Agfa Gevaert N V 5364A 사용자 설명서
22
2900H EN 20071108
Introducing the Drystar 5500
D
RYSTAR
5500/5503 R
EFERENCE
MANUAL
Privacy and security
Within the healthcare industry, several standardization efforts are ongoing as
a response to Privacy and Security legislation and regulations. The purpose of
a response to Privacy and Security legislation and regulations. The purpose of
this standardization for hospitals and vendors is to enable information
sharing, interoperability and to support the workflow of hospitals in a
multiple vendor environment.
sharing, interoperability and to support the workflow of hospitals in a
multiple vendor environment.
In order to allow hospitals to comply with HIPAA regulations (Health
Insurance Portability and Accountability Act) and to meet the IHE standards
Insurance Portability and Accountability Act) and to meet the IHE standards
(Integrated Healthcare Enterprise) some security features are included in the
user interface of the Drystar 5500 (available via the web pages only: under
‘Security tools’. Refer to Chapter 4,
user interface of the Drystar 5500 (available via the web pages only: under
‘Security tools’. Refer to Chapter 4,
•
Product Authentication: HIPAA supported products that communicate with
DICOM use the Transport Layer Security (TLS) protocol. The TLS
protocol uses public key certificates for client and server authentication
(X.509).
protocol uses public key certificates for client and server authentication
(X.509).
•
Product Accountability: HIPAA supported products require some level of
user and system activity to be recorded. As a consequence of these actions,
audit records are to be sent to and observed at an Audit Record Repository
(ARR).
audit records are to be sent to and observed at an Audit Record Repository
(ARR).
•
Product User Authentication: 'User Authentication' of HIPAA products
involves password protection for access to User, Key operator, Service
Security/ Administrator and other user interfaces that allow access to
protected health information (PHI). These interfaces include all user
Security/ Administrator and other user interfaces that allow access to
protected health information (PHI). These interfaces include all user
keypads, front panels displays and network connections.
The last two functions are available when access to the Administrator is
granted (i.e. when the Administrator password has been entered correctly).
granted (i.e. when the Administrator password has been entered correctly).