Secure authentication and authorization design for rural-based healthcare institutions
Version of Record online: 26 AUG 2008
Copyright © 2008 John Wiley & Sons, Ltd.
Security and Communication Networks
Special Issue: SI on Clinical Information Systems (CIS) Security
Volume 1, Issue 5, pages 407–415, September/October 2008
How to Cite
Hembroff, G. and Cai, Y. (2008), Secure authentication and authorization design for rural-based healthcare institutions. Security Comm. Networks, 1: 407–415. doi: 10.1002/sec.41
- Issue online: 23 SEP 2008
- Version of Record online: 26 AUG 2008
According to National Rural Health Association, the rural-based healthcare institutions serve approximately a quarter of the U.S. population. The Health Insurance Portability and Accountability Act (HIPAA) mandates that patient information can only be accessed by authorized personnel. The complexity of this task increases significantly when associated with a rural healthcare network due to a combination of factors, including economic disadvantages, educational shortcomings, inadequate infrastructure, lack of support by legislators, the sheer isolation of living in remote rural areas, and frequent needs to share patient's information across hospitals.
This paper analyzes a rural healthcare network in Michigan's Upper Peninsula and introduces the Security for Clinical Authorization and Authentication on Health Care Networks (SCAAHN) system. A centralized repository is configured to store health level 7 (HL7) data from various healthcare organizations affiliated with the common network. Standard Electronic Medical Records (EMRs) containing patient's information can be securely accessed by authenticated and authorized personnel throughout the healthcare network. The preliminary results indicate that SCAAHN within the rural healthcare architecture has enhanced the authentication and authorization of patient records, and provided secure access to patient's information via a web portal interface. Copyright © 2008 John Wiley & Sons, Ltd.