Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity Protection and Pseudonymisation White Paper Proposal for 2008/09 presented to the IT Infrastructure Technical Committee A. Estelrich (GIP-DMP)

Published byMervin Warner Modified over 9 years ago

Similar presentations

Presentation on theme: "Identity Protection and Pseudonymisation White Paper Proposal for 2008/09 presented to the IT Infrastructure Technical Committee A. Estelrich (GIP-DMP)"— Presentation transcript:

1 Identity Protection and Pseudonymisation White Paper Proposal for 2008/09 presented to the IT Infrastructure Technical Committee A. Estelrich (GIP-DMP) S. Bittins (Fraunhofer ISST) 18th of November, 2008

2 IT Infrastructure Technical Committee Editors Ana Estelrich (GIP-DMP)Ana Estelrich (GIP-DMP) Prof. Klaus Pommerening (University of Mainz)Prof. Klaus Pommerening (University of Mainz) Sebastian Semler (TMF e.V.)Sebastian Semler (TMF e.V.) Sören Bittins, Jörg Caumanns (Fraunhofer ISST)Sören Bittins, Jörg Caumanns (Fraunhofer ISST)

3 IT Infrastructure Technical Committee Motivation Pseudonymisation is often only considered as interesting for second use scenarios but primary cases are also interestingPseudonymisation is often only considered as interesting for second use scenarios but primary cases are also interesting Primary use scenarios:Primary use scenarios: –Pseudonymisation as a potential security mechanism –Reducing the actual protection requirement by decoupling the concrete patient’s identity from the health information Secondary use scenarios (clinical research, public health):Secondary use scenarios (clinical research, public health): –Data leaves the context of the physician where they are protected by professional discretion –The utilisation of anonymisation/pseudonymisation means is mandatory for secondary use scenarios –The concrete identity of the patient is often of no interest

4 IT Infrastructure Technical Committee Motivation (II) In order to derive solution patterns for a flexible implementation, several models needs to be created and consideredIn order to derive solution patterns for a flexible implementation, several models needs to be created and considered Six models are suggested covering a selection of primary and secondary use casesSix models are suggested covering a selection of primary and secondary use cases

5 IT Infrastructure Technical Committee Pseudonymisation Models Model 0: Identity Protection for Primary UseModel 0: Identity Protection for Primary Use –Incorporates encryption & pseudonymisation for identity protection Model 1: Identity RemovalModel 1: Identity Removal –For one-time secondary use –Identity is completely anonymised (e. g. for research purposes) Model 2: Multiple data sources, one-time secondary useModel 2: Multiple data sources, one-time secondary use –Aims at linking multiple sources (e. g. XDS registries, repositories) –Incorporates one-way pseudonyms and encryption –= the secondary user cannot tell the identity but can read the data –Purpose: cancer registry

6 IT Infrastructure Technical Committee Pseudonymisation Models Model 3: One-Time secondary use with re-identificationModel 3: One-Time secondary use with re-identification –Incorporates two TTP, one for substituting the concrete identity, one for the actual pseudonymisation –The PID service knows the identity of the patient but contains no data –The PSEUD service can recover the PID by decrypt the PSN but does not know the concrete identity Model 4: Pseudonymous Research Data PoolModel 4: Pseudonymous Research Data Pool –Is based on Model 3 but incorporates a data pool for research –Pseudonym and medical data are permanently stored in the data pool Model 5: Central DB with many secondary usesModel 5: Central DB with many secondary uses –Potential for research involving a central (clinical) database –The clinical database contains medical data but no identities –Concrete reference to the pseudonymised medical data is established over a TTP being able to assign a PID that is connected to the data

7 IT Infrastructure Technical Committee Flow-of-Data (Model 2)

8 IT Infrastructure Technical Committee Outline Identity Protection, Pseudonymisation, Anonymisation (2-3 pages)Identity Protection, Pseudonymisation, Anonymisation (2-3 pages) Pseudonymisation Models (Use Cases) (5-10)Pseudonymisation Models (Use Cases) (5-10) Building Blocks (10-20)Building Blocks (10-20) Implementation and Deployment (10-15)Implementation and Deployment (10-15) Security Considerations (2-4)Security Considerations (2-4) Outline of a privacy Framework (2-4)Outline of a privacy Framework (2-4) Application of Pseudonymisation onto content profiles from PCC and QRPH (4-8)Application of Pseudonymisation onto content profiles from PCC and QRPH (4-8)

9 IT Infrastructure Technical Committee Standards and Systems ISO TC 215 Pseudonymisation for health InformaticsISO TC 215 Pseudonymisation for health Informatics TMF Pseudonymisation FrameworkTMF Pseudonymisation Framework OASIS WSFEDOASIS WSFED

10 IT Infrastructure Technical Committee IHE Profile Grouping XUA: for user authenticationXUA: for user authentication XPP: for authorising access to pseudonym generationXPP: for authorising access to pseudonym generation XDS: for secondary use databasesXDS: for secondary use databases XDS: as a prominent example of health resources that can be safeguarded by pseudonyms (primary use)XDS: as a prominent example of health resources that can be safeguarded by pseudonyms (primary use) ATNA: for mutual node authentication and audit trailsATNA: for mutual node authentication and audit trails PIX/PDQ: for providing patient identifiers and attributesPIX/PDQ: for providing patient identifiers and attributes

11 IT Infrastructure Technical Committee Expected Acceptance Data protection and extended liability issues are gradually moving into the focusData protection and extended liability issues are gradually moving into the focus Cooperative health care networks have a extremely strong demand for compliant solutionsCooperative health care networks have a extremely strong demand for compliant solutions This profile provides essential building-blocks for designing those solutionsThis profile provides essential building-blocks for designing those solutions The eCR Initiative is currently providing and using various of the components presented here for full complianceThe eCR Initiative is currently providing and using various of the components presented here for full compliance Significant potential for cross-border usabilitySignificant potential for cross-border usability May serve as a foundation for a pan-European identity protection frameworkMay serve as a foundation for a pan-European identity protection framework

Download ppt "Identity Protection and Pseudonymisation White Paper Proposal for 2008/09 presented to the IT Infrastructure Technical Committee A. Estelrich (GIP-DMP)"

Similar presentations

Connected Health Framework

Connected Health Framework
TMF, Telematikplattform für Medizinische Forschungsnetze e. V. Integrating eHealth and Medical Research The TMF Data Protection Scheme CeHR Regensburg,

TMF, Telematikplattform für Medizinische Forschungsnetze e. V. Integrating eHealth and Medical Research The TMF Data Protection Scheme CeHR Regensburg,
September, 2011What IHE Delivers Cross-enterprise Workflow Management (XDW profile) IT Infrastructure Planning Committee Luca Zalunardo, Arianna Cocchiglia.

September, 2011What IHE Delivers Cross-enterprise Workflow Management (XDW profile) IT Infrastructure Planning Committee Luca Zalunardo, Arianna Cocchiglia.
XDS Link-Unlink Support Profile Proposal for 2011/12 presented to the IT Infrastructure Planning Committee José Mussi (JRS Partners – IHE Canada) Karen.

XDS Link-Unlink Support Profile Proposal for 2011/12 presented to the IT Infrastructure Planning Committee José Mussi (JRS Partners – IHE Canada) Karen.
IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.

IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.
PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.

PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.
Agenda Problem Existing Approaches The e-Lab Is DRM the solution?

Agenda Problem Existing Approaches The e-Lab Is DRM the solution?
Federated Directory Services Brief Profile Proposal for 2009/10 presented to the IT Infrastructure Planning Committee J. Caumanns, O. Rode, R. Kuhlisch,

Federated Directory Services Brief Profile Proposal for 2009/10 presented to the IT Infrastructure Planning Committee J. Caumanns, O. Rode, R. Kuhlisch,
EbXML Registry Technical Committee n Defining and managing interoperable registries and repositories n The OASIS ebXML Registry TC develops specifications.

EbXML Registry Technical Committee n Defining and managing interoperable registries and repositories n The OASIS ebXML Registry TC develops specifications.
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.

Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)

OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.

Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.

Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.
IHE Cardiology Status November 2005 Harry Solomon Co-chair, Technical Committee.

IHE Cardiology Status November 2005 Harry Solomon Co-chair, Technical Committee.
What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.

What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.
Prof. Reinhold Haux Dr. Markus Wagner The Lower Saxony Bank of Health 23 th of August, 2013.

Prof. Reinhold Haux Dr. Markus Wagner The Lower Saxony Bank of Health 23 th of August, 2013.
IHE Patient Care Coordination (PCC) Technical Framework Supplement Patient Plan of Care (PPOC)

IHE Patient Care Coordination (PCC) Technical Framework Supplement Patient Plan of Care (PPOC)
IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.

IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.
Meeting The Technical Security Needs Primary and Secondary use of EHR systems Filip De Meyer 12-10-2007.

Meeting The Technical Security Needs Primary and Secondary use of EHR systems Filip De Meyer
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.

Similar presentations

Ads by Google