1 / 14

Securing a Web-based EPR An approach to secure a centralized EPR within a hospital

Securing a Web-based EPR An approach to secure a centralized EPR within a hospital. Ana Ferreira [amlaf@med.up.pt] Ricardo Correia Altamiro da Costa Pereira. Outline. Introduction Objective & Scope Security Assessment Confidentiality Integrity Availability Discussion.

newman
Download Presentation

Securing a Web-based EPR An approach to secure a centralized EPR within a hospital

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing a Web-based EPRAn approach to secure a centralized EPR within a hospital Ana Ferreira [amlaf@med.up.pt] Ricardo Correia Altamiro da Costa Pereira

  2. Outline • Introduction • Objective & Scope • Security Assessment • Confidentiality • Integrity • Availability • Discussion ICEIS2004

  3. Introduction (1) • EPR (Electronic Patient Record) “The EHR will ensureappropriate informationis availablestreamliningcare process… Thisreducesthe likelihood ofcomplaintsorlitigation” “Some projects found that security is not as big a worry for patients as expected. Yet patient organisations express that suchfearexists, it may be fear of the unknown, which isalleviatedwhen it is clear thatsecurityarrangements are adequate to supportconfidentiality.” NHS Information Authority: ERDIP - EHR issues and Lessons Learned Report (October 2002) “Deve ser promovida a intensa articulação entre os vários níveis de cuidados de saúde, reservando a intervenção dos mais diferenciados para as situações deles carecidas e garantindo permanentementea circulação recíproca e confidencial da informação clínica relevante sobre os utentes. …………… Ter rigorosamente respeitada a confidencialidade sobre os dados pessoais revelados.” Lei nº 48/90 De 24 de Agosto Lei de Bases da Saúde ICEIS2004

  4. Introduction (2) • EPR (Electronic Patient Record) • Fundamental part of healthcare information systems • Information Security (CIA - confidentiality, integrity and availability) is essential for its success BUT • Usually an afterthought • Difficult to integrate afterwards ICEIS2004

  5. Objective & Scope • Biostatistics and Medical Informatics Department: • Build a centralized EPR (HSJ.ICU) • Hospital S. João, Porto - 1350 beds and 56 departments • Integrate heterogeneous information from several departments (11 to start with) • Main concerns: • Think security from the beggining • Security issues that are mainly user-driven • Use web technology (cost-effective, easy & fast to integrate, many standards available) ICEIS2004

  6. General Assessment • Infrastructure HSJ.ICU • People’s concerns • Unauthorized access notification (confidentiality) • Valid and reliable reports (integrity) • Authorized access whenever needed (availability) ICEIS2004

  7. Provide for confidentiality (1) • Security mechanisms: • Access control mechanisms • Encipherment (secure communications) Access Control Mechanisms • Microsoft Active Directory • LDAP protocol • Standards – ENV 12251 • - Separation of concerns • - Better management • - Easy to apply standards ICEIS2004

  8. CEN/TC251 ENV 12251 (1999): Health Informatics ICEIS2004

  9. Provide for confidentiality (2) Encipherment - Secure Communications • Encryption provides non-understandable information • Protects against eavesdropping, sniffing, tampering or message forgering • Protects information whilst in transit • Web technology PROTOCOL: • TLS – Transport Layer Security standard (SSL V3) • Widely used for secure client/server web transactions • Most used browsers (IE & Netscape) support it ICEIS2004

  10. Provide for integrity • Security mechanisms Digital signatures • Reliable and valid reports • Integrity (hash + timestamp) • GnuPG - Automatic process • Only one key pair BUT • Performance issues • Revocation issues ICEIS2004

  11. Provide for availability Verify mechanisms for: • Redundancy • Auditing • Automatic notification • Automatic backups • Redundancy (equipment/power) • Backups regularly made • Session, user and error logging • Monitoring for system’s correction • Monitoring for system’s misuse ICEIS2004

  12. Discussion • Information security from the beginning • Structured thought – CIA • People involved all the way – security awareness • Rooted security • Use of Standards along with Internet technology • Most difficult: - Define policies in such a big, heterogeneous place • Future work: • Real production environment • Testing (performance; security; usability) ICEIS2004

  13. Bibliography • Barrows, C., 1996. Barrows C, Clayton P. Privacy, Confidentiality and electronic medical records. JAMIA. 3:139-148. • Bemmel, V., 1997. Handbook of Medical Informatics. M. A. Musen Editors. Springer. • Benson, T., 2002. Why general practitioners use computers and hospital doctors do not-Part2: scalability. BMJ. 325:1090-1093. • CEN/TC251, 2000. ENV 12251: Health Informatics - Secure user identification for health care management and security of authentication by passwords. • Correia, R., 2001. Acquisition, processing and storage of vital signals in an electronic patient record system. Presented at Mednet 2001. • Ferreira, A., 2002. Electronic Patient Record Security. Msc in Information Security. Information Security Group. Royal Holloway, University of London. • GnuPG, 2003. Gnu Privacy Guard, Open PGP. Available at: http://www.gnupg.org. • Godoy, C., 2002. A privacidade e o registro informatizado na Faculdade de Medicina de Marília. Encontro Paulista de Pesquisa em Ética Médica 2002. • Hassey, A., 2001. A survey of validity and utility of electronic patient records in a general practice. BMJ. 322:1401-1405. • IETF, 1999. TLS – Transport Layer Security. RFC 2246. Internet Engineering Task Force - IETF. Available at: ftp://ftp.rfc-editor.org/in-notes/rfc2246.txt. • IETF, 2003. LDAP – Lightweight Directory Access Protocol . RFC 2251. Internet Engineering Task Force - IETF. Available at: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-protocol-18.txt. • Kurtz, G., 2003. EMR confidentiality and information security. Journal of Healthcare information management. 17(3):41-48. • MSDN, 2003. Microsoft Active Directory. Available at: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/ad/active_directory.asp. • PHP, 2003. PHP Hypertext Preprocessor. Available at: http://www.php.net. • Salazar-Kish, J., 2000. Development of CPR Security Using Impact Analysis. AMIA Annual Symposium. • Shortliffe, E., 1999. The Evolution of Electronic Medical Records. Academic Medicine;74(4):414-419. • Silverman, R., 2000. A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths. RSA Laboratories Bulletin, 13. • Stausberg, J., 2003. Comparing paper-based with Electronic Patient Records: Lessons Learned during a Study on Diagnosis and Procedure Codes. J Am Med Inform Assoc. 10:470-477. ICEIS2004

  14. http://sbim.med.up.pt

More Related