An authentication architecture for healthcare information systems

a well-written and implemented policy contains sufficient information on what must be done to protect the organization's data. According to the Health Insurance Portability and Accountability Act [1] and ISO 1779 [2], which is based upon BS7799, authentication mechanisms are defined as part of the security policy that a healthcare information system should follow. The distributed nature of the healthcare delivery system suggests the need for authenti-cation mechanisms that are not location or machine dependent. That is, the technology used to assure the identity of a specific user must offer the flexibility to allow that user to gain access to information from remote locations. System specifications should make provisions to allow authorized users multiple points of access using a standard mobile identification credential [3]. In this paper, we propose an authentication architecture for healthcare information systems and an underlying authentication protocol that exploits the benefits of using modern cryptographic techniques [4]. The architecture focuses on the authentication of users who request access to the resources of a healthcare information system through the fixed network or the Web. Healthcare information systems (HIS) are characterized by the need to support specific requirements for the protection of personal and medical patient data usually stored in distributed database systems due to the increased mobility of the patient populations. As a result, a patient's computerized medical information is accumulated in a variety of locations and it may be accessed via remote workstations and complex networks supporting one or more organizations [5]. A critical point concerning the security of healthcare information systems is the assurance of patient privacy by restricting access to the medical record (especially sensitive information) to authorized users only. This concern becomes more and more important in distributed environments. However, the increased risk in this case does not come so much from transmitting the information through the network, where strong encryption algorithms can be used sufficiently, but from the huge number of users requiring access and the difficulty in verifying their identity and evaluating their clearance to do so. Security of HIS requires the use of special security policies that are able to preserve all three security components at the same time: The medical community is moving towards an environment where automated patient medical records and electronically interconnected health-care facilities are prevalent. The primary reason is that the electronic healthcare record, coupled with the electronic networking of hospitals, can provide healthcare organizations with …