17th Annual Computer Security Applications Conference
December 10-14, 2001
New Orleans, Louisiana

Trustworthiness in Distributed Electronic Healthcare Records

Bernd Blobel
Universitaet Magdeburg

Shared Care is the common answer to the challenge for improving health system's quality and efficiency. This develop- ment must be accompanied by implementing shared care information systems moving to extended electronic healthcare record systems which are distributed and have to be interoperable too. Comprehensive communication and co-operation between healthcare establishments is increasingly using the open Internet. Regarding the sensitivity of personal medical data due to legal, ethical, social and psychological implications, such communication and co-operation must be provided in a trustworthy way. The HARP project launched and funded by the European Commission specified and offered a solu- tion for distributed, component-based, trustworthy applications based on Internet technology. Specifying and implement- ing Enhanced Trusted Third Party (ETTP) services, the HARP solutions concern secure authentication as well as authori- sation of principals. By associating role profiles and security attributes to standard Web-based interactions, HARP pro- vides an initial degree of 'automation' in building certified secure medical Internet-based applications deploying estab- lished paradigms such as object orientation, component architecture, Secure Socket Layer (SSL) protocol, and XML stan- dard. The solution has been demonstrated and evaluated in a clinical study environment.

Keywords: Electronic healthcare record; Security; Internet; Authorisation; Enhanced TTP services; Trustworthiness; Healthcare

Read Paper Read Paper (in PDF)