In TRUSTHEALTH, a network of bona fide national organisations working in health care computerisation will show how openly-linked European telematics systems can employ modern data security measures. Based on a 1994 EU user survey, the project will adopt coded digital signature techniques to meet legal requirements and sustain public confidence in information security. Among numerous urgent application areas are drug prescriptions, electronically exchanged laboratory data and health centre invoicing. Network partners will collaborate in delivering security techniques for subsequent transfer to permanent health service operations.
The aim of this project is to demonstrate how trustworthy telematic systems can be established with the use of modern security techniques while maintaining the possibility for open systems connectivity and trans-European interoperability. Cryptographic digital signature techniques should be applied to allow the telematics systems to comply with the legal requirements and to maintain the public confidence in the way sensitive personal information is managed. This project is based on a user requirement study involving nine countries performed during 1994 under the INFOSEC programme on Electronic Signatures and Trusted Third Parties of DG XIII. The project Trusted Health Information Systems identified a number of very urgent application areas such as Prescriptions for medical drugs, Laboratory requests and results sent via Electronic Data Interchange (EDI), Invoices from health care establishments to payment providers, Signing of locally stored medical records in hospitals and general practices, Secure user authentication based on cryptographic smart cards, from the PC work station to local and remote servers using the same procedures, Transfer of multimedia medical records with origin authentication and confidentiality protection, Access control to medical information on patient data cards, Exchange of session keys for confidentiality protection in real time and messaging systems.
The present first phase of the TrustHealth project will focus on establishing a necessary infrastructure of Trusted Third Party Services (TTPs) for health care to support the above mentioned security requirements. The TTPs will assist in issuing cryptographic key cards to the users and signed certificates linking the user identity to a public key component used for verification of signatures. The project will develop and operate such structures based on Nationally trustworthy organisations related to the health care sector linked in a pan-European network through the participating telecom operators. It is assumed that after the project these trusted third party services will be transferred to permanent service operations.
Funding SchemeCSC - Cost-sharing contracts
91034 Evry Cedex
LS2 7UE Leeds