The implementation of IHE ATNA for the EHR system

The health record in the Electronic Health Record (EHR) system is more sensitive than demographic. It raises the important issue for the EHR requirement in privacy, security, audit trail, patient access, and archiving and data retention. The studies about the EHR system security are deficient. The aim of this study is to build a security environment for the EHR system by Integrating the Healthcare Enterprise (IHE) Audit Trail and Node Authentication Security (ATNA) profile. The CDAs can be access in a secure EHR environment.

Authors:

• Sheng-Chi Tseng
• Der-Ming Liou

Keywords:

• IHE ATNA
• EHR security.

References:

[1] D. A. Ludwick and J. Doucette, "Adopting electronic medical records
in primary care: Lessons learned from health information systems
implementation experience in seven countries," International Journal
of Medical Informatics, vol. 78, pp. 22-31, 2009.
[2] H. van der Linden, D. Kalra, A. Hasman, and J. Talmon,
"Inter-organizational future proof EHR systems: A review of the
security and privacy related issues," International Journal of Medical
Informatics, vol. 78, pp. 141-160, 2009.
[3] J. A. Kaelber DC, Johnston D, Middleton B, Bates DW., "A research
agenda for personal health records (PHRs)," J Am Med Inform Assoc,
vol. 15, pp. 729-36. Epub 2008 Aug 28., Nov-Dec 2008.
[4] "Supporting Multi-State Collaboration on Privacy and Security to
Foster Health IT and Health Information Exchange," p. 871., 2008.
[5] "Access Control and Data Integrity in Medical Records," Pediatrics,
vol. 98, p. 538, 1996.
[6] P. E. Kaelber DC, "The Value of Personal Health Record (PHR)
Systems," pp. 343-7., 2008.
[7] "United States Deparment of Health and Human Services."
[8] A. Atreja, S. M. Gordon, D. A. Pollock, R. N. Olmsted, and P. J.
Brennan, "Opportunities and challenges in utilizing electronic health
records for infection surveillance, prevention, and control," American
Journal of Infection Control, vol. 36, pp. S37-S46, 2008.
[9] "No.603, Judical Yuan interpretationthe , Judicies of Consitutional
Court in 2005."
[10] "¶Çø®¶Ç¿Ö¶Ç│â¶Çùî¶Ç½á¶Ç╣á¶üꢶüå░¶Ç╣á¶ÇÀ╗¶Ç¼í¶Çö│¶üçÀ¶Ç«▒¶Çªà¶üÑ¿¶Çñä."
[11] "Free and open source enabling technologies for patient-centric,
guideline-based clinical decision support: a survey," Yearb Med
Inform, pp. 74-86, 2007.
[12] "IHE IT Infrastructure Technical Framework Volume 1 (ITI TF-1)
Integration Profiles."
[13] "IHE IT Infrastructure Technical Framework Supplement 2004-2005
Audit Trail and Node Authentication Profile (ATNA)."
[14] "IHE Cross-enterprise Document Sharing for Imaging."
[15] "IHE Infrastructure Profile Overview," 2006.
[16] C. P. Nemeth, R. I. Cook, and R. L. Wears, "Studying the Technical
Work of Emergency Care," Annals of Emergency Medicine, vol. 50, pp.
384-386, 2007.
[17] "HL7."
[18] J. Choe and S. K. Yoo, "Web-based secure access from multiple
patient repositories," International Journal of Medical Informatics,
vol. 77, pp. 242-248, 2008.
[19] "European Comittee for Standardization."
[20] G. Goth, "Global Information Health Networks Get a Boost," IEEE
Distributed Systems Online, vol. 7, p. 4, 2006.
[21] e. Lodewijk Bos, Inc, L. Roa, K. Yogesan, Andy Marsh, Medical and
Care Compunetics 3: IOS Press, 2006.