Authors:
Ferreira A
;
Correia R
and
Costa-Pereira A
Affiliation:
Faculty of Medicine, University of Porto, Portugal
Keyword(s):
Electronic Patient Record; Information Security; Standards & Internet Technology
Related
Ontology
Subjects/Areas/Topics:
Enterprise Information Systems
;
Formal Methods
;
Information Systems Analysis and Specification
;
Methodologies and Technologies
;
Operational Research
;
Security
;
Simulation and Modeling
Abstract:
The introduction of new technologies such as the EPR stresses the importance of healthcare information security. The Biostatistics and Medical Informatics Department of Porto’s Faculty of Medicine is developing a centralized Electronic Patient Record at Hospital S. João, in Portugal, the HSJ.ICU. The main objective is to electronically integrate heterogeneous departmental information in a secure way, using Internet technology. The methodology used takes into consideration user-driven security issues in terms of confidentiality, integrity and availability of information. This was achieved using CEN/TC251 prestandards, Internet security protocols (e.g. TLS) and digital signature protocols. Having in mind the CIA (Confidentiality, Integrity and Availability) structure helps organizing and in a way, separating concepts that can be assessed in a more direct and efficient way. Security issues are already rooted and constitute a good basis for any enhancements that will be made in the future.