医疗系统安全课程规划

醫療系統平安課程規劃週次日期題目週次日期題目12/27Overview104/30Seminar-6(台大)23/5醫療資訊趨勢資訊安全專有名詞115/7Seminar-4(三總)33/12醫療資訊安全125/143.醫療資訊安全問題43/19隱私權醫療資訊趨勢專有名詞135/212.醫療資料流程及醫療資訊系統架構53/26Seminar-1(北醫)145/284.醫療資訊身份識別及RFID應用64/2Seminar-2(HCA)156/45.醫療資訊存取控制74/9Seminar-3(HIPPA)166/116.醫療資訊安全系統84/161.醫院組織架構及經營方略(醫療品質)176/18專題報告?94/23Seminar-5(長庚)186/25期末考整理ppt醫療系統平安課程第16週規劃6/18 總結專題報告?XX醫院/醫學中心醫療資訊平安系統設計資訊平安通訊期刊邀稿整合醫療資訊平安系統報告?HIESecurityandPrivacythroughIHESecurityandAuthorizationIssuesinHL7ElectronicHealthRecords:ASemanticWebServicesBasedApproach整理ppt第一組萬芳醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)江宗儫*心得?提問提問+?分提問+?分提問+?分提問+?分提問+?分報告?檔案報告?檔案陳朝麟心得?提問提問+?分提問+?分提問+?分提問+?分提問+?分報告?檔案報告?檔案張鉦堅心得?提問提問+?分提問+?分提問+?分提問+?分提問+?分報告?檔案報告?檔案洪懿文心得?提問提問+?分提問+?分提問+?分提問+?分提問+?分報告?檔案報告?檔案林惠萍心得?提問提問+?分提問+?分提問+?分提問+?分提問+?分報告?檔案報告?檔案陳憶萱心得?提問提問+?分提問+?分提問+?分提問+?分提問+?分報告?檔案報告?檔案整理ppt第二組振興醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)汪靖軒*提問+?分心得?提問提問+?分提問+?分提問+?分提問+?分徐健豪提問+?分心得?提問提問+?分提問+?分提問+?分提問+?分張博硯提問+?分心得?提問提問+?分提問+?分提問+?分提問+?分曾國揚提問+?分心得?提問提問+?分提問+?分提問+?分提問+?分洪銘聰提問+?分心得?提問提問+?分提問+?分提問+?分提問+?分整理ppt第三組馬階醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)翁雋傑*提問+?分提問+?分心得?提問?提問+?分提問+?分提問+?分檔案檔案檔案黃敬淵提問+?分提問+?分心得?提問提問+?分提問+?分提問+?分報告檔案檔案檔案黃士瑋提問+?分提問+?分心得?提問提問+?分提問+?分提問+?分檔案報告檔案檔案陳建文提問+?分提問+?分心得?提問提問+?分提問+?分提問+?分檔案檔案報告檔案邵書毅提問+?分提問+?分心得?提問提問+?分提問+?分提問+?分檔案檔案檔案整理ppt第四組義守醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)陳思彤提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案陳雅芝提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案黃熙博提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案劉于淑提問+?分提問+?分提問+?分提問+?分提問+?分心得提問+?分報告檔案黃語萱*提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案整理ppt第五組三軍總醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)李資理提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案黃玉佩提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分報告檔案檔案何昕宸提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案報告檔案何炳杰提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案程仲駿*提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案整理ppt第六組台大醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)李郁玟*提問+?分提問+?分提問+?分提問+?分心得?提問提問+?分檔案檔案報告檔案張育禎提問+?分提問+?分提問+?分提問+?分心得?提問提問+?分報告檔案檔案檔案蔡嘉靜提問+?分提問+?分提問+?分提問+?分心得?提問提問+?分檔案報告*檔案檔案鄭荏任提問+?分提問+?分提問+?分提問+?分心得?提問提問+?分檔案檔案檔案許巧瑩提問+?分提問+?分提問+?分提問+?分心得?提問提問+?分檔案檔案檔案鄒芳瑜提問+?分提問+?分提問+?分提問+?分心得?提問提問+?分檔案檔案檔案整理ppt第七組長庚醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)王鐸臻提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案檔案檔案蔣詩慧*提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案報告檔案檔案檔案蔡文瑜提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分報告檔案檔案檔案檔案陳可玗提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案檔案檔案劉信妤提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案報告檔案檔案沈君叡提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案檔案報告檔案整理ppt第八組台北榮總醫院姓名3/26--北醫:臺北醫學大學副院長劉立博士(第1組)4/2--HCA:鉅仁科技副總彭振興博士(第2組)4/9--HIPPA:中研院資訊所王大為博士(第3組)4/23--長庚:長庚醫院何國豪特助(第5組)4/30--台大::臺大醫院鄭伯勳博士(第6組)5/7--三總:三軍總醫院資訊室黃援傑主任(第4組)3.醫療資訊安全問題(5/14)2.醫療資料流程及醫療資訊系統架構(5/21)4.醫療資訊身份識別及RFID應用(5/28)5.醫療資訊存取控制(6/4)6.醫療資訊安全系統(6/11)專題總結報告?(6/18)廖靜怡*提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分報告*檔案檔案檔案檔案林義軒提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案報告*檔案檔案檔案賴又嘉提問+?分提問+?分提問+?分提問+?分提問+?分心得提問+?分檔案檔案報告*檔案檔案梁伯瑞提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案檔案報告*檔案簡瑞妤提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案檔案檔案陳昫如提問+?分提問+?分提問+?分提問+?分提問+?分提問+?分檔案檔案檔案檔案整理ppt醫療系統平安課程第16週規劃6/18 總結專題報告?XX醫院/醫學中心醫療資訊平安系統設計資訊平安通訊期刊邀稿整合醫療資訊平安系統報告?HIESecurityandPrivacythroughIHESecurityandAuthorizationIssuesinHL7ElectronicHealthRecords:ASemanticWebServicesBasedApproach整理pptXX醫院/醫學中心醫療資訊平安系統設計醫療資訊平安概論醫療資訊與隱私權重要何謂醫療資訊平安?醫療資訊平安與資訊平安差異?(從資安揭露角度)XX醫院/醫學中心醫療資訊平安系統目前醫療資訊系統架構及資安缺口醫療資訊平安需求(機密真確權限不可否認等)未來具有資安功能的醫療資訊系統架構UCAXKMSSAMLXACML為確保隱私權應有的醫療資訊平安政策HIPPA結論整理ppt醫療系統平安課程第16週規劃6/18 總結專題報告?XX醫院/醫學中心醫療資訊平安系統設計資訊平安通訊期刊邀稿整合醫療資訊平安系統報告?HIESecurityandPrivacythroughIHESecurityandAuthorizationIssuesinHL7ElectronicHealthRecords:ASemanticWebServicesBasedApproach整理ppt資訊平安通訊期刊邀稿「資訊平安通訊雜誌」係由中華民國資訊平安學會發行之刊物，並定期於每年一月、四月、七月及十月出版資訊平安相關領域之研究論著，每一期將邀請一位GuestEditor針對當期主題進行規劃與邀稿。此期刊並非TSSCI或EI，但為國內資訊平安重要期刊。後進(許建隆教授)目前受邀擔任資訊平安通訊期刊(CommunicationsofCCISA)2021年10月10日出刊的特約主編，本次期刊主題為「醫療資訊平安」，涵蓋理論、實務、經驗、政策等相關議題，希冀藉由此期刊之內容，能讓讀者更多涉獵並重視醫療資訊平安。整理ppt醫療系統平安課程第16週規劃6/18 總結專題報告?XX醫院/醫學中心醫療資訊平安系統設計資訊平安通訊期刊邀稿整合醫療資訊平安系統報告?HIESecurityandPrivacythroughIHESecurityandAuthorizationIssuesinHL7ElectronicHealthRecords:ASemanticWebServicesBasedApproach整理pptHIESecurityandPrivacythroughIHEAHealthcareInformationExchange(HIE)isasetofhealthcareentitiesthatarecooperatingtosharehealthcareinformationaboutcommonpatients.TheIHEhasproposedthatabasicmethodofprovidingaHIEisthroughaninfrastructurethatallowsforthesharingofclinicaldocumentsaboutapatientinawaythatallowsforlongtermuse.ThisinfrastructureismadeupofafamilyofProfilescenteredontheCross-EnterpriseDocumentSharing(XDS)Profile.ThiswhitepaperwilldiscusshowanHIEthatleveragesIHEprofilescanprotectpatientprivacyandinformationsecurity.TheorganizersoftheHIEneedtoimplementbasicsecurityprincipalsinordertoofferasecuritymodeltoprotecttheHIEinformationexchanges.ThearchitectureputforthbyIHEistosharediscreteinformationintheformofdocuments.Thesedocumentsmaybesimpletextdocuments,formatteddocumentsusingstandardssuchasPDF,orfullystructuredandcodedusingstandardssuchasHL7CDA.Thesedocumentsaresharedwithreferencetotheindividualpatientwiththeexpectationthatinthefuturetheycanbeusedtoprovidebetterhealthcaretreatmenttothatsameindividualpatient.整理ppt

HIESecurityandPrivacythroughIHEIntroductionScopingSecurityandPrivacyInternationalDataProtectionPrinciplesPoliciesandRiskManagementTechnicalSecurityandPrivacycontrolsApplyingSecurityandPrivacytoanHIEBuildingUponExistingSecurityEnvironmentIHESecurityandPrivacyToolkitIHESecurityandPrivacyControlsConclusion整理pptElementsofthehealthinformationexchangechallengeOpen“governance〞TrustrelationshipsamongparticipantsInvolveconsumersProvidesecurityDevelopsustainablefundingProvidecapablebusinessservicesandoperationsDeveloptechnicalcapabilitiesandoperations整理pptScopingSecurityandPrivacyThePolicyEnvironmentismadeupofmanylayersofpolicies.Thesepoliciesworktogetherinahierarchicwaytointerlock.Wewillintroducesomeofthesedifferentlayersinthiswhitepaperandshowhowtheyinfluencethetechnology.InternationalDataProtectionPrinciplesPoliciesandRiskManagementTechnicalSecurityandPrivacycontrols整理ppt

HIESecurityandPrivacythroughIHEIntroductionScopingSecurityandPrivacyInternationalDataProtectionPrinciplesPoliciesandRiskManagementTechnicalSecurityandPrivacycontrolsApplyingSecurityandPrivacytoanHIEBuildingUponExistingSecurityEnvironmentIHESecurityandPrivacyToolkitIHESecurityandPrivacyControlsConclusion整理pptInternationalDataProtectionPrinciplesIn1980,theOrganizationforEconomicCooperationandDevelopment(“OECD〞經濟合作暨發展組織)developedGuidelinesontheProtectionofPrivacyandTransborderFlowsofPersonalData.Theseguidelineswereintendedtoharmonizenationalprivacylaws,upholdhumanrights,andpromotethefreeflowofinformationamongits30membercountries.TheOECDguidelineshaveservedasabasisfordataprotectionlawsintheUnitedStates,Europe,Canada,Japan,Australia,andelsewhere.Together,theseprinciplesandlawsprovideausefulframeworkfordevelopinggeneraldataprotectionrequirementsforhealthinformationsystems.Inthecontextofthispaper,thesedataprotectionprincipleswillbescopedtotheIHErelevantpoliciesandunderstoodinthecontextoftheIHEriskenvironment.ThetechnicalcontrolsthatarerelevanttoIHEaredistilledbelow.整理ppt:///document/20/0,3343,en_2649_202185_15589524_1_1_1_1,00.html整理ppt

HIESecurityandPrivacythroughIHEIntroductionScopingSecurityandPrivacyInternationalDataProtectionPrinciplesPoliciesandRiskManagementTechnicalSecurityandPrivacycontrolsApplyingSecurityandPrivacytoanHIEBuildingUponExistingSecurityEnvironmentIHESecurityandPrivacyToolkitIHESecurityandPrivacyControlsConclusion整理pptPoliciesandRiskManagement(1/5)IHEsolvesInteroperabilityproblemsviatheimplementationoftechnologystandards.ItdoesnotdefinePrivacyorSecurityPolicies,RiskManagement,HealthcareApplicationFunctionality,OperatingSystemFunctionality,PhysicalControls,orevengeneralNetworkControls.WhileHIEPoliciesandRiskManagementareoutsideitsscope,IHEdoesrecognizethattheseelementsareanecessarypieceofasystemimplementation.IHEITInfrastructureTechnicalFramework,Volume1:Appendix“L〞outlinessomeoftheissuesthatshouldbeevaluatedtobeincludedinthelocalPolicycreationandRiskManagementdecisions.Also,theIHEITInfrastructurePlanningCommitteehasproducedawhitepaperthatguidesIHEprofiledevelopersondetailriskidentificationsotheprofilescanproperlyadviseimplementers.ItisthereforethedutyofsystemimplementerstotakethisguidanceintoaccountaspartoftheirRiskManagementpractices整理pptPoliciesandRiskManagement(2/5)Figure2showshowthecorporatePolicesaredeveloped,promulgated,95andeventuallyimplementedwithvaryingdegreesofautomation.Policyenforcementmustbeapartofthispolicylifecycle.整理pptPoliciesandRiskManagement(3/5)Forexampleimplementersneedtobeawareofdifferentkindsofpoliciesthatneedtobeharmonizedwithlocalenterprisepolicies:PoliciesforwhohasaccesstowhattypeofdocumentsintheHIE(Access)PoliciesforwhoisallowedtopublishdocumentsintotheHIE(Write)PoliciesontheacceptabletypesofdocumentsintheHIEPoliciesthatindicateacceptablelevelsofriskwithinHIEPoliciesthatindicatewhatsanctionswillbeimposedonindividualsthatviolatetheHIEpoliciesPoliciesontrainingandawarenessPoliciesonuserprovisioningandde-provisioningwithinaffinities(andlocaloperationspolicy)PoliciesonemergencymodeoperationsPoliciesonacceptablenetworkuseandprotectionsPoliciesonauthenticationmethodsthatareacceptablePoliciesonbackupandrecoveryplanningPoliciesonacceptablethirdpartyaccessPoliciesonsecondaryuseoftheinformationintheHIEPoliciesontheavailabilityoftheHIE(istheHIEconsideredlifecritical,115normal,orlowpriority)PoliciesformaintenancePoliciesforlengthoftimethatinformationwillbemaintainedintheHIEEtc整理pptPoliciesandRiskManagement(4/5)Thesepoliciesarenotaflatset,butoftencanbeseenasacascade.Agoodexampleofthisisthecascadeofpoliciesrelatedtoaccesstoapatient’sdata.AttheCommunitylevelcouldbeaPolicywithgeneralgoalsindicatingthatdataisnottobedisclosedtoaperson’sneighbor.ThisisfurtherrefinedattheEnterprisePolicywherea‘neighbor’wouldbedefinedgiventheknownpopulationandsocialnorms.ThisPolicycanfurtherberefinedbythepatientthem-selvesintheirownprivacyconsentwherespecificallyahostileneighbormightbenamed.Animportantsetofpoliciesarethosearoundemergencymodes.Therearewidedefinitionsofcasesthatareoftenreferredtoasemergencymode.Theseemergencymodesneedtoberecognizedfortheriskstheypresent.Whentheseusecasesarefactoredinup-frontthemitigationsarereasonable.Naturalormanmadecatastrophicdisaster(e.g.Hurricane,EarthQuake)–oftentimesadditionalworkforcemigratesintotheareafromotherplacestohelpout.Theseindividualsneedtoquicklybescreenedandprovisionedwithappropriateaccess.Utilityfailure(e.g.electricfailure)–thissituationiscommonandeasilyhandledthroughuninterruptiblepowersuppliesandbackupgenerationITinfrastructurefailure(e.g.harddrivecrash)–thissituationisalsocommonandhandledthroughcommoninfrastructuralredundancyNeedtoelevateprivilegesduetoapatientemergency,oftencalledbreak-glass(e.g.nurseneedstoprescribe)Needtooverrideapatientspecifiedblockduetoeminentdangertothatpatient–thisoverrideisnotabreakingofthepolicybutisanexplicitconditionwithinthepolicy.整理pptPoliciesandRiskManagement(5/5)Oftentimestheemergencyroomisconsideredasanemergencymode,buttheemergencyroomisreallyanormalmodeforthosescheduledtoworkthere.Whenlookedatasnormalmode,theproperprivilegesandworkflowflexibilitycanbespecified.Policydevelopmentisfrustratedbyapparentconflictsinpolicies.Theseconflictsareoftensuperficialandcanbeaddressedupfrontoncethedetailsofthepolicyareunderstood.ForexampleinEuropetherearepoliciesthatforbidtherecordingofrace,yetthisisanimportantclinicalattribute.Thissuperficialconflictmightbeaddressedbyrecordinggeneticmarkersinsteadofrace.Anothergoodexampleofasuperficialpolicyconflictisinrecordsretentionrequirementsatthenationallevelvsatthemedicallevel.Retentionofrecordsisfixedatashortperiodafterdeath,yetifthepatienthasblacklungthentherecordsmustbepreservedwellbeyond.整理ppt

HIESecurityandPrivacythroughIHEIntroductionScopingSecurityandPrivacyInternationalDataProtectionPrinciplesPoliciesandRiskManagementTechnicalSecurityandPrivacycontrols

ApplyingSecurityandPrivacytoanHIEBuildingUponExistingSecurityEnvironmentIHESecurityandPrivacyToolkitIHESecurityandPrivacyControlsConclusion整理pptTechnicalSecurityandPrivacycontrols(1/4)BasedontheexperienceoftheIHEparticipantsthroughexperienceinimplementingHIEenvironmentsthereisacommonsetofSecurityandPrivacycontrolsthathavebeenidentified.ThesecontrolsareinformedbyacombinationoftheOECDdataprotectionprinciples,experiencewithexplicitpoliciesatHIEimplementations,andexpectationofgeneralPoliciesandSecurityRiskManagement.Thesesecurityandprivacycontrolscanbeusedtoenforcethe:1)AccountabilityControls–Thecontrolsthatcanprovethesystemisprotectingtheresourcesinaccordancetothepolicies.Thissetofcontrolsincludessecurityauditlogging,reporting,alertingandalarming.2)IdentificationandAuthenticationControls–Thecontrolsthatprovethatasystemorpersoniswhotheysaythattheyare.Forexample:personalinteractions,DigitalCertificates,securityassertions,Kerberos,andLDAP.3)AccessControls–Thecontrolsthatlimitaccessbyanauthenticatedentitytotheinformationandfunctionsthattheyareauthorizedtohaveaccessto.ThesecontrolsareoftenimplementedusingRoleBasedAccessControls.整理pptTechnicalSecurityandPrivacycontrols(2/4)4)ConfidentialityControls–Assensitiveinformationiscreated,stored,communicated,andmodified;thiscontrolprotectstheinformationfrombeingexposed.Forexample:encryptionoraccesscontrols.5)DataIntegrityControls–Thecontrolsthatprovethatthedatahasnotchangedinanunauthorizedway.Forexample:digitalsignatures,securehashalgorithms,CRC,andchecksum.6)Non-RepudiationControls–Thecontrolsthatensurethatanentitycannotlaterrefutethattheyparticipatedinanact.Forexampleauthorofadocument,orderofatest,prescribeofaprescription.7)PatientPrivacyControls–Thecontrolsthatenforcepatientspecifichandlinginstructions.8)AvailabilityControls–Thecontrolsthatensurethatinformationisavailablewhenneeded.Forexample:backup,replication,faulttolerance,RAID,trustedrecovery,uninterruptiblepowersupplies,etc.整理pptTechnicalSecurityandPrivacycontrols(3/4)Forexample:TwooftheOECDdataprotectionprincipalsareSecuritySafeguardsandAccountability.Thiscanbeviewedas:SecuritySafeguards:Iwanttobesurethedataarenotdisclosedtosomeonewhoshouldn'tseethemIdentificationandAuthenticationControls.AccessControls.ConfidentialityControls.PatientPrivacyControls.Iwanttobesurethedataarenotmodifybysomeonewhodoesn'thavetherightforthatIdentificationandAuthenticationControls.AccessControls.DataIntegrityControls.IwanttobesurethedatacanberetrievewhenneededAvailabilityControls(CAIAvailability,Confidentiality,andIntegrity)(3AAuthentication,Authorization,andAccountability)Accountability:(more)整理pptTechnicalSecurityandPrivacycontrols(4/4)Forexample:TwooftheOECDdataprotectionprincipalsareSecuritySafeguardsandAccountability.Thiscanbeviewedas:SecuritySafeguards:(more)Accountability:IwanttobesurewhoisdoingactionIdentificationandAuthenticationControls.IwanttoknowwhatisdonebywhoAccountabilityControls.IwanttobesurewhathasbeendonecannotbedeniedNon-RepudiationControlsThesesecurityandprivacycontrolsarenotusefulwithoutinputfromthevarioustypesofpoliciesthatreflectanyindividualenvironmentandexpectation.

WewillassumeaconservativesetofpoliciesandshowhowthesecontrolscanbeappliedgiventheIHEprofiles.整理ppt

HIESecurityandPrivacythroughIHEIntroductionScopingSecurityandPrivacyInternationalDataProtectionPrinciplesPoliciesandRiskManagementTechnicalSecurityandPrivacycontrolsApplyingSecurityandPrivacytoanHIEBuildingUponExistingSecurityEnvironmentIHESecurityandPrivacyToolkitIHESecurityandPrivacyControlsConclusion整理pptApplyingSecurityandPrivacytoanHIEIHEdoesnotsetpoliciesbutispolicysensitive.Thereforewenowdiscussthepolicyenablingtechnologiesandnotthepoliciesthemselves.ThissectionwillshowhowtheexistingsecuritycontrolsinstandalonesystemareleveragedandextendedwhenconnectingthemintoanHIEBuildingUponExistingSecurityEnvironmentIHESecurityandPrivacyToolkitIHESecurityandPrivacyControls

整理pptBuildingUponExistingSecurityEnvironment(1/5)TheIHEmodelforparticipantspresumesthatclinicalapplicationsinplacetodayincludethenecessarybasicsecurityprinciplestoprotectpatientdatawithintheentity(e.g.hospital,clinic).Theseapplicationscurrentlyincludecontrolstoauthenticateusers,tocheckthattheusershaverightstoperformfunctionality(e.g.Role-Based-AccessControl),andtoaccountfortheactionsofuserswithintheapplication.Theseapplicationsareinstalledwithinafacilityandthatfacilityhastakencaretophysicallyandelectronicallyprotecttheseapplicationswithphysicalbarriers,backupelectricity,air-conditioning,backupofdata,etc.Forexample,thesearethetypesofcontrolscurrentlyrequiredbytheCCHITcertificationcriteriaforAmbulatoryEMRsystemsandIn-PatientEHRsystemsintheUSA(See://).整理pptBuildingUponExistingSecurityEnvironment(2/5)TheemergenceofPersonalHealthRecordsmayintroducenewpolicyrequirementsandcontrolsbothattheHIElevelandatthelocaloperationalpolicylevelandindividualparticipantsshouldtakethisintoaccountwhenevaluatingtheircurrentriskprofile.ThePersonalHealthRecordisanareathatdoesnothaveregulatorycontrolsinmanycountries(e.g.HIPAAhasfewregulatorycontrolsonthePersonalHealthRecordcontrolledbythepatient).TheentitiesthatarejoiningtheHIEhaveexperienceinimplementingtheappropriatepoliciesfortheirentitiesandthesehavedriventheirchoiceofsecuritymechanismsandinfluencedtheappropriateimplementation.整理pptBuildingUponExistingSecurityEnvironment(3/5)Theseentitieshavesomemeasureofcontrol(therewillbevariationsintheentities)overtheirusers(employees,contractors,patients).Theseentitiesunderstandtheirenvironmentandhaveresponsibilityforimplementingthecontrolsforthelocallyappropriateauthenticationmethods(passwords,smartcards,2-factortoken,etc).Theycanreactquicklytoprovision,suspend,authorize,andde-provisionusersinawaythatissensitivetotheemployees’rights.AstheseentitiesjoinanHIEtheclinicalapplicationsthattouchtheHIEcanbeseenasbeingapplicationsattheedgeoftheentitythatareparticipatinginanexchange.Assuchtheedgeapplicationsandtheirarchitectureneedacommonsetofpoliciesandcontrolstoapplytotheedgeapplication,oredgesystem.整理pptBuildingUponExistingSecurityEnvironment(4/5)Inhealthcare,beyondthebasicsecurityprinciples,wemustadditionallybesensitivetopatientcareandsafety.Theapplicationsclosesttothepatientarebestinformedfordeterminingthecontextofthecurrentsituation.Itisonlyatthislevelthatemergencymodecanbehandledinanexpedientway(oftencalledbreak-glass).TheIHEmodelleveragesthegeneralsecuritycontrolsavailableintheedgeapplicationsinacomplementarywaytoprotecttheassetsoftheHIE.TheIHEmodelisverycarefultoincludesecuritywhileallowingforflexibleandsafeprovisionofhealthcarebyindividualparticipants.TheIHEmodelreinforcestheneedforthesecommonbasicsecurityfunctionalitiesthroughthedefinitionoftheAuditTrailandNodeAuthentication(ATNA)profile.ThissameprofileensuresthattheedgesystemsarestronglyauthenticatedtotheHIEtoensurethatonlytrustedsystemsareallowedtohaveaccesstotheHIE.整理ppt

HIESecurityandPrivacythroughIHEIntroductionScopingSecurityandPrivacyInternationalDataProtectionPrinciplesPoliciesandRiskManagementTechnicalSecurityandPrivacycontrolsApplyingSecurityandPrivacytoanHIEBuildingUponExistingSecurityEnvironmentIHESecurityandPrivacyToolkitIHESecurityandPrivacyControlsConclusion整理pptIHESecurityandPrivacyToolkit(1/6)WhenimplementinganHIEwebeginbyrecognizingthatinthecurrentIHEsecuritymodeltheedgeapplication’wemustmeetthenecessarygeneralsecuritycontrolsshownabove.TheIHEmodelsonlydefinetheinteraction(networkprotocols)betweenlogicalapplicationsandnotthebehaviorwithinanapplication(e.g.clinicaldecisionsupport,medicationsmanagement).Inmanycasesthechoiceofimplementationforsecurityisapplicationfunctionalitywhichprovidesthecontrolforsecurityandprivacy.InothercasestheprincipleneedstobehandledinageneralwayintheHIEPolicy.Inboththesecases,neitherthefunctionalitynorthepoliciesaredefinedbytheIHEprofile.ThiswhitepaperwillnotfullydescribehowtheIHEprofilessatisfytheprinciplebutprovideanoverviewoftheprofilesandpointerstodirectthereadertotheindividualIHEprofileandtopicwithintheprofile.整理pptIHESecurityandPrivacyToolkit(2/6)ThefollowingisalistofIHEprofilesthatcanbeleveragedtosatisfysecurityandprivacyrequirements.AuditTrailandNodeAuthentication(ATNA)ConsistentTime(CT)BasicPatientPrivacyConsents(BPPC)EnterpriseUserAuthentication(EUA)Cross-EnterpriseUserAssertion(XUA)PersonnelWhitePages(PWP)DigitalSignatures(DSG)NotificationofDocumentAvailability(NAV)Cross-EnterpriseDocumentSharing(XDS)Cross-EnterpriseDocumentsharingviaReliablemessaging(XDR)Cross-EnterpriseDocumentsharingonMedia(XDM)整理pptIHESecurityandPrivacyToolkit(3/6)BasicSecurityIHEassumesthatauditcontrolistheprimarycontrolmethodofaccountabilityenforcement.TheprofilethatprovidesthebasicsecurityprincipleistheAuditTrailandNodeAuthentication(ATNA)profile.Thisprofilehasthreecomponentsthatleveragetheedgesystemcapabilities.ThefirstpartoftheATNAprofileisanassessmentoftheedgesystemscapabilitiestoenforcetheHIEPoliciesaroundAuthenticationandAccessControls.ThesecondpartofATNAisSecurityAuditLogging.整理pptIHESecurityandPrivacyToolkit(4/6)ThefirstpartoftheATNAprofileisanassessmentoftheedgesystemscapabilitiestoenforcetheHIEPoliciesaroundAuthenticationandAccessControls.ThesecondpartofATNAisSecurityAuditLogging.Theprofileincludesasetofsecurityrelevanteventsandaschemafordefiningwhattocaptureintheauditwhenthesesecurityrelevanteventshappen.Theedgesystemisexpectedtosupporttherecordi