Um modelo de segurança para o sistema de prescrição eletrônica do HUSM

Abstract

The University Hospital of Santa Maria (HUSM) offers different services for the local community and new technologies in all of the sectors of the hospital allows a better control of administrative and clinical activities, requiring a security model definition. A security model tries to identify possible threats to a system and has the main characteristics to fight them, working as a base for the development of a system resistant to these threats. Considering the security of patients’ data as a key factor, this work proposes a security model for the electronic prescription system of HUSM. Matching the requirements of the security guarantee level 1, the proposed model specify: methods of identification and authentication; a model for access control based in context; how the communication between client and server should happen; different ways for guaranteeing the data secure, both data in transit or data at rest; and possibilities of a secure audit.