A systematic approach for analysis and design of secure health information systems

A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users’ views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component a...

Full description

Saved in:
Bibliographic Details
Published in:International journal of medical informatics (Shannon, Ireland) Ireland), 2001-06, Vol.62 (1), p.51-78
Main Authors: Blobel, Bernd, Roger-France, Francis
Format: Article
Language:English
Subjects:
Biological and medical sciences
Computer Security
Computerized management (medical records, files, hospital management)
Computerized, statistical medical data processing and models in biomedicine
Computing Methodologies
Data privacy
Data structures
Health information systems
High level languages
Humans
Information Systems - organization & administration
Medical sciences
Object oriented programming
Security models
Security of data
System analysis and design
Systems Analysis
UML methodology
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users’ views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component architecture of information systems and on a general layered security model. The toolset was developed in 1996/1997 within the ISHTAR project funded by the European Commission as well as through international standardisation activities. Analysing and systematising real health care scenarios, only six and nine use case types could be found in the health and the security-related view, respectively. By combining these use case types, the analysis and design of any thinkable system architecture can be simplified significantly. Based on generic schemes, the environment needed for both communication and application security can be established by appropriate sets of security services and mechanisms. Because of the importance and the basic character of electronic health care record (EHCR) systems, the understanding of the approach is facilitated by (incomplete) examples for this application.
ISSN:1386-5056
1872-8243
DOI:10.1016/S1386-5056(01)00147-2