Dependability requirements and security architectures for the healthcare/medical sector

Abstract

Firstly the legal and technical aspects of the healthcare area are introduced from a general dependability viewpoint, to clarify the global approach of this article. Then are detailed those main security properties mostly required by any healthcare information system including responsibility. A focus is proposed on different aspects of the confidentiality property. A classification of the generic TTP concept is then detailed with legal and technical considerations and three forms and variants of such TTPs are distinguished. Anonymisation techniques are described that can be applied for privacy requirements that can be expressed by the healthcare area and reusable by any other sector. After some recommendations on the interoperability of such TTP architectures, it is extracted, from all these theoretical concepts and some mentioned applied projects of the healthcare sector, a framework for a global approach towards more secure and more dependable health information systems and exchanges.