1 / 11

Cross-Enterprise Privacy Policy (XPP)

Cross-Enterprise Privacy Policy (XPP). Profile Proposal for 2008/09 presented to the IT Infrastructure Technical Committee Sören Bittins ( eCR , Fraunhofer ISST) November, 18th 2008. Editors. Raik Kuhlisch, Jörg Caumanns (Fraunhofer ISST) Christof Strack (SUN Microsystems)

sean-merritt
Télécharger la présentation

Cross-Enterprise Privacy Policy (XPP)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cross-Enterprise Privacy Policy (XPP) Profile Proposal for 2008/09 presented to the IT Infrastructure Technical Committee Sören Bittins (eCR, Fraunhofer ISST) November, 18th 2008

  2. Editors • Raik Kuhlisch, Jörg Caumanns (Fraunhofer ISST) • Christof Strack (SUN Microsystems) • Oliver Pfaff, Markus Franke (Siemens IT Solutions and Services)

  3. Data Privacy and Protection (short) Processing of medical information is generally forbidden but subject to the possibility of “authorisation” (refers technically to consent) This authorisation is bound to a specific and limited “purpose” The purpose as a key principle legally regulates the “context” Finally the context directly indicates the “actors” and their assigned “role” which are legally authorised to access the medical information Inadequate implementation of the above may lead to: Violation of the data protection regulations Being forced to compensate for loss/damages suffered Violation of the legal requirement concerning confidential and discrete medical communication with all its attached implications Joint and personal liability for inappropriate risk management and assessment

  4. Current Situation Private practices or very small hospitals usually delegate all rights to all of the concerned workforce Hospitals are utilising rather static RBAC or DAC systems with a potential organisational emergency override Most legal requirements are merely enforced “organisationally” Security measures are usually reactive and in retro-perspective: Access control rules usually grant more rights than usually required Reliance on the audit trail if a breach is assumed / detected Role and rights assignment is usually only intra-enterprise Inconsistent enforcement of the patient’s consent to medical data processing in distributed, cooperative health care scenarios

  5. Cross-Enterprise Policy Provision XPP features the cross-enterprise retrieval of situation- and role-aware policies and the concrete enforcement of those policies XPP directly manages, controls and filters the transactions and actors within a medical network XPP may implement all core access control principles (RBAC, DAC, MAC) as well as the reflection of higher-level aspects (SoD) XPP enables automatic and flexible situation-aware decisions: Up-to-date reflection on the existence and contents of the patients consent Limitations of the roles who may access a resource (Cardiologists only) Controlled emergency override by a special policy Distributed inter-enterprise policy retrieval and decisions in a federated and interconnected environment

  6. Authorisation Pattern (RFC2753, XACML, ...)

  7. Requirements for Cross-Enterprise Authorisation Policy Pull vs. Policy Push optimisation of anticipated effort to discover and provide the matching policy Functionality is implemented by a Security Token Service consistent and standards-based (WS Trust) security layer Separation of Policy Registry and Policy Repository Policy lookup vs. policy retrieval Policy semantics vs. policy encoding

  8. Actors and Transactions

  9. Proposed Standards & Systems • WS Trust for policy retrieval • SAML for integrating policies into security tokens • XACML as possibility for policy encoding • OASIS XSPA draft standard as a reference • Activities should be synchronized with the activities of HITSP and VA/HL7 on role based access control policies

  10. IHE Profile Grouping XPP is designed to initially group with existing IHE ITI profiles: XUA: for providing subject identity information and ensuring the authenticity of the policy assertions PWP: as a policy information point for a subject’s attributes ATNA: for auditing transactions and operating XPP actors as secure and mutual authenticated nodes XDS: most prominent example for the actors and transactions to be safeguarded More grouping may follow when other transactions who might benefit from XPP are identified and implemented

  11. Expected Acceptance It has shown that the XPP actors and transactions can be implemented using standard “off-the-shelf” libraries: Open Source eCR Reference Implementation (Fraunhofer ISST) Security Framework for a large hospital chain (Siemens) eCR Implementation for a University Hospital (iSoft, Microsoft) eCR implementation for large municipal hospital (ISPro, SUN) eCR v1.4 will incorporate the XPP Integration Profile: 11 pilot projects together with hospitals that represent 15% of the German hospital market strong vendor involvement (Agfa, Siemens, NoemaLife, SUN, Microsoft, iSoft, TietoEnator, ICW, ...) Austrian governmental initiative ELGA (electronic health record) is also aligning to this direction

More Related