0

Security Architecture Design Process for Health Information Exchanges

Purpose

Key Questions: What are security architecture designs? What security diagrams can be used?  How does the architecture allow for integration into the information technology architecture of an HIE?

The purpose of this publication is to provide a systematic approach to designing a technical security architecture for the exchange of health information by leveraging common government and commercial practices and to demonstrate how these practices can be applied to the development of HIEs. 

Contents

  • EXECUTIVE SUMMARY
  • INTRODUCTION
  • HIE CONTEXTS
  • HIE SECURITY ARCHITECTURE DESIGN PROCESS
  • CAPSTONE POLICIES – LAYER 1
  • ENABLING SERVICES - LAYER 2
  • ENABLING PROCESSES – LAYER 3
  • NOTIONAL ARCHITECTURE – LAYER 4
  • TECHNOLOGY SOLUTIONS AND STANDARDS – LAYER 5
  • BUILDING A NATIONWIDE HIE USING REGIONAL HIES
  • APPENDIX A: APPLYING THE SECURITY ARCHITECTURE DESIGN PROCESS
Contact Person/Organization: 

National Institute of Standards and Technology

Type of Tool:

Publication Date: 
2010