Communicating Security Policies to Trusted e-Health Information Systems: A Specification Process based Approach

V.L. Narasimhan (USA) and P.R. Croll (Australia)


e-Health systems, security policies, security Standards, data privacy, information architecture


E-Health systems must be capable of adhering to clearly defined security policies based upon legal requirements, regulations and ethical standards while catering for dynamic healthcare and professional needs. Further, such security policies, incorporating enterprise level principles of privacy, integrity and availability, coupled with appropriate audit and control processes, must be able to be clearly defined by enterprise management with the understanding that such policy will be reliably and continuously enforced. The ability, then to map such e Health policies into mandatory access control structures for next generation secure computer systems is an essential requirement for the future. This paper provides some principles for addressing these issues and provides a solution space that tackles the technical challenges involved in their implementation.

Important Links:

Go Back