A Framework for Health Information Technology and Network Security
•Download as PPTX, PDF•
1 like•871 views
Health information systems and network security infrastructure: a framework for securing HIT systems, networks, and HINs (internetworks).
Recommended
More Related Content
What's hot
What's hot (16)
Viewers also liked
Viewers also liked (10)
Similar to A Framework for Health Information Technology and Network Security
Similar to A Framework for Health Information Technology and Network Security (20)
Recently uploaded
Recently uploaded (20)
A Framework for Health Information Technology and Network Security
- 1. Health Information Systems and Network Security A Framework for Securing HIT Infrastructure
- 2. Security Goals 1. Protect PHI by empowering individuals to control access to their own healthcare information. 2. Allow only fully authenticated and authorized individuals access to data. 3. Preserve integrity of network data. 4. Hold users and organizations accountable for network actions. 5. Hold each node in a network accountable for the security of the data in its custody. 6. Enable the formation of larger scale networks by securely linking together health information networks (HINs). (NHIN Project/HIPAA/Markle Common Framework for Private and Secure HIE)
- 4. Environmental Assumptions ID Assumption Justification A1 Intermediary Legally binding agreements A2 Providers Legally binding agreements, and doctor/patient relationships A3 Data Repositories Legally binding agreements
- 5. Security Requirements ID Security Requirements R1 Only authorized and authenticated systems shall be targets of network queries R2 Only authorized and authenticated users shall request data over the network R3 Data integrity shall be preserved within all nodes and over the network R4 Data confidentiality shall be protected over the network R5 All access to healthcare data shall be traceable to an individual or organization R6 Where applicable patient shall specify access to PHI (rules enforced on all nodes) R7 Requests originating in another trust domain shall be authenticated and authorized R8 Data and system integrity shall be preserved at each node in the network
- 6. Security Mechanisms ID Security Mechanism Mapping M1 User identity management R2, R4 M2 User authentication R2, R4, R6 M3 User authorization R5 M4 Auditing R5 M5 Anonymization R4 M6 Secure messaging R1, R2, R3, R4 M7 Consent management R6 M8 Inter-domain security R7 M9 System availability and integrity protection R8
- 7. Security Threats and Countermeasures ID Security Mechanism Countermeasure Mapping T1 Unauthorized user/system produces data Identification/authentication M1, M2 T2 Unauthorized user/system consumes data Identification/authentication/access control M1, M2, M5, M6, M7, M8 T3 Data integrity compromised at Network, OS, application, and database controls at each node M1, M2, M9 T4 Data integrity compromised over network Integrity protection (MD5, hash, checksum) M6, A1 T5 Data confidentiality compromised over network Encryption over network (SSL) M6, M7, A1 T6 Information compromised by valid user Audit, organization binding, responsibility M4, A1, A2, A3 T7 Virus, spyware Anti-virus, firewall, intrusion detection system (IDS) M6, M9 T8 Denial of service IDS, firewall, application M6 T9 Identity spoofing Client certificate based auth. (two-way SSL) M1, M6 consumer/producer/intermediary level (consumer/producer/intermediary)
Editor's Notes
- Sources Kailar, Rajashekar. "A security architecture for health information networks.“ AMIA Annual Symposium Proceedings. Vol. 2007. American Medical Informatics Association, 2007.Scholl, Matthew, et al. Security architecture design process for health information exchanges (HIEs). US Department of Commerce, National Institute of Standards and Technology, 2010.Gritzalis, Dimitris, and Costas Lambrinoudakis. "A security architecture for interconnecting health information systems." International Journal of Medical Informatics 73.3 (2004): 305-309.Mandl, Kenneth D., et al. "Indivo: a personally controlled health record for health information exchange and communication." BMC medical informatics and decision making 7.1 (2007): 25.ResourcesAHRQ:The Health Information Security and Privacy Collaboration Toolkithttp://healthit.ahrq.gov/health-it-tools-and-resources/health-information-security-and-privacy-collaboration-toolkitAHIMA: An IT Primer for Health Information Exchangehttp://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_036239.hcsp?dDocName=bok1_036239HIMSS: Privacy and Security Toolkithttp://www.himss.org/library/healthcare-privacy-securityHealthIT.gov: Guide to Privacy and Security of Health Informationhttp://www.healthit.gov/sites/default/files/pdf/privacy/privacy-and-security-guide.pdfHealthIT.gov:Information Security Policy Templatehttp://www.healthit.gov/providers-professionals/implementation-resources/information-security-policy-templateHealthIT.gov: Relevant Legal Requirements for Health Data Exchange for Health Care Organizations http://healthit.ahrq.gov/sites/default/files/docs/page/C_RelevantLegalRequirementsforHealthDataExchange_0.pdfMarkleFoundaton: Common Framework forPrivate and Secure Health Information Exchangehttp://www.markle.org/health/markle-common-framework/connecting-professionalsDeloitte: (Issue Brief) Privacy and Security in Health Care: A fresh lookhttps://www.deloitte.com/assets/Dcom-UnitedStates/Local%20Assets/Documents/Health%20Reform%20Issues%20Briefs/US_CHS_PrivacyandSecurityinHealthCare_022111.pdfA Primer on Health Information Technology Standards and Data Exchange in the US todayhttp://www.mhtransformation.org/documents/word/MHT_HIT_Standards_081409.doc
- Security goals for HINsderived from:NHIN project /* National Health Information Network */HIPAA security and privacy rules /* Health Insurance Portability and Accountability Act*/Connecting for Health Common Framework /* Markle Common Framework for Private and Secure Health Information Exchange */[PHI] [PHR] [PCHR] /* “empowering individuals to control access to their own healthcare information” */(Protected Health Information)(Personal Health Record)(Personally Controlled Health Record)Trust Domains -> conceptually as nodes: could be a single computer on a local network, or abstracted as an organization on a larger (inter)network.Consumer <-> ProviderConsumer <-> Intermediary <-> Provider/* an intermediary could be a firewall, proxy, organization, or HIE as examples (depending on level of node abstraction) */Trust Models->Centralizeddistributed (transitive)federatedWhenthe data provider and data consumer do not share a direct trust relationship, they may rely on trusted intermediaries to act as brokers. /* Transitive or Distributed Trust (i.e. partnerships) */-----------------------------------------------------------------------------------{garden variety networks and information systems security measures adapted/updated for the special requirements of PHI}
- (Kailar, Rajashekar 2007)Simplified ERD (Entity Relationship Diagram) => closed loop system (entity relationship model -> mandatory one to many relationships ) /* ERD: database development and data modeling tool standard */[Security Threats and Countermeasures] => [Security Requirements] => [Security Mechanisms] <- [Environmental Assumptions]
- (Kailar, Rajashekar 2007)
- (Kailar, Rajashekar 2007)
- (Kailar, Rajashekar 2007)
- (Kailar, Rajashekar 2007)
- [A graphic model/visualization of the concepts in slides 3-7] /* [Tool] GraphML=> yEd Graph Editor (yWorks) */HIN Security in a Nutshell. There’s more to it, but this is a solid model/framework (HIT/HIN InfoSec)./* model/framework lacks granularity => i.e. sw security patches, nw vulnerability scans (sophisticated port-scan -> ‘script kiddies’), VPN/SSH Tunneling => extension of trusted domain (virtual), etc.*/