Current paradigm changes for improving safety, quality and efficiency of care processes under massive deployment of information and communication technologies (ICT) place high requirements on privacy and security. These mainly focus on privilege management and access control harmonized in international standards and their further evolution. NIST and ISO, but especially HL7 play a prominent role in this context. Starting with classic role-based access control (RBAC) foundations to new specifications for security and privacy labeling of segmented health information, HL7 security is presented as a scalable intermediate solution on the way to comprehensive privilege management and access control by explicit, ontology-based, formal and therefore machine-processable policies. The successfully balloted HL7 labeling specification supports context-sensitive communication and cooperation between different stakeholders and processes with different purposes of use, based on meta-data of information, actors and processes involved. Basics of policy management and practical solutions are discussed.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com