Re: Principles of health care system security.

[Wayne Wilson]

Horst Herb wrote:
> 

> 
> It is scalable. Depends on teaching & sticking to security policies. Think
> of it as a pyramid.
> 
Your pyramid is roughly comparable to three groups of access:

1) Everyone in the org.
2) Clinicians
3) Small group of clinicians and patient.

Each group shares a passphrase to encryption.  Shared secrets
demonstrably are hard to protect as the number of people sharing the
secret increases. Once again, as the number of users in the system
increases, the security of the shared passphrase moves from marginal for
category 1) to marginal for category 2) and probably not worth the
effort for category 1).  Most large organizations don't even implement a
category 3 system, but it is the only model where human behavior and
technical protections can intersect to provide a reasonable assurance of
privacy.  But if the access control were implemented in a way not using
encryption, the same argument would apply.  Encryption is a workable
means of getting the protection to follow the data.  The adminstration
of the ACL is not really worked out, i.e. who has the passphrase. T