Electronic Health Records (EHR) are moving towards the core application of health information systems. Enabling informational interoperability of shared care environment including EHR, structure and function of components used have to follow open standards and publicly available specifications. This comprises also methods and tools applied. Security services needed have to be an integral part of architecture and operation of the specified and implemented components.

Starting with basic architectural paradigms the Magdeburg Medical Informatics Department was involved in at the early nineties, the secure behaviour of components has been derived. For establishing the required trustworthiness, security models have been introduced and presented in the paper. Beside communication security services based on standardised Public Key Infrastructure (PKI) and security token such as Health Professional Cards (HPC), policy-defined application security services such as authorisation, access control, accountability, etc., of information recorded, stored and processed must be guaranteed. In that context, appropriate resource access decision services have to be established.

As the HARP project result, a component-based EHR architecture has been specified and demonstrated for enforcing fine-grained security services by binding certificates to application components, by the way enforcing policies.