Radack, S.
(2010),
The Exchange of Health Care Information: Designing a Security Architecture to Protect Information Security and Privacy, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD
(Accessed April 19, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The Exchange of Health Care Information: Designing a Security Architecture to Protect Information Security and Privacy
Published
Author(s)
Abstract
This bulletin summarizes the information presented in NISTIR 7497, Security Architecture Design Process for Health Information Exchanges (HIEs). The publication describes a systematic approach to designing a technical security architecture for the exchange of health information by building on common government and commercial practices, and demonstrating how these practices can be applied to the development of HIEs. Written by Matthew Scholl and Kevin Stine of NIST and by Kenneth Lin and Daniel Steinberg of Booz Allen Hamilton, the publication helps organizations address data protection issues throughout the development life cycle of a health information system. The bulletin discusses the contents of the publication and explains HIE concepts and the security architecture and design process. Ongoing NIST activities to support the development of the standards, tests, and methodologies needed for electronic health records and HIEs are also summarized. References are provided to additional sources on exchange of health care information.Citation
ITL Bulletin -
NIST Pub Series
Pub Type
NIST Pubs
Keywords
confidentiality, cyber security, electronic health records, health care information, health information technology, health information exchanges, information security, Health Insurance Portability and Accountability Act, privacy, reliability, risk assessments, security architecture, security controls, security controls, security plans, security requirements, security risks
Citation
Created November 23, 2010, Updated January 27, 2020