Presentation is loading. Please wait.

Presentation is loading. Please wait.

The World Internet Security Company ID Management in e-Health February 2007.

Similar presentations


Presentation on theme: "The World Internet Security Company ID Management in e-Health February 2007."— Presentation transcript:

1 The World Internet Security Company ID Management in e-Health February 2007

2 The World Internet Security Company About WISeKey Company founded in 1999 Privately held Headquarters in Geneva, Switzerland Trust services hosted in our highly secure datacenters Affiliates around the world, including Bulgaria for Eastern Europe Solutions deployed in over 20 countries Strong technological alliances in the e-Health sector

3 The World Internet Security Company Recent Misuses of Patient Health Information Banker collects On Cancer Patients Mortgages Hospital Employee Sells Country Singers Medical Records for $2610 Psychological records of 62 children accidentally posted on website Physicians Laptop with patient medical histories stolen health.org exposes customer names, addresses, phone numbers & addresses on web Washington DC Hospital Fined $25,000 Sick employee fired by self-insured employer

4 The World Internet Security Company Risks in the e-Health World Wrongful access to patient or medical information Theft of physicians laptops and data Posting of confidential data on rogue websites Breach of doctor-patient secrecy through the interception of electronic communications Failure to comply with regulations due to weak security

5 The World Internet Security Company What is Identity for eHealth? People –Employees –Patients –Partners –Suppliers Material –Computers –Medical Supplies –Drugs –Surgical Equipment

6 The World Internet Security Company Need for e-Identity

7 The World Internet Security Company Patient Centric Model

8 The World Internet Security Company Digital Identity

9 The World Internet Security Company Identity and healthcare Regulations mandate protection of patient health information Protection defined (technical security services) Access control – what you can access Audit control – what you have accessed Authorization control – what you can do once you access Data integrity – ensuring data is intact Entity authentication - proving your identity Once again, it all comes back to Identity

10 The World Internet Security Company

11 Core PKI Services essential assurance to an entity that data has not been altered between there and here or between then and now assurance to an entity that no one can read a particular piece of data except the intended receiver assurance to one entity that another entity is who he, she, or it claims to be a public key infrastructure (PKI) is an arrangement that provides for trusted third partys vouching for user identities Integrity Confidentiality Authentication

12 The World Internet Security Company Use of Trusted Certificates Data Encryption Intranet/Extranet Access Management Mobile Data Encryption Digital Identity Digital Signature encryption And signature Access Control User management

13 The World Internet Security Company Strong Application Authentication Web Based Portal Patient Encrypted HTTPS Tunnel Through the use of a WISeKey Trusted Certificate incorporated on a smart- card/token, the patient is able to authenticate himself in safer and stronger ways in order to access web- based portals Secure Zone Electronic Patient Records E-Prescriptions Data Repository E-Prescriptions Data Repository Health Insurance Service Custom Hospital Application

14 The World Internet Security Company Secure Communications Data Encryption and digital signature of s with WISeKey Certificates Assurance of the Authenticity of the Sender and the integrity of the message The right people see the right information Doctors Health Insurances Government Hospitals

15 The World Internet Security Company Guaranteed Data Integrity Patient sends Data XYZ Doctor receives Data XYZ Internet/Extrane t By using WISeKey solutions, we are able to guarantee the integrity of data sent between two parties. This is crucial when exchanging data in such instances as e-Prescriptions. Prevents man in the middle attacks By using WISeKey solutions, we are able to guarantee the integrity of data sent between two parties. This is crucial when exchanging data in such instances as e-Prescriptions. Prevents man in the middle attacks Safe Zone

16 The World Internet Security Company Digital Form Signing Non-compliant Digital Forms Digital Signature using a WISeKey Certificate Compliant Form Digital Signatures permit the legal endorsement of such documents as electronic patient records, lab orders, prescriptions and requisitions thus helping compliance with different EU and country based directives.

17 The World Internet Security Company Regulatory compliance By combining WISeKeys technologies with secure infrastructures and policies, you are able to better reach compliance with such directives as: – HIPPA – SAFE – EU Directive 2004/9/CE – Swiss Data Protection Law And others By combining WISeKeys technologies with secure infrastructures and policies, you are able to better reach compliance with such directives as: – HIPPA – SAFE – EU Directive 2004/9/CE – Swiss Data Protection Law And others

18 The World Internet Security Company Foreseen Swiss Model Identification StandardCertificate Authentication Non-Repudiation AdvancedCertificate

19 The World Internet Security Company Contact us 8, Tzar Ivan Shishman st Sofia, Bulgaria Tel Fax:


Download ppt "The World Internet Security Company ID Management in e-Health February 2007."

Similar presentations


Ads by Google