Security requirements and solutions in distributed Electronic Health Records

The healthcare systems in all developed countries are changing to labour-shared structures as Shared Care. Such structures require an extended communication and co-operation. Medical information systems integrated into the care processes must be able to support that communication and co-operation adequately, representing an active and distributed Electronic Health Record (EHR) system. Distributed health record systems must meet high demands for data protection and data security, which concern integrity, availability, confidentiality including access management, and accountability. Communication and cooperation in information systems can be provided by middleware architectures. For the different middleware architectures used in healthcare as EDI (HL7, EDIFACT), CORBA or DHE, the architectural principles and security solutions are shortly described in the paper. Supporting open information systems, these security solutions are independent of applications and transparent to the user. For trusted communication and cooperation, application-related and user-related security mechanisms are required. Such mechanisms have to fulfil the security policy of the application domain. They are using the basic security mechanisms of the underlying communication- and cooperation-supporting systems. The discussed policy, threats, and countermeasures are referred to the first German regional distributed medical record, which is developed and step by step refined in the Clinical Cancer Registry Magdeburg/Saxony-Anhalt.