A specification process for communicating security policies towards developing trusted e-health information systems Online publication date: Wed, 30-Dec-2009
by V. Lakshmi Narasimhan, Peter Croll, William Caelli
International Journal of Healthcare Technology and Management (IJHTM), Vol. 10, No. 6, 2009
Abstract: E-health systems must be capable of adhering to clearly defined security policies based upon legal requirements, regulations and ethical standards while catering for dynamic healthcare and professional needs. Further, such security policies, incorporating enterprise level principles of privacy, integrity and availability, coupled with appropriate audit and control processes, must be able to be clearly defined by enterprise management with the understanding that such policy will be reliably and continuously enforced. The ability, then, to map such e-health policies into mandatory access control structures for next generation secure computer systems is an essential requirement for the future. This paper provides some principles for addressing these issues and provides a solution space that tackles the technical challenges involved in their implementation.
Online publication date: Wed, 30-Dec-2009
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Healthcare Technology and Management (IJHTM):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email email@example.com