Table of contents
[Show/Hide]Carrying and sharing a Personal Health Record.
Scenarios
- User in clinic tap column, administrative agent at clinic verifies photo ID and releases record to device.
- User in device can look at record later on, at any time
- User arrives to new clinic, tap column, administrative agent at clinic verifies photo ID and accepts record. Record identity is verified using PKCS.
Attacks
- Unauthorized party acquires record from clinic: protected by administrative agent at clinic verifying photo ID.
- User or unauthorized party modifies record: protected by PKCS.
- Unauthorized party steals record from device: protected by the AES+hashed password.
Issues
- Open loop (interoperable) vs. Closed loop (proprietary)
Necessary / Related Technology
- HL7 CDA HL7 version 3: Message or CDA Document?
- http://web.media.mit.edu/~lfgs/papers/nfc09-mit-ird.pdf
- http://en.wikipedia.org/wiki/List_of_open-source_healthcare_software#Electronic_health_or_medical_record
- http://www.openclinical.org/emr.html
N9 Info
- devel-su, password 'rootme'