Securing cross-border exchange of ehealth data in the EU
|
|
- Letitia Carson
- 6 years ago
- Views:
Transcription
1 Securing cross-border exchange of ehealth data in the EU Ioannis Komnios KONFIDO Project Coordinator EXUS Software Ltd, NCSR "Demokritos", Athens, Greece
2 KONFIDO means Trust in Esperanto 2
3 KONFIDO Consortium 15 partners 7 countries 2 pilots 3
4 Cross-Border ehealth Data Retrieval Country B Data Request Patient Data Country A Country B should be aware of: Data formats and protocols of every country A The national infrastructure of every country A Regulations of every country A 4
5 ehdsi and OpenNCP OpenNCP is the technical outcome of the epsos project OpenNCP is a part of the ehealth Digital Service Infrastructure (ehdsi) and allows for the exchange of ehealth Data in Europe 5
6 The epsos Mediated Approach 20th March
7 Pillars for ehealth Interoperability in EU Existing nationalhealthcare infrastructures/legislation remain unchanged Member States are reluctant to accept impositions on their own legislation Trust among Member State (MS) is based on contracts and agreed policies The National Infrastructure (NI) of a MS never checks for security messages from the NI of another MS Information is exchanged but not shared. Any OpenNCP user MAY NOT modify an original document from abroad. The user retrieves a "read-only" document. 7
8 Security Assessment of epsos Security of communications is ensured by employment of cryptography and secure protocols Security of communicating parties is not enforced by technical means It is instead assumed by legally binding agreement No protection is offered against propagation of cyberattacks Instead, attacks which success in compromising a NI can exploit NCP to propagate to other countries These security aspects were out of scope of epsos 8
9 Here comes 9
10 1 st Pillar Enhancement of the trust and security of interoperable ehealth services 10
11 Six state-of-the-art Technologies Exploit the new security extensions of COTS CPUs for creating protected execution environments for ehealth applications Develop novel photonic encryption key generation technologies Build an efficient homomorphic encryption mechanism supporting secured health data storage, processing and exchange Develop customized SIEM solutions for real-time monitoring of the security of ehealth applications Implement disruptive logging and auditing mechanisms Design and implement a eidascompliant eid infrastructure 11
12 Conceptual view of KONFIDO architecture eidas KONFIDO is a modular set of tools that can be composed to improve resiliency 12
13 Trusted Execution Environment (Intel SGX) Application splitted in: Trusted and Untrusted parts App runs & creates enclave which is placed in trusted memory Only code running inside enclave sees data in clear 13
14 20th March
15 OpenNCP PS Transformation HCP 1-Ask for PS 2-Verify Authenticity of HCP 3-Send Request NI-B 12-Encrypt and return PS 11-Translate PS 10-Decrypt PS NCP-B 4-Verify Authenticity of NCP-A 5-Send Request National PS Infrastructure 9-Encrypt and send PS 8-Transcode PS 7-Decrypt PS 6-Encrypt and Return PS NI-A NCP-A 15
16 Homomorphic Encryption Parties: User private data owner Server owner of algorithm Goal: Server executes algorithm on HE data User obtains algorithm result on private data Can perform analysis on medical data without violating the patients privacy 16
17 Photonic Unclonable Function (PUF) Challenge Bit string (seed) Optical stimulus Electronic circuit Photonic Token Physical object Response Bit string (key) Image (speckle) Deterministic operation Same PUF-challenge allow the same response! PUF characteristics : Repeatability robustness Immunity to noise: The same object, challenge generates the same response Practically impossible to replicate unclonability Computationally unrealistic to simulate unpredictability Immunity to replication even by malicious manufacturer Immunity to machine learning, brute force, or simulation 17
18 KONFIDO SIEM A Security Information & Event Monitoring (SIEM) component is needed, in order to: Support a distributed analysis of high volumes of data Discover anomalies in the normal operation of the healthcare security system Protect the OpenNCP infrastructure from distributed attacks (ex. DDoS) 18
19 Disruptive Logging and Auditing Provides traceability and liability support Based on the blockchain design pattern Logs all privacy-critical operations A legally binding system based on blockchain auditing that allows to prove that specific ehealth data: Have been requested by a legitimate entity Have been provided (or not) 19
20 Blockchain-based logging and consent 20
21 eidas Authentication OpenNCP deals with: Physicians Pharmacists Patients eidas authentication refers to how these different users authenticate with OpenNCP with eidas compliant identities 21
22 OpenNCP Reference Architecture Country 3 Country 1 Level 3 EHR Level 2 NCP 3 Country 1 Level 3 EHR Level 2 Hospital National Infrastructure Health Center NCP 1 OpenNCP NCP 2 Hospital National Infrastructure Health Center Mobile Devices General Practitioner Triage Home Care Mobile Devices General Practitioner Triage Home Care Level 1 Level 1 22
23 After KONFIDO Deployment Country 3 KONFIDO TEE Country 1 NCP 3 Country 2 KONFIDO TEE KONFIDO TEE KONFIDO TEE KONFIDO TEE National Infrastructure NCP 1 NCP 2 National Infrastructure Trusted Execution Environment (TEE) Communication Channel 23
24 After KONFIDO Deployment Country 3 KONFIDO Country 1 KONFIDO National Infrastructure TEE KONFIDO NCP 1 TEE NCP 3 TEE KONFIDO NCP 2 TEE Country 2 TEE KONFIDO-SIEM C-1 Konfido-SIEM C-2 HE-Data Processing Real-Time Data Processing TEE HOOKS TEE PUF KONFIDO SERVICES/APIs eidas Auditing Services HE Homomorphically Encrypted Data Encrypted Data Plain data 24
25 2 nd Pillar Continuous validation and proof of concept demonstrations 25
26 Validation Pilots Pilot sites in: Italy Denmark Spain 26
27 Pilot 1: Cross-border health data exchange across EU Goes to hospital Kenneth Authentication with eid Barcelona Healthcare Professionals Authentication with eid May Access Kenneth s health information May provide new information from new potential clinical interventions Denmark Professionals May Access the information provided by BCN May spot potential clinical problems May follow-up an accident Other Apps May provide extra information 27
28 Pilot 2: Secure cross-region and cross-border mobility for emergency management and patient empowerment Accident Paramedics in ambulance Mobile application Authentication User consent implications Chronic patients Retrieving information Authentication May Access Anna and Cristina s health information data Multiple Fonts Access (Pausil Database, Private Clinic Database) Telemonitoring App Monitors Anna on holidays Sends medical information remotely to Italy Professionals Italy: track Anna s health on holidays Barcelona: Access Anna s records in case of emergency 28
29 3 rd Pillar Focus on stakeholders, improving user acceptance, adhering to standards and legal and ethical directives 29
30 Objectives Adhere to existing National and European legal directives and ethical norms Achieve wide acceptance of KONFIDO s solutions Achieve wide user engagement steering KONFIDO s solutions Define appropriate business models and a go-tomarket strategy 30
31 KONFIDO outcome Smartly integrate the different components/tools into a universal security toolbox to provide a complete packaged security solution to ehealth/mhealth Uniform, seamless and interoperable interface, operating under a common security and privacy framework Consideration of legal, operational/policy and ethical aspects 31
32 Co-funded by the Horizon 2020 Framework Programme of the European Union under Grant Agreement nº Partners EXUS (Coordinator), CERTH, CINI, CEA, TLX, EULAMB, TLB, EURECAT, MEDCOM, ICL, BIT4ID, PAUSIL, SUNDHED, AQUAS, IDIBAPS
ehealth Network ehealth Network Governance model for the ehealth Digital Service Infrastructure during the CEF funding
ehealth Network Governance model for the ehealth Digital Service Infrastructure during the CEF funding 1 The ehealth Network is a voluntary network, set up under article 14 of Directive 2011/24/EU. It
More informationInteroperability Infrastructure Services
Athens, October 23 rd, 2017 Interoperability Infrastructure Services to enable Secure, Cross-Border, Operational ehealth Services in Europe Dimitrios G. Katehakis, Foundation for Research and Technology
More informationCEF eid SMO The use of eid in ehealth. ehealth Network meeting 7 June 2016 Amsterdam
CEF eid SMO The use of eid in ehealth ehealth Network meeting 7 June 2016 Amsterdam Agenda Introduction to the study Introduction to eidas Regulation and CEF eid Identification/ authentication for ehealth
More informationehealth Network Recommendations on Country Guide for ehealth NCP implementation
Recommendations on Country Guide for ehealth NCP implementation The ehealth Network is a voluntary network, set up under article 14 of Directive 2011/24/EU. It provides a platform of Member States' competent
More informationStatus of the 2015 CEF call of setting up the ehealth DSI National Contact Points
ehealth Network meeting 7.6.2016 Status of the 2015 CEF call of setting up the ehealth DSI National Contact Points Tapani Piha Head of Unit Cross-Border Healthcare and ehealth Health Systems, Medical Products
More informationRegulating Telemedicine: the
Regulating Telemedicine: the EU perspective ETSI ehealth workshop On telemedicine 6-7 May 2014 Céline Deswarte, Policy officer Unit Health and Well-Being European Commission i Table of Contents t 1) Legal
More informationehealth action in the EU
ehealth action in the EU ehealth for smart and inclusive growth 13 February 2014 Jerome Boehm DG SANCO ehealth and Health Technology Assessment General Health Objectives of the EU cooperation on ehealth
More informationHow the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015
How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 Claudia Prettner, Unit for Health and Well-Being, DG CONNECT Table of
More informationehealth in Europe: at the convergence of technology, medicine, law and society
ehealth in Europe: at the convergence of technology, medicine, law and society Pēteris Zilgalvis, J.D. Head of Unit, ICT for Health DG Information Society and Media, European Commission IPTS Spring Meeting,
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration
ehealth Ministerial Conference 2013 Dublin 13 15 May 2013 Irish Presidency Declaration Irish Presidency Declaration Ministers of Health of the Member States of the European Union and delegates met on 13
More informationehaction Joint Action to Support the ehealth Network
Stakeholder Engagement - Consultation (22 August 2017) ehaction Joint Action to Support the ehealth Network 3 rd Joint Action to Support the ehealth Network Open Consultation 1 Participants of the 3 rd
More informationM HEALTH SHARING INDUSTRIAL VISION AND EXPERIENCE. Dr Beatrice Falise Mirat COCIR Business and Innovation Committee ehealth Member Orange Healthcare
M HEALTH SHARING INDUSTRIAL VISION AND EXPERIENCE Dr Beatrice Falise Mirat COCIR Business and Innovation Committee ehealth Member Orange Healthcare M HEALTH : A REALITY Definition: Mobile health (m health)
More informationehealth and DSM, Digital Single Market
ehealth and DSM, Digital Single Market Dr. Christoph Klein Interoperable data, access and sharing ehealth, Wellbeing and Ageing DG Communications Networks, Content and Technology European Commission, Luxembourg,
More informationEC (DG SANTE) The ehealth DSI , Solution Provider
EC (DG SANTE) The ehealth DSI 2017-04-05, Solution Provider Materials prepared by the ehdsi Solution Provider Topics tackled 1. CEF ehealth DSI (ehdsi) 2. Use Cases: Patient Summary and eprescription 3.
More informationEHR SECURITY POLICIES & SECURITY SITE ASSESSMENT OVERVIEW WEBINAR. For Viewer Sites
EHR SECURITY POLICIES & SECURITY SITE ASSESSMENT OVERVIEW WEBINAR For Viewer Sites Agenda 1 Introduction and EHR Security Policies Background 2 EHR Security Policy Overview 3 EHR Security Policy Assessment
More informationEuropean Commission Initiatives in telemedicine Presentation endorsed by the European Commission
European Commission Initiatives in telemedicine Presentation endorsed by the European Commission Nicole Denjoy COCIR Secretary General How does the EU contribute to the large-scale deployment of telemedicine?
More informationInfrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA
Security and resilience for ehealth Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA European Union Agency For Network And Information Security Securing Europe
More informationOpenNCP National Connector in Finland
OpenNCP Boot Camp OpenNCP National Connector in Finland Konstantin Hyppönen (FI) 26.1.2017 So, we have an OpenNCP installation, what s next? Develop a national connector (examples supplied) Communication
More informationH2020 WP Cybersecurity PPP topics
Info Day 2017 SC7 Secure Societies 06-07/03/2017 H2020 WP 2017 - Cybersecurity PPP topics Rafael Tesoro Cybersecurity & Digital Privacy, DG CNECT Cyberspace: a backbone of digital society & economic growth
More informationTowards a European Cloud Computing Strategy
Towards a European Cloud Computing Strategy Jorge Gasós European Commission Information Society and Media Directorate General Trust and Security Unit Security, privacy, and trust in the information society
More informationImplementation of cross-border eprescription services. Päivi Hämäläinen, THL, Finland 14 May ehealth Forum, Athens
Implementation of cross-border eprescription services Päivi Hämäläinen, THL, Finland 14 May 2014 2014 ehealth Forum, Athens 28.1.2014 Päivi Hämäläinen, THL, 2014 ehealth Forum, Athens, 14 May 2014 2 IHE
More informationepsos Semantic Interoperability Semantic Days 2010 June 1 st, 2010 Stavanger, Norway
epsos Semantic Interoperability ANA ESTELRICH,, ASIP Santé, epsos WP3.5 leader Semantic Days 2010 June 1 st, 2010 Stavanger, Norway epsos Europe wide large scale pilot on cross border interchange of patient
More informationehealth Network Multiannual Work Programme "ehealth in support for better health"
Multiannual Work Programme 2018-2021 "ehealth in support for better health" Proposal by the ehealth Network MWP sub-group 31 October 2017 The ehealth Network is a voluntary network created under article
More informationThe MovingLife Project
The MovingLife Project MObile ehealth for the VINdication of Global LIFEstyle change and disease management solutions Stakeholders Conference The MovingLife Roadmaps Brussels 18 April 2013 Alessio Gugliotta
More informationehealth EIF ehealth European Interoperability Framework European Commission ISA Work Programme
ehealth EIF ehealth European Interoperability Framework European Commission ISA Work Programme Overall Executive Summary A study prepared for the European Commission DG Connect This study was carried out
More informationChapter 35 ehealth Saskatchewan Sharing Patient Data 1.0 MAIN POINTS
ehealth Saskatchewan Sharing Patient Data 1.0 MAIN POINTS Since 1997, Saskatchewan has been developing a provincial electronic health records system for patients (called the provincial EHR) to allow for
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationAchim Klabunde European Commission DG Information Society & Media
ehealth eten Achim Klabunde European Commission DG Information Society & Media eten-munich 21 April 2005 eten Deploying eservices for all eten-munich 21 April 2005 eten Policy = eeurope 2005 eten supports
More informationReport of the Working Group on mhealth Assessment Guidelines February 2016 March 2017
Report of the Working Group on mhealth Assessment Guidelines February 2016 March 2017 1 1 INTRODUCTION 3 2 SUMMARY OF THE PROCESS 3 2.1 WORKING GROUP ACTIVITIES 3 2.2 STAKEHOLDER CONSULTATIONS 5 3 STAKEHOLDERS'
More informationWhat's next after epsos has entered into operational mode? From record to endurance. Marcello Melgara Lispa / Regione Lombardia DG Salute
What's next after epsos has entered into operational mode? From record to endurance Marcello Melgara Lispa / Regione Lombardia DG Salute epsos in Pils Page 2 epsos Consortium is composed by 48 beneficiaries
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationENISA Cooperation in the EU / NIS Directive
ENISA Cooperation in the EU / NIS Directive Paulo Empadinhas Head of Administration & Stakeholders Relations IT STAR Milan, Italy 28 th October 2016 European Union Agency for Network and Information Security
More informationDigital Security. Rafael Tesoro Carretero DG CNECT, Unit H1 - Cybersecurity & Digital Privacy
Digital Security Rafael Tesoro Carretero DG CNECT, Unit H1 - Cybersecurity & Digital Privacy Introduction Contents Grants - Call for proposals in Digital Security Horizon Prize - Online seamless authentication
More informationEnhancing Critical Infrastructure Protection with innovative SECurity framework
Enhancing Critical Infrastructure Protection with innovative SECurity framework Manos Athanatos FORTH-ICS, Distributed Computing Lab H2020 SAINT Project Workshop 20/03/2018 The research leading to these
More informationmhealth: Privacy Challenges in Smartphone-based Personal Health Records and a Conceptual Model for Privacy Management
mhealth: Privacy Challenges in Smartphone-based Personal Health Records and a Conceptual Model for Privacy Management ehealth Workshop 28-29 Oct 2014 Middlesex University, London, UK Edeh Esther Omegero
More informationCross border eservices STORK 2.0
Cross border eservices STORK 2.0 Frank LEYMAN EEMA / BCS Thought Leadership Seminar December 2nd, 2014, London Stork 2.0 is an EU co funded project INFSO ICT PSP 297263 STORK Phase 1 Key facts Project
More informationCEF ehealth DSI 2018 Technical Boot Camp State of Play
CEF ehealth DSI 2018 Technical Boot Camp State of Play 2018-04-25 to 26, Brussels Materials prepared by the ehdsi Solution Provider Session topics 1. CEF Funding 2. Core Services Platform 3. Core Services
More informationThe Potential for Blockchain to Transform Electronic Health Records ARTICLE TECHNOLOGY. by John D. Halamka, MD, Andrew Lippman and Ariel Ekblaw
REPRINT H03I15 PUBLISHED ON HBR.ORG MARCH 03, 2017 ARTICLE TECHNOLOGY The Potential for Blockchain to Transform Electronic Health Records by John D. Halamka, MD, Andrew Lippman and Ariel Ekblaw This article
More informationH2020-LEIT-ICT WP European Data Infrastructure ICT-13 Supporting the emergence of data markets and the data economy
H2020-LEIT-ICT WP2018-2020 European Data Infrastructure ICT-13 Supporting the emergence of data markets and the data economy Kimmo Rossi DG CNECT.G1 Data Policy and Innovation Unit Problem statement Sharing
More informationCan ehealth help the Slovak healthcare system? Results and lessons learned from the ehealth strategies survey in EU Member States and EEA countries
Can ehealth help the Slovak healthcare system? Results and lessons learned from the ehealth strategies survey in EU Member States and EEA countries Presenter: Jörg Artmann Supported by Karl Stroetmann,
More informationEU projects for ehealth new ehealth activities in EU
EU projects for ehealth new ehealth activities in EU Judita Kinkorová MEDICAL FAIR ehealth Days BRNO May 14, 2013 CONTENT e-health definition e-health in EU presidency actions CZ presidency 2009, e-health
More informationBirgit Morlion. DG Communications Networks, Content and Technology (DG CONNECT)
Digital transformation of health and care in the Digital Single Market Harnessing the potential of data to empower citizens and build a healthier society DG Communications Networks, Content and Technology
More informationEmerging mhealth: paths for growth. 7 June 2012
Emerging mhealth: paths for growth 7 June 2012 Contents 1 Executive summary 2 mhealth maturity scorecard 3 Key findings 4 Country breakdown of key data 5 Key global contacts 2 1. Executive Summary 3 Executive
More informationII European Reference Networks Conference
II European Reference Networks Conference Sharing information on Healthcare across Europe Lessons from EXPAND Henrique Martins, Zoi Kolitsi Lisbon, 8 th October 2015 Expanding Health Data Interoperability
More informationCERT Symposium: Cyber Security Incident Management for Health Information Exchanges
Pennsylvania ehealth Partnership Authority Pennsylvania s Journey for Health Information Exchange CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013 Pittsburgh,
More informationEmpowering Citizens through phealth
phealth 2009 The 6-th 6 International Workshop on Wearable Micro and Nano Technologies for personalised Health Oslo June 25 th 2009 Empowering Citizens through phealth The EU Agenda Roberto Giampieretti
More informationEuropean Directives and reglements for Information security
Е а а И ац а *** European Directives and reglements for Information security Krassi BOGDANOVA LISO for the Secretariat-General, the Cabinets of Commissioners and the European Political Strategy Centre,
More informationMEDICITY NETWORK ONC CERTIFICATION COST AND LIMITATIONS
MEDICITY NETWORK ONC CERTIFICATION COST AND LIMITATIONS Medicity is proud to offer health IT solutions that are certified under the Office of the National Coordinator for Health Information Technology.
More informationOn the design of a Blockchain-based system to facilitate Healthcare Data Sharing
On the design of a Blockchain-based system to facilitate Healthcare Data Sharing Anastasia Theodouli, Stelios Arakliotis, Konstantinos Moschou, Konstantinos Votis, Dimitrios Tzovaras CERTH / ITI Thessaloniki,
More informationmhealth (Mobile Health)
mhealth (Mobile Health) Foundational Curriculum: Cluster 6: System Connectivity Module 11: Telehealth, Telemedicine and mhealth Unit 2: mhealth (Mobile Health) 35/60 Curriculum Developers: Angelique Blake,
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationCTI BioPharma Privacy Notice
CTI BioPharma Privacy Notice Effective: 29 November 2018 Introduction and Scope CTI BioPharma Corp. ( CTI, our, us ) takes the protection of your personal data very seriously. This Privacy Notice (this
More informationeidas Regulation eid and assurance levels Outcome of eias study
eidas Regulation eid and assurance levels Outcome of eias study Dr. Marijke De Soete Security4Biz (Belgium) ETSI eidas Workshop 24 June 2015 Sophia Antipolis eidas Regulation Regulation on electronic identification
More informationEurope (DAE) for Telehealth
Summary Strategy t at EU Level: Digital it Agenda for Europe (DAE) for Telehealth What; Why; How ehealth and Telehealth in Digital Agenda Key actions What s next What DAE - EC Communication, adopted in
More informationVersion 1/2018. GDPR Processor Security Controls
Version 1/2018 GDPR Processor Security Controls Guidance Purpose of this document This document describes the information security controls that are in place by an organisation acting as a processor in
More informationDigital Healthcare. Yordan Iliev Director R&D Healthcare. Regional Cybersecurity Forum, November 2016, Grand Hotel Sofia, Bulgaria
Digital Healthcare Yordan Iliev Director R&D Healthcare Regional Cybersecurity Forum, 29-30 November 2016, Grand Hotel Sofia, Bulgaria AGENDA Introduction Security challenges in healthcare IT Change ahead
More informationC-ITS in Europe. Gerhard Menzel, DG MOVE 7th ETSI ITS Workshop 26 th of March 2015, Helmond. Transport
C-ITS in Europe Gerhard Menzel, DG MOVE 7th ETSI ITS Workshop 26 th of March 2015, Helmond Why C-ITS? Cooperative Systems understood as "connected mobility": More Connecting improving enhancing optimising
More informationWHO-ITU National ehealth Strategy Toolkit
WHO-ITU National ehealth Strategy Toolkit Context and need for a National Strategy A landscape of isolated islands of small scale applications unable to effectively communicate and to share information
More informationThe European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3
The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3 Andrea.Servida@ec.europa.eu What is at stake with CIIs The World Economic Forum
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationRemote Access to a Healthcare Facility and the IT professional s obligations under HIPAA and the HITECH Act
Remote Access to a Healthcare Facility and the IT professional s obligations under HIPAA and the HITECH Act Are your authentication, access, and audit paradigms up to date? Table of Contents Synopsis...1
More informationEU EHEALTH INTEROPERABILITY,
EU EHEALTH INTEROPERABILITY, STANDARDIZATION AND DEPLOYMENT STRATEGY Benoit Abeloos, Standardization and Interoperability DG CNECT, Health and Wellbeing Unit COCIR Workshop on Importance of Interoperability:
More informationMeeting Report: Face-to-Face meeting of the Task-Force on Interoperable data-sharing in the framework of the operations of ERNs
Meeting Report: Face-to-Face meeting of the Task-Force on Interoperable data-sharing in the framework of the operations of ERNs 30 th June 2016, 9.30-17:00 Venue: Sala 2, Centro de Reuniões da FIL (Lisbon
More informationThe Apple Store, Coombe Lodge, Blagdon BS40 7RG,
1 The General Data Protection Regulation ( GDPR ) is the new legal framework that will come into effect on the 25th of May 2018 in the European Union ( EU ) and will be directly applicable in all EU Member
More informationElectronic Commerce Working Group report
RESTRICTED CEFACT/ECAWG/97N012 4 December 1997 Electronic Commerce Ad hoc Working Group (ECAWG) Electronic Commerce Working Group report SOURCE: 10 th ICT Standards Board, Sophia Antipolis, 4 th November
More informationNational ehealth and esocial strategy 2020 in Finland
National ehealth and esocial strategy 2020 in Finland Knowledge supporting wellbeing and reformed services Teemupekka Virtanen Ministry of Social Affairs and Health Finland Local and regional ehealth situation
More informationSecuring Europe s IoT Devices and Services
Securing Europe s IoT Devices and Services Dr. Evangelos OUZOUNIS Head of Unit - Secure Infrastructure and Services Validation Workshop Berlin 16 October 2015 European Union Agency for Network and Information
More informationHIPAA Regulatory Compliance
Secure Access Solutions & HIPAA Regulatory Compliance Privacy in the Healthcare Industry Privacy has always been a high priority in the health profession. However, since the implementation of the Health
More informationEC (DG SANTE) The ehealth DSI , Solution Provider
EC (DG SANTE) The ehealth DSI 2017-04-04, Solution Provider Materials prepared by the ehdsi Solution Provider Topics tackled 1. CEF ehealth DSI (ehdsi) 2. Use Cases: Patient Summary and eprescription 3.
More informationSecuring IT Infrastructure Improve information exchange and comply with HIPAA, HITECH, and ACA mandates
Securing IT Infrastructure Improve information exchange and comply with HIPAA, HITECH, and ACA mandates Ruby Raley, Director Healthcare Solutions Axway Agenda Topics: Using risk assessments to improve
More informationPrivacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016
Privacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016 Pēteris Zilgalvis, J.D., Head of Unit for Health and Well-Being, DG CONNECT Table of Contents 1. Context
More informationResearch and Innovation Impact of Trust & Security Programme White Paper 2013
Research and Innovation Impact of Trust & Security Programme White Paper 2013 Fabio Massacci, Olga Gadyatskaya (University of Trento) Frances Cleary (Waterford Institute of Technology) Version 1.1 October
More informationHorizon 2020 Security
Horizon 2020 Security Best Practices for Security Proposal Writing Armand Nachef Coordinator of the French Security NCP Consortium, CEA armand.nachef@cea.fr KEY MESSAGES FOR PUTTING TOGETHER A HORIZON
More informationCall for Expressions of Interest
Call for Expressions of Interest ENISA M/CEI/17/T01 Experts for assisting in the implementation of the annual ENISA Work Programme TECHNICAL DESCRIPTION CONTENTS TECHNICAL DESCRIPTION... 3 1. INTRODUCTION...
More informationNew cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017
in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017 European Union Agency for Network and Information Security Positioning ENISA activities CAPACITY Hands on activities POLICY Support MS & COM
More informationThird public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy
Third public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy 14 February 2017 Amsterdam Gerhard Menzel European Commission - DG MOVE Scope:
More informationIMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING
IMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING 1 K.Kamalakannan, 2 Mrs.Hemlathadhevi Abstract -- Personal health record (PHR) is an patient-centric model of health
More informationDeliverable 7.1 M3 m-resist website
H2020-PHC-2014-single-stage PHC-26-2014: Self-management of health and disease: citizen engagement and mhealth Research and Innovation action Deliverable 7.1 M3 m-resist website Version 1.0.0 Status Final
More informationThree Levels of Access Control to Personal Health Records in a Healthcare Cloud
Three Levels of Access Control to Personal Health Records in a Healthcare Cloud Gabriel Sanchez Bautista and Ning Zhang School of Computer Science The University of Manchester Manchester M13 9PL, United
More informationVdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe
Author Date VdTÜV-WG Cybersecurity October, 3 rd 2015 VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe VdTÜV e.v. welcomes the Communication on a
More informationSHOW ME THE MONEY SOCIETAL CHALLENGE 1 [ ] 2 nd Oct 2017
SHOW ME THE MONEY SOCIETAL CHALLENGE 1 [2018-2020] 2 nd Oct 2017 H2020 SC1-eHealth Calls (2018). Agenda Appendix A. Lessons Learned From ESRs. Appendix B. A Quick Guide How To Make A Proposal. Appendix
More informationManaging Trust in e-health with Federated Identity Management
ehealth Workshop Konolfingen (CH) Dec 4--5, 2007 Managing Trust in e-health with Federated Identity Management Dr. rer. nat. Hellmuth Broda Distinguished Director and CTO, Global Government Strategy, Sun
More informationSummary. Strategy at EU Level: Digital Agenda for Europe (DAE) What; Why; How ehealth and Digital Agenda. What s next. Key actions
Summary Strategy at EU Level: Digital Agenda for Europe (DAE) What; Why; How ehealth and Digital Agenda Key actions What s next What DAE - EC Communication, adopted in May 2010 Flagship Initiative of EU
More informationStarflow Token Sale Privacy Policy
Starflow Token Sale Privacy Policy Last Updated: 23 March 2018 Please read this Privacy Policy carefully. By registering your interest to participate in the sale of STAR tokens (the Token Sale ) through
More informationWorkshop on Addressing the Barriers to IPv6 Deployment Spanish use case
Workshop on Addressing the Barriers to IPv6 Deployment Spanish use case Cristina Ramos cristinapilar.ramos@correo.gob.es Agenda Agenda IPv6 addressing plan Barriers Conclusions 1 Background Digital Agenda
More informationElectronic Service Provider Standard
Electronic Service Provider Standard Version: 1.6 Document ID: 3538 Copyright Notice Copyright 2018, ehealth Ontario All rights reserved No part of this document may be reproduced in any form, including
More informationApril 2018 Page 1 of 14
April 2018 Page 1 of 14 Abstract The adoption of cloud and mobile technologies in healthcare is disrupting the services delivery models, and responsibilities and risks for involved actors. By their very
More informatione-sens Electronic Simple European Networked Services
e-sens Electronic Simple European Networked Services Herbert Leitold, A-SIT 2 nd SSEDIC International Identity Initiatives Conference (SIIIC) Rome, July 8 th 2013 Presentation Overview esens - LSP Relation
More informationeid building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics
Introduction to the Connecting Europe Facility eid building block DIGIT Directorate-General for Informatics DG CONNECT Directorate-General for Communications Networks, Content and Technology March 2016
More informationUsing Blockchain for Consent and Access to Private and Sensitive Data in the GDPR Environment
Using Blockchain for Consent and Access to Private and Sensitive Data in the GDPR Environment Gary Leeming, Chief Technology Officer Connected Health Cities, University of Manchester 1 Connected Health
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationIoT and Smart Infrastructure efforts in ENISA
IoT and Smart Infrastructure efforts in ENISA Dr. Dan Tofan IoT workshop BEREC 01.02.2017, Brussels European Union Agency for Network and Information Security Everything becomes connected Manufacturers
More informationEuropean Interoperability Reference Architecture (EIRA) overview
European Interoperability Reference Architecture (EIRA) overview Version 0.8.3 beta 09/01/2015 ISA Action 2.1: European Interoperability Architecture Specific Contract N. 54 Framework contract N. DI/07171
More informationDecrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use
Click to edit Master title style Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use Andy Petrovich, MHSA, MPH M-CEITA / Altarum Institute October 1, 2014 10/1/2014 1 1 Who is
More informationEISAS Enhanced Roadmap 2012
[Deliverable November 2012] I About ENISA The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise for the EU, its Member States, the private
More informationDeveloping an integrated e-health system in Estonia
Developing an integrated e-health system in Estonia Box 1 What problems did the initiative seek to address? Fragmented flow of information between health providers. Poor management of the growing number
More informationHEALTH IN ECSO (European Cyber Security Organisation) 18 October 2017
HEALTH IN ECSO (European Cyber Security Organisation) 18 October 2017 ABOUT THE EUROPEAN CYBERSECURITY PPP A EUROPEAN PPP ON CYBERSECURITY The European Commission has signed on July 2016 a PPP with the
More informationEHR SECURITY POLICIES & SECURITY SITE ASSESSMENT OVERVIEW WEBINAR. For Data Contributor, Identity Provider, or Viewer Sites
EHR SECURITY POLICIES & SECURITY SITE ASSESSMENT OVERVIEW WEBINAR For Data Contributor, Identity Provider, or Viewer Sites Agenda Agenda Items 1 Introduction 2 Background on EHR Security Policies 3 EHR
More informationBlockchain as a Foundation for Sharing Healthcare Data
Blockchain as a Foundation for Sharing Healthcare Data Marek A Cyran 1 Author: 1 Booz Allen Hamilton, Inc., 8283 Greensboro Dr., McLean, VA 22102, United States Corresponding Author: Marek A Cyran at Cyran_Marek2@bah.com
More information