Skip to main content
SpringerLink
Log in
Book cover

International Conference on Advances in New Technologies, Interactive Interfaces, and Communicability

ADNTIIC 2011: Advances in New Technologies, Interactive Interfaces and Communicability pp 26–37Cite as

Federation and Security Aspects for the Management of the EHR in Italy

  • Conference paper

  • 1130 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7547))

Abstract

The Electronic Health Record (EHR) or Electronic Patient Record is a collection of electronic health information about a patient, created to increase personal safety through more accurate evidence-based decision support. Healthcare organizations, especially in different regions/local governments, can have different architectural solutions and procedures, and thus different access control policies. The requirement of compliance with previously developed architectural solutions binds them to using a single Federated infrastructure model. Since data stored in the EHR Infrastructure concerns the health status of patients, they must be considered critical and their confidentiality and integrity must be protected by proper security support. In this paper we will present the analysis of federation and security aspects and issues for the management of the Electronic Health Record in Italy, suggesting a possible solution.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Eyers, D., Bacon, J., Moody, K.: OASIS Role-based Access Control For Electronic Health Records. In: IEEE Proceedings on Software, vol. 153(1), pp. 16–23. IEEE (2006)

    Google Scholar 

  2. The Italian Data Protection Authority, Linee guida in tema di Fascicolo Sanitario Elettronico (FSE) e di dossier sanitario – 16 luglio 2009 (G.U. n. 178 del 3 agosto 2009)

    Google Scholar 

  3. OASIS, eXtensible Access Control Markup Language (XACML) v.3.0 (April 16, 2009)

    Google Scholar 

  4. Bergmann, J., Bott, O., Pretschner, D., Haux, R.: An e-consent-based shared EHR system architecture for integrated healthcare networks. International Journal of Medical Informatics 76(2-3), 130–136 (1973) ISSN 1386-5056, doi:10.1016/j.ijmedinf.2006.07.013

    Article  Google Scholar 

  5. Tsiknakis, M., Katehakis, D., Orphanoudakis, S.: An open, component-based information infrastructure for integrated health information networks. Int. Journal of Medical Informatics 68(1-3), 3–26, http://www.sciencedirect.com/science/article/pii/S1386505602000606

  6. Anderson, R.: A Security Policy Model for Clinical Information Systems. In: IEEE Symposium on Security and Privacy, pp. 30–42 (1996)

    Google Scholar 

  7. Anderson, R.: Security in Clinical Information Systems, Computer Laboratory University of Cambridge (1996)

    Google Scholar 

  8. Win, K.: A review of security of electronic health records. Health Information Management 34(1), 13–18 (2005)

    Google Scholar 

  9. Acharya, D.: Security in Pervasive Health Care Networks: Current R&D and Future Challenges. In: Mobile Data Management, pp. 305–306 (2010)

    Google Scholar 

  10. Hewitt, B.: Exploring how security features affect the use of electronic health records. Healthcare Technology and Management 11(1/2), 31–49 (2010)

    Article  Google Scholar 

  11. Sohr, K., Drouineaud, M., Ahn, G.: Formal specification of role-based security policies for clinical information systems. In: SAC: Security Track, pp. 332–339. ACM (2005)

    Google Scholar 

  12. Security Assertion Markup Language (SAML) V2.0 Technical Overview Committee Draft 02 (March 25, 2008)

    Google Scholar 

  13. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  14. OASIS, ebXML Registry Services and Protocols Version 3.0, OASIS (May 2, 2005)

    Google Scholar 

  15. OASIS, SAML 2.0 profile of XACML v2.0, OASIS Standard (February 1, 2005)

    Google Scholar 

  16. OASIS: Web Service Security: SOAP Message Security 1.1 (WS-Security 2004) OASIS Standard incorporating Approved Errata (November 1, 2006)

    Google Scholar 

  17. OASIS, XACML Profile for Role Based Access Control (RBAC) (February 13, 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CNR-IIT, Pisa, Italy

    M. Claudia Buzzi, Francesco Donini, Abraham Gebrehiwot, Alessio Lunardelli, Cristian Lucchesi & Paolo Mori

Authors
  1. M. Claudia Buzzi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Francesco Donini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abraham Gebrehiwot
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alessio Lunardelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Cristian Lucchesi
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Paolo Mori
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. ALAIPO and AINCI, HCI Lab., Via Tabajani 1 - Suc. 15 (CP 7), 24121, Bergamo, Italy

    Francisco Cipolla-Ficarra  & Miguel Cipolla-Ficarra  & 

  2. Virtual Maastricht McLuhan Institute, Europalaan 73, 6226 CN, Maastricht, The Netherlands

    Kim Veltman

  3. FERI Insitute of Informatics, University of Maribor, Smetanova Ulica 17, Maribor, Slovenia

    Domen Verber

  4. Department of Computer Communications, Middlesex University London, Rm T 109, Townhall The Burroughs, NW4 4BT, Hendon, London, UK

    Florian Kammüller

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Buzzi, M.C., Donini, F., Gebrehiwot, A., Lunardelli, A., Lucchesi, C., Mori, P. (2012). Federation and Security Aspects for the Management of the EHR in Italy. In: Cipolla-Ficarra, F., Veltman, K., Verber, D., Cipolla-Ficarra, M., Kammüller, F. (eds) Advances in New Technologies, Interactive Interfaces and Communicability. ADNTIIC 2011. Lecture Notes in Computer Science, vol 7547. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34010-9_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34010-9_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34009-3

  • Online ISBN: 978-3-642-34010-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation