Appendix I – Sources of Security Standards and Security Patterns

Comment

End-to-End security

IHE provides two solutions for End-to-End Security. Where End-to-End security enables an ultimate consuming system to confirm security of data regardless of the pathway the data took.

SOAP end-to-end security -- In this model the communications of the medical sensitive data are protected for confidentiality, integrity, and availability using WS-Security or AS4 security. This model is well suited when Intermediaries are needed to support cross-boarder policies. The AS4 configuration is mandated in the EU for cross-boarder flows.

  • The WS-Security model is integrated into the XDS/XCA/XCPD infrastructure as a named option
  • The AS4 Option is defined in a Trial Implementation supplement 

Document Encryption (DEN) and Document Digital Signatures (DSG) -- In this model the document may be protected from the source to the ultimate destination using Document Encryption and Document Digital Signatures.  This model does not require a single transport type, such as XDS or XCA end-to-end.

  • The Document Digital Signature (DSG) would protect the document regardless of the transitions between transports, using Digital Signature standards. The DSG standard is normative. The DSG  profile can sign any kind of document including CDA and FHIR-Documents. The DSG profile includes support for signatures, counter-signatures, and co-signatures. 
    • https://profiles.ihe.net/ITI/TF/Volume1/ch-37.html
  • The Document Encryption (DEN) would protect the document for confidentiality. The DEN standard is Trial-Implementation, based on highly used encryption standards. The DEN profile can encrypt any kind of document including CDA and FHIR-Documents. The DEN profile includes encryption methods using  Digital Certificate and Password. The DEN profile can also encrypt XDM content.
    • https://www.ihe.net/uploadedFiles/Documents/ITI/IHE_ITI_Suppl_DEN.pdf 

Importantly the use of DEN and DSG can be used together or independently. Where only Digital Signature is needed, one would only use DSG.

Missing IHE specifications

The following IHE specifications on the Privacy and Security topic are missing

  • The IHE IT Infrastructure technical white paper, Template for XDS Affinity Domain Deployment Planning outlines some of the issues that should be evaluated for inclusion in the local Policy creation and Risk Management decisions. 
  • The APPC Profile adds to the BPPC functionality the ability to include deviations from the base policy in a structured and coded format. Where BPPC is limited to agreement or not to a pre-defined policy, APPC allows for more fluid patient privacy consent function.
  • organization directory (mCSD), 
  • user authentication/authorization (IUA)
  • Consistent Time (CT). 
  • Secure Retrieve https://wiki.ihe.net/index.php/Secure_Retrieve

See the following section in the IHE HIE whitepaper

https://profiles.ihe.net/ITI/HIE-Whitepaper/index.html#7-security-and-privacy

 

IHE - Cybersecurity Standards

The link under the text "IHE Cybersecurity Standards" does not  reference an IHE specification. 

For IHE the following link would be the most comprehensive https://wiki.ihe.net/index.php/Category:Security

ISA Security Standards Recommendation

Given the current climate of increased cybersecurity threats, HIMSS recommends that ONC take steps to increase the visibility of the ISA security standards.  With the security standards placed in the appendices due to the breadth of the material, it may be helpful to supply ISA users with a brief summary of the standards in the body of ISA that point to the greater detail in the appendices and serve as a visual roadmap for the resource.  We believe this will help users grasp the importance of looking to ISA for cybersecurity standards as well as where to apply the standards.

 

HIMSS also emphasizes that we want to continue to be a resource to ONC moving forward on identifying the most widely-used cybersecurity standards by all stakeholders, including industry and academia.  The need for a definitive resource on cybersecurity standards is not going to subside, and HIMSS wants to be helpful to ONC and the community-at-large in identifying the standards for consideration.  

 

HL7 FHIR Security

The HL7 FHIR specification includes security considerations in the FHIR Security section. We propose that this be added as a Source in this sub-section.

 

 

 

Julie Maas, CEO, EMR Direct