Use of a Web-based process model to implement security and data protection as an integral component of clinical information management

Delivery of health care at Scott and White, a large integrated health care delivery system, is supported by an Electronic Medical Record (EMR) system repository of six million SGML-based documents. Control of document access is currently based on standard commercial security and confidentiality meth...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings - AMIA Symposium 1999, p.897-900
Main Authors: Myers, D L, Culp, K S, Miller, R S
Format: Article
Language:English
Subjects:
Computer Security - standards
Confidentiality
Humans
Internet
Management Information Systems
Medical Records Systems, Computerized
Programming Languages
United States
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Delivery of health care at Scott and White, a large integrated health care delivery system, is supported by an Electronic Medical Record (EMR) system repository of six million SGML-based documents. Control of document access is currently based on standard commercial security and confidentiality methodologies. Given the planned release in Fall 1999 of new federal security and confidentiality requirements, we have developed a web-based security process model that "wraps" existing EMR documents with HTML-compliant security attributes. Resulting logical documents are filtered regarding user queries by mapping the security attributes of the data to specific user role characteristics. A key virtue of our approach is that source EMR data do not undergo alteration by the imposition of the security process. It also places no additional work load or query pressure on the existing EMR system.
ISSN:1531-605X