verlag).
Blobel, B. (1996c) A Regional Clinical Cancer Documentation System for an Optimal Shared Health Care in Cancer, in Medical Informatics Europe ‘86 (edrs. J. Brender, J.P. Christensen, J.-R. Scherrer, P. McNair), pp 1019–1026. IOS Press, Amsterdam.
Blobel, B. (1997) An Object-oriented Security Approach Involving HL7, CORBAmed, and DHE Standards, in Preceedings of the Conference „Toward An Electronic Patient Record `97“, Nasville, April 26 - May 3, 1997 (submitted).
Blobel, B., Bleumer, G., Müller, A., Flikkenschild, E., and Ottes, F. (1996) Current Security Issues Faced by Health Care Establishments. Deliverable of the HC1028 Telematics Project ISHTAR, October 1996.
Blobel, B. and Holena, M. (1996) Advanced Healthcare System Architecture Using Middleware Concepts - A Comparative Study. Deliverable of the HC 1019 Telematics Project HANSA, July 1996.
Council of Europe (1995) EU Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data. Strassbourg.
HANSA Consortium (1996) Middleware Approaches in Healthcare. A Presentation for the Healthcare Management ( Draft ). August 1996.
OMG (1995) The CORBA Security Specification. OMG Doc.No. 95–12–01.
The SEISMED Consortium (edr.) (1996) Data Security for Health Care, Volume I - I II. IOS Press, Amsterdam.
TRUSTHEALTH1 (1996a) Selection of Security Services and Interfaces (Version 1.0). 1996–07–29.
TRUSTHEALTH1 (1996b) Functional Specification of TTP Services (Version 0.6). 199607–29.
Varadharajan, V. and Hardjono, T. (1996) Security Model for Distributed Object Framework and its Applicability to CORBA, in Information Systems Security (eds. Katsikas, S.K., and Gritzalis, D. ), pp. 452–463, Chapman & Hall, London.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Blobel, B. (1997). Security requirements and solutions in distributed Electronic Health Records. In: Yngström, L., Carlsen, J. (eds) Information Security in Research and Business. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35259-6_31
Download citation
DOI: https://doi.org/10.1007/978-0-387-35259-6_31
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5481-0
Online ISBN: 978-0-387-35259-6
eBook Packages: Springer Book Archive