Chadwick, D., Harvey, S., New, J. & Young, A.J. (2000). Initial Experience of Accessing Patient Confidential Data over the Internet using a PKI. Proceedings of the Information Security Solutions Europe (ISSE 2000) Conference, Barcelona. 27-29 September 2000.
A project to enable health care professionals (GPs, practice nurses and diabetes nurse specialists) to access, via the Internet, confidential patient data held on a secondary care (hospital) diabetes information system, has been implemented. We describe the application that we chose to distribute (a diabetes register); the security mechanisms we used to protect the data (a public key infrastructure with strong encryption and digitally signed messages, plus a firewall); the reasons for the implementation decisions we made; the validation testing that we performed and the preliminary results of the pilot implementation.