SHARP Security
The Strategic Healthcare IT Advanced Research Projects on Security (SHARPS) project is a multi-institutional and multidisciplinary research project, supported by a grant from the Office of the National Coordinator, aimed at reducing security and privacy barriers to the meaningful use of health information technology. The grant is one of the four awarded through the Strategic Health IT Advanced Research Projects (SHARP) program to address key challenges in adoption and meaningful use of health IT. I wrote previously about the University of Texas Health Science Center at Houston research which will focus on Patient-Centered Cognitive Support, and the Harvard research program on new health care application and network-platform architectures. Now we will look at the SHARPS research project on security of health IT.The SHARPS project will advance the sophistication, development, and deployment of security and privacy for health IT through research that is strategically managed for fundamental impact with some incremental short-term benefits. The Center for Health Information Privacy and Security has been established under the direction of Carl A. Gunter (see interview below). The Center houses the multi-institutional and multidisciplinary SHARPS research project. For continuing updates on the Center's work visit the SHARPS project web site. SHARPS is organized around three major environments:
- Electronic Health Records (EHRs)
- Health Information Exchanges (HIEs) ~ with Personal Health Records (PHRs) included as a major subtopic
- Telemedicine (TEL)
- Self-Protecting EHRs addresses defense-in-depth protection of records within an enterprise or in outsourcing by using attribute-based encryption to enforce SHARPS-developed protection requirements
- Policy Terrain and Implications of HIT addresses the inadequacy of existing frameworks for formulating and understanding privacy policies by developing contextual integrity underpinnings for application-enabling privacy practices
- Privacy-Aware Health Information Systems meets needs for highly assured conformance to privacy policies by developing new strategies for building such systems based on trust management systems
- Responsive, Secure Health Information Exchange addresses the inadequacy of current service models for exchanges by demonstrating how model-based design can be applied to HIT
- Experience-Based Access Management addresses the need for an engineering model for the evolution of access controls limiting insider threats with a lifecycle model based on strategies from attribute-based rule sets and machine learning
- Personal Health Records addresses the inadequacy of privacy standards for third-party PHRs through policy exploration with PHR stakeholders, leading to development and transition of supporting technology
- Implantable Medical Devices addresses control operations on implanted medical devices without proper authorization by developing techniques for achieving measurable security for such devices relative to specified infrastructure
- Remote Monitoring for Mobile and Assisted Living addresses usable security for remote monitoring and home healthcare with an mHealth security framework and service model
- Tele-immersion addresses the need for efficient provisioning for security and privacy in tele-immersion by linking classification to encryption
- Patient Safety Assessment addresses inadequate quantification of safety risks for medical devices in the face of security threats with a plan based on using Food and Drug Administration (FDA) adverse event reports to develop risk assessments
The first anticipated outcome of the project is to improve the maturity of security and privacy technologies and policies to remove a key range of security and privacy barriers that prevent current HIT systems from moving to higher HIT Meaningful Use Stages. The second anticipated outcome of the project will be the creation of an integrated multidisciplinary research community in security and privacy for HIT that will carry progress forward beyond the scope and duration of the SHARPS project.
I spoke with Carl today and he gave a great overview of the project and shared some of his insights as to how this research project will move forward. The audio of the conversation is below:
Download
No comments:
Post a Comment