Security Standards for Healthcare Information Systems: A Perspective from the EU ISIS MEDSEC ProjectWithin the European Union's "Information Society Initiative in Standardisation," several partners from industry and universities worked on important aspects related to standards for security and privacy in the Information Society. The book deals with taxonomy of relevant standards, identification of gaps in standards and proposes requirements and specifications for emerging standards. The book is completed by reports on the application, demonstration and validation of selected standards. It promotes the awareness on the existence and usefulness of standards for privacy and security in Healthcare. The book addresses information scientists, healthcare professionals, administrators and managers but also politicians. |
Contents
Overview on Security Standards for Healthcare Information Systems | 13 |
Draft Secure Medical Database Standard | 49 |
Demonstration Results for the Standard ENV12924 | 111 |
Secure HL7 Transactions Using Internet Mail Internet Draft | 141 |
Standard Guide for Implementing HL7 Communication Security | 183 |
IT Security Training in the Healthcare Environment | 221 |
List of MEDSEC Deliverables | 235 |
Common terms and phrases
access control algorithms application authorised canonicalised certificates client communication protocol Communication Security confidentiality Content-Type countermeasures criteria cryptographic data connection Data Protection data subject database security database systems defined Deliverable digital signature document EDI messages EDIFACT encryption ensure entity environment European evaluation level File Transfer Protocol framework Group Healthcare Information Systems HL7 message identified implementation Informatics Internet IP address IPv6 ISHTAR ITSEC layer medical database security MEDSEC project MIME non-repudiation non-repudiation of origin Open Systems Interconnection operation patient personal health data personal health information principles procedures protocol public key public key certificates random numbers receipt S/MIME S/MIME Version security and privacy security enforcing functions security evaluation security guidelines security mechanisms security objectives security services security standards security target SEISMED server SFTP SIDERO specific Standard Guide System Security Policy TCSEC technical techniques users verification