A GENERIC METHODOLOGY FOR HEALTH-CARE DATA-SECURITY

The aim is to outline the framework of a generic methodology for speci fying countermeasures in health care environments. The method is speci fically aimed at the enhancement of security in existing health care s ystems, and a key element is the use of predetermined 'profiles' by wh ich these may be classified. Example scenarios are presented to illust rate how the concept could be applied in practice. The paper is based upon work that was initially carried out as part of the Commission of European Communities SEISMED (Secure Environment for Information Syste ms in MEDicine) project, the aim of which is to provide security recom mendations for European health care establishments (HCEs).