Yet Another Australian Health IT Management Group You Haven’t Heard Of!

NEHTA have left it until a week or so before the so called Health Identifier Service ‘go live’ to release a second version of their Concept of (HI Service) Operations document.

It can be found here:

http://www.nehta.gov.au/component/docman/doc_download/1019-concept-of-operations-v20

Those who follow these things will be aware that there is not going to be anything remotely looking like a ‘go live’.

This was made clear here:

http://aushealthit.blogspot.com/2010/06/hi-service-has-now-moved-to-confession.html

and was indeed confirmed by the NEHTA CEO in late May in a presentation.

Slide 14/22

Implementation Approach.

  • Implementation will be a staged approach
  • The HI Service is not “big bang” but incremental
  • Early adopters will work with NEHTA and they select their vendor partners
  • Publication of draft Implementation Plan –www.nehta.gov.au

(Presentation to International Conference in Healthcare – Melbourne – May 20-22, 2010)

The flawed nature of this document (which is not really a Plan, and is even titled ‘an Approach) is reviewed here:

http://aushealthit.blogspot.com/2010/06/degree-of-otherworld-impracticality.html

The document under discussion in this blog is the following:

HI Service - Concept of Operations

Version 2.0— 8 June 2010

Release – Final

Among other things I noticed as I browsed was that the final signoff for this version was provided by something called the IAARG (see page 3).

I wonder what the IAAGR is I thought. Page 10 of the document provides the answer. It is the:

Identification, Authentication and Access Reference Group (IAARG).

As an aside, and back at page 3 we have all sorts of discussions about IAARG ‘Tiger Teams’

Well go here to find out:

http://en.wikipedia.org/wiki/Tiger_Team

“A Tiger team is a specialized group that tests an organization's ability to protect its assets by attempting to circumvent, defeat, or otherwise thwart that organization's internal and external security. The term is also used in other settings, including information technology, aerospace design, and emergency management.

The term originated within the military to describe a team whose purpose is to penetrate security of "friendly" installations to test security measures. It now more generally refers to any team that attacks a problem aggressively.”

More amusingly in the change log for the document we find:

“Updated input from Tiger Team review

References to ‘Responsible Officer’ changed to ‘Responsible Officer’” – What????

But back to the main story.

Regular readers will know I have been curious how security and audit trails are going to be implemented in the HI Service and it seems this obscure Tiger Team is meant to be involved.

On identification and authentication for access to the HI Service we read the following.

First it is important:

“The National E-Health Strategy Summary included identification and authentication as one of the five key national foundations required for e-health:

Identification and authentication - There is a need to design and implement an identification and authentication regime for health information as soon as possible as this work will be absolutely fundamental to the nation’s ability to securely and reliably access and share health information.

Australia should seek, as far as possible, to make the allocation of consumer and care provider national identifiers universal and automatic.”

Second it will have the following security attributes (Page 29)

6.3.5 Information Security

The Security and Access Framework for the HI Service will operate within the context of the overall e-health security and access framework. It covers the principles, policies, processes and tools that are to be used to achieve this aim.

This framework recognises that strong information security will contribute to the success of the HI Service by appropriately safeguarding the personal information required to operate the Service7.

A multi-layered approach will safeguard the HI Service, and accordingly the Security and Access Framework incorporates both technical and non-technical controls. These include:

Smartcards and PKI certificates to facilitate the accurate identification and authentication of individuals accessing the HI Service

Robust audit trails, and proactive monitoring of access to the HI Service by both internal and external users

Role-based access control policies

Rigorous security testing, to be conducted both prior to and after commencement of operation of the HI Service

Ensuring users of the HI Service are adequately trained, through provision of educational programs and other training mechanisms

Requirements that healthcare provider individuals and organisations comply with healthcare identifiers specific legislation

The Security and Access Framework for the HI Service will ensure that the privacy, confidentiality, integrity and availability of information within the HI Service are not compromised.

Security needs to be operationally realistic for stakeholders, meaning that it must support, rather than hinder, the HI Service. As such, security has been designed to be ‘fit for purpose’, and to address policy objectives. Appropriate security controls are therefore being implemented in order to meet the HI Service objectives.

The objective of the Security and Access Framework for the HI Service is to:

Minimise the risk of unauthorised access to the HI Service and the information it contains

Enable detection of unauthorised information access or modification, and any other breach of information security (including privacy)

Facilitate appropriate response to, and investigation of, any such breaches

Assure the continued availability of the HI Service

Provide a means to continually improve security protections (including protection of privacy, confidentiality, integrity and availability)

The Security and Access Framework will ensure that the privacy, confidentiality, integrity and availability of information within the HI Service are not compromised. As security needs to be operationally realistic for stakeholders, (meaning that it must support, rather than hinder, the HI Service) it has been designed to be ‘fit for purpose’ and address policy objectives.

----- End Extract

The last little bit of information is here:

6.6.1.4 Authentication Service

The HI Service will use the National Authentication Service for Health (NASH) to provide security credentials for healthcare provider individuals and organisations. These credentials will be used for:

Accessing the HI Service

Asserting their identity when participating in e-health

----- End Extract.

The big issue I see here is that, to date, just what NASH is, is planning, and when it will begin delivering whatever it is going to deliver remains severely under wraps. We are also left wondering just where the balance between security and convenience will finally rest in terms of technical implementation – it is mentioned twice in the extract above.

Reading the rest of the Concept of Operations document it is clear that NASH is central to the HI Service’s capacity to deliver what it promises and right now how it will achieve that is vague in the extreme.

Clearly NASH has to be fully operational prior to the commencement of the HI Service if the presently proposed levels of security and access audit are to be delivered. Given the scale of change and training this implies I wonder why we are not hearing a great deal more?

There are going to be a lot of work practices needing to be modified by all this and that will not happen without some very detailed communication with the large number of stakeholders involved.

Oh and by the way the IAARG is really very secure. Not a note, minute or reference anywhere that Google can find!

David.

0 comments:

Post a Comment