The European TrustHealth Project experiences with implementing a security infrastructure

Abstract

Accepting the shared care paradigm, communication and co-operation required between health care establishments must be provided in a trustworthy way. The solution for establishing such trustworthy environment has to be based on a common policy framework, on services, and mechanisms, which have been standardised. In Europe, the legal framework, other policy issues, and the services and mechanisms needed have been developed within projects launched by the European Commission, by the European standards body CEN as well as by temporarily established groups. Within the European TrustHealth projects, a security infrastructure for trustworthy health telematics applications has been specified, implemented, and evaluated. It is based on Health Professional Cards and Trusted Third Party services. Experiences regarding organisational and technological implications of the specification, implementation, maintenance, and evaluation of such a security infrastructure are described on the basis of the ONOCONET example. For the complete software lifecycle, the UML methodology has been deployed.