Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- D4.1: Structured account of approaches on interoperability.
- D4.2: Set of requirements for interoperability of Identity Management Systems.
- D4.4: Survey on Citizen's trust in ID systems and authorities.
- D4.5: A Survey on Citizen’s trust in ID systems and authorities.
- D4.6: Draft best practice guidelines.
- D4.7: Review and classification for a FIDIS identity management model.
- D4.8: Creating the method to incorporate FIDIS research for generic application.
- D4.9: An application of the management method to interoperability within e-Health.
- D4.10: Specification of a portal for interoperability of identity management systems.
- D4.11: eHealth identity management in several types of welfare states in Europe.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
 |
Foreword REQUIREMENTS DOMAIN |
 |
A requirements model for e-Government is shown in Figure 6.
A requirements model for e-Government is shown in Figure 6.
Figure 6 : e-Health requirements model
Operational / application activities include:
Manage the identity of the patient to ensure that it is secure and strictly confidential to those who are authorised to see the information
Provide health care to all citizens
Manage professional medical institutions by verifying qualifications supported by certificates, diplomas, degrees, etc
Provide and manage medical practitioners by verifying qualifications and CVs of practitioners such as doctors, surgeons and nurses
Supply and monitor funds
Keep medical records up to date of doctors, patients, biological data, etc
Management activities
Management activities
The requirements for management activities should specify the management tools, techniques and procedures, which have to be employed to ensure that all the information, roles and responsibilities, processes and technologies are in place to manage identity activities. These should include the management of projects, finance, human and technology resources.
A stakeholder model for e-Health is shown in Figure 7 which represents a “typical” structure of a national health service. The government policies are determined by parliament and performed by the various departments and agencies. The Connected Health initiative considers the “requirements of e-Health interoperability which aim to provide systems and services that are connected and can work together easily and effectively, while maintaining patient and professional confidentiality, privacy and security”.
Figure 7: Typical stakeholders within health sector
A stakeholder model for e-Health is shown in Figure 7 which represents a “typical” structure of a national health service. The government policies are determined by parliament and performed by the various departments and agencies. The Connected Health initiative considers the “requirements of e-Health interoperability which aim to provide systems and services that are connected and can work together easily and effectively, while maintaining patient and professional confidentiality, privacy and security”.
Figure 7: Typical stakeholders within health sector
4.1.3 Information management principles domain
The principles of information management relating to e-Health are shown in Tables 5
Health Sector – Identifiers / Credentials
The principles of information management relating to e-Health are shown in Tables 5
Health Sector – Identifiers / Credentials
Identity | |||||
Secure and protect: Information Computer systems
Destroy out of date information
Ensure stakeholders & representatives are bona fide
Protect: Credit card usage Passwords PIN numbers
Delete unsolicited emails
Monitor regularly: Information Computer systems Vetting of personnel
Comply with statutes & regulations
| Purpose for use
Application
Lifecycle: Input Storage Access Maintenance Deletion
Accuracy
Authentication
Authorisation
Confidentiality
Security
Interoperability
Identification
Matching checks | Paper
Electronic Web
Cards: Credit (n) Store (n) Licence (n) Membership (n) Etc
Voice
Face to face
Camera (n)
Scanner (n)
RFID
PET
TET
Databases | Ensure all items are bona fide:
Person (n)
Stakeholders & their representatives
Documents and copies
Scans match with originals
Computer systems
Compliance with statutes & regulations
| ||
Table 5
Table 5
4.4 e-Commerce
e-Commerce consists primarily of distributing, buying, selling, marketing and servicing products and services over electronic systems such as the internet and other computer networks. It is vital that the electronic transfer of identities and information, relating to individuals and organisations, are protected at an appropriate level.
An example of a security standard is the PCI Data Security Standard which is a set of comprehensive requirements for enhancing payment account data security. It was developed by the founding payment brands of the PCI Security Standards Council, including Visa, MasterCard, American Express, Discover Financial Services and JCB, to help facilitate the adoption of consistent data security measures on a global basis. The PCI DSS includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organisations proactively protect customer identity and information.
An example of a security standard is the PCI Data Security Standard which is a set of comprehensive requirements for enhancing payment account data security. It was developed by the founding payment brands of the PCI Security Standards Council, including Visa, MasterCard, American Express, Discover Financial Services and JCB, to help facilitate the adoption of consistent data security measures on a global basis. The PCI DSS includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organisations proactively protect customer identity and information.
4.4.1
| |
   |
|
| 4 / 6 |
