Secure Electronic Health Records: The German Experience By Michael Deighan.

Slides:



Advertisements
Similar presentations
1 HL7 Educational Session – eHealth Week Budapest 2011 © Health Level Seven International, Inc. All Rights Reserved. HL7 and Health Level Seven.
Advertisements

CoreGRID: European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.
Conclusions from e-Health
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
HIPAA Training – Part I Health Insurance Portability and Accountability Act.
1 NCEPOD Audit Tools Marisa Mason Chief Executive.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Internet Voting in Estonia Tarvi Martens Project Manager National Electoral Committee.
Bringing HIPAA to Hospital Systems HIPAA impact on hospital systems viaMD solution for HIPAA compliance W e b e n a b l i n g Pa t i e n t A d m i t t.
CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
AAI and universities Roles and functions. The Smart Card Architect Objectives zBuild a secure Authentication and Authorization Infrastructure between.
Security Controls – What Works
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
WINGNUT TECHNOLOGIES CUSTOM ENGINEERING SOLUTIONS.
Tervisepank ® e-solution for primary care Madis Tiik, MD CEO, Estonian Society of Family Doctors
ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.
Migrating the Health Care Industry's Data Into the Cloud Walaa Hawasawi Michael Turner Eyad Fairak Eric McGee Bradlee Lathon Eric Gibson Jr.
SMARTCARDS. What we’ll cover: How does the Smart Card work (layout and operating system)? Security issues for the card holder The present and future of.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
Electronic health cards - European perspectives
Kittiphan Techakittiroj (24/08/58 22:49 น. 24/08/58 22:49 น. 24/08/58 22:49 น.) Digital Certification Kittiphan Techakittiroj
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Georgia Rural Health Information Technology Conference Healthcare Information Systems Requirements to Achieve Meaningful Use Certification December 10,
Solution Overview for NIPDEC- CDAP July 15, 2005.
Ethics & Computer Essentials. R. Stewart Fayetteville High School Ethics A set of principles of right conduct A theory or a system of.
Ethics & Computer Technology. Ethics are…  A set of principles of right conduct.  A theory or a system of moral values.  The rules or standards.
Account Authority Digital Signature AADS Lynn Wheeler First Data Corporation
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
NHS Summary Care Record (SCR) If an Out of Hours doctor is visiting you… If an ambulance is called… If you are taken to A & E…
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.
© 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Additional Security Tools Lesson 15. Skills Matrix.
Copyright © 2008 Delmar Learning. All rights reserved. Unit 8 Observation, Reporting, and Documentation.
An innovative, electronic personal health record Overview.
Electronic Health Records: Healthcare System’s Common Trends Based on Cloud Computing Group 2: OU Jin FANG Ting
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Public Key Encryption  Illustration  Uses  Importance  RSA  Cryptcard.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Patient Confidentiality and Electronic Medical Records Ann J. Olsen, MBA, MA Information Security Officer and Director, Information Management Planning.
Operating System Security Fundamentals Dr. Gabriel.
The privacy risks and rewards of distributed identity Conference Presentation (8 September 2003) Surveillance and Privacy 2003, University of New South.
Welcome! George Mason University HSCI 722. Future Scenario Fictional, but not utopian Based on Bringing Health Care Online: the Role of Information Technologies.
Working with HIT Systems
Component 3-Terminology in Healthcare and Public Health Settings Unit 16-Definitions and Concepts in the EHR This material was developed by The University.
Security March 9, Security What is security?  Techniques that control access to use a shared resource  Uses of shared resource must be authorized.
R. Stewart Fayetteville High School Ethics & Computer Technology Day 18.
Copyright © 2011 Delmar, Cengage Learning. ALL RIGHTS RESERVED. Chapter 5 Electronic Health Records.
SMART CARDS Presented By Jishnu Sasikumar Reg No : 09 PG 142.
High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.
The Protection of Information in Computer Systems Jerome H. Saltzer and Michael D. Schroeder Presented by Derek Davis and Michael Deighan.
Computer Security and the “H” word Glen Klinkhart, CEO Mike Messick, CTO.
Background On the Rochester RHIO October 2014
Audit Trail LIS 4776 Advanced Health Informatics Week 14
Identity and Access Management
Application of blockchain in healthcare
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
E-business Auditing Revised on 2014.
ITB Identity Solutions.
Presentation transcript:

Secure Electronic Health Records: The German Experience By Michael Deighan

Concerned Parties Patients Doctors Pharmacists Hospitals Insurance companies Technology companies Government

gematik Gesellschaft für Telematikanwendungen der Gesundheitskarte Formed in 2005 Charged with introducing and developing the use of the electronic card in health care Public and private insurance, doctors, pharmacists, and hospitals Creates standards Certifies components Conducts tests of the system

Critics Doctor organizations Consumer organizations Gesellschaft für Informatik Chaos Computer Club

Security Measures Smart card for identification, encryption keys, and data storage Two-key system Hybrid encryption of data Trusted hardware to handle communications Broker as guard and monitor of online data Audit log of each access

Basic Architecture

Document Encryption

Test Results Seven test regions 10,000 patients per region Level 1 testing Flensburg: 75% of the patients and 30% of the doctors had trouble with the PIN Some cards invalid due to certificate issues Response time is an issue

Assessment Complete mediation Least privilege Open design Simple design Exclusion of shared mechanisms Multiple keys User acceptance Permission, not exclusion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.