ISHTAR is the short name of a European Union project devoted to Implementing Secure Healthcare Telematics Applications in Europe. The project's main objective is to address the problems of health data protection and health information systems security within telematics applications in a horizontal way.
Accordingly, a wide range of material was developed to enable different professionals within the healthcare environment to understand and address the various issues involved at the level of complexity necessary to secure results. The key material resulting of the project is described below.
The ISHTAR white Paper was developed to provide a general overview of the issues for managers, clinicians and technical staff. It includes an introduction to and outline of the legal framework of the EU Data Protection Directive and the Council of Europe Recommendation on the Protection of Medical Data as well as risk analysis, security guidelines, security standards and networking issues related to the increasingly interconnected and distributed health information systems environment.
A Legal Report has been developed in connection with the EC Data Protection Directive 10n the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data' and in the context of the Council of Europe's Recommendation on the Protection of Medical Data. In addition, reports have been developed on the liability issues associated with the use of healthcare telematics applications. Recommendations have been given about measures that should be adopted or at least considered.
The Security Reports comprises two parts: Current Security Issues faced by Healthcare Establishments and Requirements for a Secure Healthcare System Architecture. These technical reports describe various issues of information systems security within the increasingly distributed systems environment.
The Security Training Courses are a comprehensive set of training material to deliver courses on IT security. Three training courses are covered: one for managerial staff, one for end users and one for IT technical staff.
The IT security manager SecureMan is a software tool to assist the development and on-going management of IT security within an organisation. It integrates risk analysis, training, incident recording, security administration and an extensive knowledge base on information security in healthcare.
An ISHTAR web site has been established at
http://www.ishtar.org.uk. It includes a security tutorial and access to key information.
