PCASSO: Vanguard in Patient Empowerment

  • Dixie B. Baker
  • Daniel Masys
Part of the Health Informatics book series (HI)


In 1996 the National Library of Medicine (NLM) funded a research project called Patient Centered Access to Secure Systems Online (PCASSO), which was proposed by Science Applications International Corporation (SAIC) in collaboration with the University of California, San Diego (UCSD). The project was designed to apply state-of-the-art security to the communication of clinical information over the Internet. At the project’s inception, several prototype Web-based clinical information systems existed,1–5 but all were explicitly designed for the benefit of health professionals—to enable them to view patient information stored on an enterprise server protected by a “firewall.” Further, most early Internet experiments simply attempted to duplicate existing care models and lines of communication using the new medium. The concept of enabling patients to view their own complete medical record over the Internet was considered by the liberal-minded as radical and by the traditionalists as completely insane. PCASSO was conceived with the premise that the full potential of the ubiquitous Internet lies in its potential to enable new channels of communication between providers and patients, and to empower patients with the knowledge they need to participate actively in their own care.


Health Information Primary Care Provider Patient Empowerment User Authentication Strategy Complete Medical Record 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Cimino JJ, Socratous S, Clayton PD. Internet as clinical information system: application development using the World Wide Web. J Am Med Informatics Assoc 1995; 2 (5): 273–283.CrossRefGoogle Scholar
  2. 2.
    Chute CC, Crowson DL, Buntrock JD. Medical information retrieval and WWW browsers at Mayo. In: Gardner RM, ed. Proceedings of the 1995 annual symposium on computer applications in medical care, New Orleans, November 1995. 903–907.Google Scholar
  3. 3.
    Jagannathan V,Reddy YV, et al. An overview of the CERC ARTEMIS project. In: Gardner RM, ed. Proceedings of the 1995 annual symposium on computer applications in medical care, New Orleans, November 1995. I2–16.Google Scholar
  4. 4.
    Kahn CE, Bell DS. WebSTAR: platform-independent structured reporting using World-Wide Web technology. In: Hripcsak G, ed. Proceedings of the 1995 spring congress of AMIA, Boston, MA, June 1995. 86.Google Scholar
  5. Masys DR, Baker DB. Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web. J Am Med Informatics Assoc 1997; 4 (Fall Symposium Suppl): 340–343.CrossRefGoogle Scholar
  6. 6.
    Baker DB. PCASSO: ensuring patient confidentiality on the Internet. Presented at the Fourth International Multimedia to the Home Conference: Building on Bandwidth, Saskatoon, Saskatchewan, Canada, August 20, 1999.Google Scholar
  7. 7.
    New Zealand Health Information Services, “Health Links,” links.html, 2002.Google Scholar
  8. 8.
    Baker DB, Masys DR. PCASSO: a design for secure communication of personal health information via the Internet. Int J Med Informatics 1999; 54: 97–104.CrossRefGoogle Scholar
  9. 9.
    Borzo G. PCASSO with a mouse., October 13, 1997, http:// 2002.Google Scholar
  10. 10.
    Tsai CC, Starren J. Patient participation in electronic medical records. Medical Student JAMA 2001;285:1765. Accessible online at 1 3/jms0404012.htm#5.Google Scholar
  11. 11.
    Masys DR, Baker DB, Barnhart R, Buss T. PCASSO: a secure architecture for access to clinical data via the Internet. In: Proceedings of the MEDINFO ‘88, International Medical Informatics Association, August 1998.Google Scholar
  12. 12.
    Baker D, Barnhart R, Buss T. PCASSO: applying and extending state-of-the-art security in the healthcare domain. In: Proceedings of the Annual Computer Security Applications Conference, San Diego, CA, December 1997.Google Scholar
  13. 13.
    Masys DR, Baker DB. Protecting clinical data on Web client computers: the PCASSO approach. J Am Med Informatics Assoc 1998; 5 (Fall Symposium Suppl): 366–370.CrossRefGoogle Scholar
  14. 14.
    Baker DB, Masys DR, Jones RL, Barnhart RM. Assurance: the power behind PCASSO security. J Am Med Informatics Assoc 1999;6(Fall Symposium Suppl):666–670. `Best paper“ award nominee AMIA fall symposium.Google Scholar
  15. U.S. Department of Defense, Department of Defense Trusted Computer System Evaluation Criteria, DoD 5200.28-STD, December 1985.Google Scholar
  16. 16.
    Common criteria for information technology security evaluation, Part 3: security assurance requirements, version 2.1, CCIMB-99–033, August 1999.Google Scholar
  17. 17.
    Dick RS, Steen EB, eds., Institute of Medicine. The computer-based patient record: an essential technology for health care. Washington, DC: National Academy Press, 1991.Google Scholar
  18. 18.
    Executive Order 12958 classified national security information. Federal Regis- ter, April 20, 1995; 19826.Google Scholar
  19. 19.
    Masys D, Baker D, Butros A, Cowles KE. Giving patients access to their medical records: the PCASSO experience. J Am Med Informatics Assoc 2002; 181–191.Google Scholar
  20. 20.
    Baker DB. Protecting life and health in the midst of electronic and Internet mayhem. Managed Care Interface 2000; 13 (6): 81–87.PubMedGoogle Scholar
  21. 21.
    Fallis D. Inaccurate consumer health information on the Internet: criteria for evaluating potential solutions. Proceedings of the American Medical Informatics Association Annual Symposium, 1999.Google Scholar
  22. 22.
    Department of Health and Human Services. Standards for privacy of individually identifiable health information. Billing code 4150–04M. Federal Register, 45 CFR parts 160–164, December 28, 2000.Google Scholar
  23. 23.
    Consumers demand combination of “high-tech” and “high-touch” personalized services to manage healthcare needs. Harris Interactive, http://, 2000.Google Scholar

Copyright information

© Springer Science+Business Media New York 2004

Authors and Affiliations

  • Dixie B. Baker
  • Daniel Masys

There are no affiliations available

Personalised recommendations