SSE
EFMI WG SSE Security, Safety and Ethics

last update : February 2008

Scope and Mission Statement

Objectives:
Speeding up the use of ICT for health care increases the challenge for trustworthiness, security and safety of solutions and infrastructure deployed. The EFMI Working Group “Security, Safety and Ethics” aims to promote development, education and training on the field of security and privacy in health.

Relationships to other Working Groups:
The EFMI Working Group “Security, Safety and Ethics” establishes close collaboration with other Working Groups within EFMI and beyond for securing their ICT solutions for health and for promoting the awareness on security and privacy in this domain. It realises close relationships with and supports the IMIA WG 4 the European perspectives.

Activities:

  • The EFMI Working Group ”Security, Safety and Ethics” organises conference, conference sessions, workshops, tutorials and training courses on the security and privacy field, especially using the framework of EFMI Conferences and other MI events such as MEDINFO.
  • The EFMI Working Group ”Security, Safety and Ethics” publishes scientific and practical papers and materials, especially using EFMI-related groups and means such as the EFMI WG ”Education”, ”Public Relations” and the International Journals of Medical Informatics.
  • During 2005 - 2006, a working conference has been organised in co-operation with the EFMI Working Group ”Electronic Health Records”.
  • Furthermore, a tutorial was given in co-operation with IMIA WG 4 during MEDINFO 2004. The Chair acted as Conference Organiser, Chair of the Scientific Programme Committee as well as Keynote Speaker.
  • EFMI Workshop on EHR Security within the framework of the International Conference for Medical Communications and Compunetics (ICMCC; 2-4 June 2004, The Hague, The Netherlands), organised in co-operation with the EFMI WG ”Security” and the GMDS Working Group ”Standards for communications and interoperability” EFMI WG SSE Security, Safety and Ethics (Continued)
  • EHR Working Group Meeting during the MIE 2003 in St. Maló (managed by Ragnar Nordberg)
  • IMIA WG4 Working Conference ”Realising Security of Electronic Health Record” (31 may – 3 June 2003, Varenna, Italy)

Activities January – December 2007:
Following activities have been realised:

  • Workshop of EFMI WG “Security, Safety and Ethics” at the EFMI Special Topic Conference 2007, 30 May - 1 June 2007 in Brijuni, Croatia
    The aforementioned workshop dealt with the following issues:
    • Paradigm change towards Personal Health
    • Legal requirements and technical solutions for trustworthy pan-European eHealth services
    • The challenge of ID Management and entity tracking in eHealth.
    • Challenge for EHR solutions in B&H to meeting the advanced EU-requirements for security and privacy
    • The use of token in health telematics applications
    • Towards a common approach to an information security management system in healthcare organizations in Slovenia that complies with ISO27001 standard
    • Privacy and Ethics Requirements with Electronic Healthcare Record Systems Implementations
    The results have been jointly published in J.S.Bryden, S.deLusignan, B.Blobel, M.Petrovecki (Edrs.): Medical Informatics in Enlarged Europe. IOS Press and Akademische Verlagsgesellschaft Aka, Berlin 2007.
  • Joint workshop of EFMI Working Groups „Security, Safety and Ethics“ und „Electronic Health Records“ entitled „The Paradigm Change Challenge towards Personal Health“ at the ICMCC 2007, 8-10 June 2007, in Amsterdam, organised by the International Council for Medical and Care Compunetics. The workshop results have been published in: Bos L and Blobel B (Edrs.): Medical and Care Compunetics 4, Series Studies in Health Technology and Informatics, Vol. 127. IOS Press, Amsterdam.
    The workshop has dealt with the following issues:
    • Legal, political, organisational and ethical challenges of the personal health paradigm
    • Semantic interoperability between clinical and public health information systems for improving public health services
    • Architectural challenges of personal health
    • Semantic interoperability of EHR systems
    • Security and privacy issues of personal health
    • Terminology and ontology issues of comprehensively integrated care paradigms
    • The aspect of safety in future care settings
    • eHealth standards – prerequisites for semantic interoperability
    • Quality labelling and certification of EHR systems
  • In cooperation with the IMIA Working Group "Security in Health Information Systems”, the EFMI WG “Security, Safety and Ethics” provided the tutorial “Modeling and Implementing Embedded Security and Privacy Services for Sustainable Health Information Systems“ at MEDINFO 2007 in Brisbane. The tutorial organised and successfully submitted by the EFMI WG Chair, has been realised by Bernd Blobel in cooperation with Francois Allaert (France), Ted Cooper (USA) and Jeff Collman (USA).
  • The Chair of the EFMI WG „Security, Safety and Ethics“ participated on invitation in the Global Security Panel at MEDINFO 2007.
  • Contribution to the International Conference „eHealth: Combining Health Telematics, Telemedicine, Biomedical Engineering and Bioinformatics to the Edge“, 2-5 December 2007 in Regensburg. The results will be published in B.Blobel, P.Pharow and M.Nerlich (Edrs.): eHEALTH: Combining Health Telematics, Telemedicine, Biomedical Engineering and Bioinformatics to the Edge – Global Experts Summit Textbook. Series Studies in Health Technology and Informatics, Vol 134, IOS Press, Amsterdam 2008 as well as in B.Blobel, P.Pharow, J.Zvarova and D.M.Lopez (Edrs.): Combining Health Telematics, Telemedicine, Biomedical Engineering and Bioinformatics to the Edge – CeHR 2007 Conference Proceedings. IOS Press and Akademische Verlagsgesellschaft Aka, Berlin 2008.
  • The Chair attended as invited EFMI WG expert several workshops and conferences organised by the European Commission.

Activities July 2006 – May 2007::

  • Working Group Meeting of EFMI WG “Security, Safety and Ethics” during the MIE 2006 “Ubiguity: Technologies for Better Health in Aging Societies”, 27-30 August 2006 in Maastricht, The Netherlands.
  • Tutorial “Distributed Health Information Systems and Health Networks: Architecture, Policies, Models, Security and Privacy Requirements and Solutions” at the MIE 2006 “Ubiguity: Technologies for Better Health in Aging Societies”, 27- 30 August 2006 in Maastricht,The Netherlands, in co-operation with the IMIA WG4 “Security”. The toturial has been presented by Bernd Blobel, supported through Ragnar Nordberg (Sweden), Kees Louwerse (The Netherlands) and Peter Pharow (Germany).
  • Workshop of EFMI WG “Security, Safety and Ethics” at the EFMI Special Topic Conference 2007, 30 May - 1 June 2007 in Brijuni, Croatia .
The aforementioned workshop deals with the following issues:
  • Paradigm change towards Personal Health
  • Legal requirements and technical solutions for trustworthy pan-European eHealth services
  • The challenge of ID Management and entity tracking in eHealth.
  • Challenge for EHR solutions in B&H to meeting the advanced EUrequirements for security and privacy
  • The use of token in health telematics applications
  • Towards a common approach to an information security management system in healthcare organizations in Slovenia that complies with ISO27001 standard
  • Privacy and Ethics Requirements with Electronic Healthcare Record Systems Implementations
    The results have been jointly published at IOS Press Amsterdam/ Akademische Verlagsgesellschaft Aka GmbH Berlin

    Next activities:
    The EFMI WG “Security, Safety and Ethics” provides support of, and contributions to, conferences, tutorials, and other activities on the EFMI WG’s topics. In detail, the following activities will be performed:

    • Joint workshop with EFMI Working Group „Security, Safety and Ethics” at the MIE 2008, 24-28 May 2008 in Gotenburg, Sweden.
    • WG Meeting at the MIE 2008, 24-28 May 2008 in Gotenburg, Sweden.
    • Joint workshop with EFMI Working Group „Security, Safety and Ethics” at the ICMCC 2008, 9-11 June 2008 in London, UK.
    • Contributions to the preparation of the Conference of IMIA WG “Security in Health Information Systems”, 22-25 November 2007, Hiroshima, Japan
    • In the European BioHealth Project (Security and Identity Management Standards in eHealth including Biometrics-Specific Requirements having an Impact on the European Society and on Standardisation), the work of the EFMI Working Group „Security, Safety and Ethics“ continues to provide an essential basis in combination with the WG members’ engagement in standardisation.

    Publications:
    Original Papers

    • Moehr JR, Allaert FA, Kluge E-H, Quantin C and Roger France F (2007) Editorial. International Journal of Medical Informatics 76, 5-6 (2007) pp. 395–397.
    • Recommendations. International Journal of Medical Informatics 76, 5-6 (2007) pp. 398–399.
    • Eike-Henner W. Kluge (2007) Secure e-Health: Managing risks to patient health data International Journal of Medical Informatics 76, 5-6 (2007) pp. 402–406.
    • Boyd AD, Hosner C, Hunscher DA, Athey BD, Clauw DJ and Green LA (2007) An ‘Honest Broker’ mechanism to maintain privacy for patient care and academic medical research. International Journal of Medical Informatics 76, 5-6 (2007) pp. 407–411.
    • Ishikawa K, Ohmichi H, Umesato Y, Terasaki H, Tsukuma H, Iwata N, Tanaka T, Kawamura A, Sakata K, Sainohara T, et al. (2007) The guideline of the personal health data structure to secure safety healthcare: The balance between use and protection to satisfy the patients’ needs. International Journal of Medical Informatics 76, 5-6 (2007) pp. 412–418.
    • Quantin C, Cohen O, Riandey B and Allaert FA (2007) Unique Patient Concept: A key choice for European epidemiology. International Journal of Medical Informatics 76, 5-6 (2007) pp. 419–426.
    • Scott RE (2007) e-Records in health—Preserving our future. International Journal of Medical Informatics 76, 5-6 (2007) pp. 427-431.
    • Becker MY (2007) Information governance in NHS's NPfIT: A case for policy specification. International Journal of Medical Informatics 76, 5-6 (2007) pp. 432-437.
    • Bakker AR (2007) The need to know the history of the use of digital patient data, in particular the EHR. International Journal of Medical Informatics 76, 5-6 (2007) pp. 438-441.
    • Lekkas D and Gritzalis D (2007) Long-term verifiability of the electronic healthcare records’ authenticity. International Journal of Medical Informatics 76, 5-6 (2007) pp. 442-448.
    • Ruotsalainen P and Manning B (2007) A notary archive model for secure preservation and distribution of electrically signed patient document. International Journal of Medical Informatics 76, 5-6 (2007) pp. 449-453.
    • Blobel B (2007) Comparing approaches for advanced e-health security infrastructures. International Journal of Medical Informatics 76, 5-6 (2007) pp. 454–459.
    • Peter R Croll and Jasmine Croll (2007) Investigating risk exposure in e-health systems. International Journal of Medical Informatics 76, 5-6 (2007) pp. 460–465.
    • Lovis C, Spahni S, Cassoni N and Geissbuhler A (2007) Comprehensive management of the access to the electronic patient record: Towards trans-institutional networks. International Journal of Medical Informatics 76, 5-6 (2007) pp. 466–470.
    • Agrawal R and Johnson C (2007) Securing electronic health records without impeding the flow of information. International Journal of Medical Informatics 76, 5-6 (2007) pp. 471–479.
    • Anderson JG (2007) Social, ethical and legal barriers to E-health. International Journal of Medical Informatics 76, 5-6 (2007) pp. 480–483.
    • Wozak F, Schabetsberger T and Ammmenwerth E (2007) End-to-end Security in Telemedical Networks – A Practical Guideline. International Journal of Medical Informatics 76, 5-6 (2007) pp. 484–490
    • Implementing security in a distributed web-based EHCR Pages 491-496 Snezana Sucurovic
    • Blobel B, Pharow P (2007) A Model-Driven Approach for the German Health Telematics Architectural Framework and Security Infrastructure. International Journal of Medical Informatics 76, 2-3 (2007) pp. 169-175

    Contributions of the EFMI Working Group to EFMI STC 2007 Proceedings published in Bryden JS, de Lusignan S, Blobel B, Petrovecki M (Edrs.): Medical Informatics in Enlarged Europe. IOS Press and Akademische Verlagsgesellschaft Aka GmbH, Berlin 2007.

    • Bernd BLOBEL, Peter PHAROW: Paradigm Change towards Personal Health 97
    • Christian LOVIS: The Challenge of Identification Management and Entity Tracking in eHealth 103
    • Miroslav KONČAR, Ljerka LUIĆ: Privacy and Ethics Requirements with Electronic Healthcare Record Systems Implementations 108
    • Drago RUDEL, Mitja KOZAR, Stanko PUŠNIK: Common Approach to Healthcare Information Security Management in Slovenia Using ISO 27799 114
    • Artur A. LENDYAK: InternetSystems of Medical and Pharmaceutical Information in Ukraine 120
    • Peter PHAROW, Bernd BLOBEL: Legal Requirements and Technical Solutions for Trustworthy PanEuropean eHealth Services 126
    • Izet MAŠIĆ, Haris PANDŽA: Challenge for EHR Solutions in Bosnia and Herzegovina to Meeting the Advanced EU Requirements for Security and Privacy 133

    Chair:
    PD Dr. Bernd Blobel, Ph.D., Associate Professor
    Head of the eHealth Competence Center
    University of Regensburg Medical Center
    Franz-Josef-Strauß-Allee 11
    D-93042 Regensburg
    Email: This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
    eHealth