Affordable Access

GEMSS: Privacy and security for a Medical Grid

Publication Date
  • Law
  • Medicine


GEMSS: Security and Privacy for a Medical Grid GEMSS: Privacy and security for a Medical Grid Jean A.M. Herveg1, Federico Crazzolara2, Stuart E. Middleton3, Darren Marvin3, Y. Poullet1 1Centre de Recherches Informatique & Droit, FUNDP, Belgium 2C&C Research Laboratories, NEC Europe Ltd., St. Augustin, Germany 3IT Innovation Centre, University of Southampton, UK Contact Jean A.M. Herveg Centre de Recherches Informatique & Droit Faculté de Droit de Namur – FUNDP 5 rempart de la Vierge B – 5000 NAMUR (BELGIUM) tel: 00 32 81 72 47 68, fax: 00 32 81 72 52 02, email:[email protected] 1. Summary This paper gives a legal qualification to the operations performed upon the patient’s data, in view of Directive 95/46, when using the GEMSS medical Grid applications. It identifies measures ensuring the security of the data processing, and describes the legal rationale behind the choice of security technology. Our legal analysis demonstrates that each GEMSS service provider acts as a processor of the controller of the patient’s data processing for healthcare purposes. With respect to this, the controller has to choose a processor providing sufficient guarantees in respect of the technical and organizational measures governing the processing to be carried out, and ensure the compliance with those measures. These measures have to ensure a level of security appropriate to the risks represented by the processing and nature of the data, with regard to the state of the art and the cost of their implementation. Having identified the legal requirements we then describe the security technology employed within the GEMSS Grid middleware. The security technology employed is based on a public key infrastructure (PKI), and implements end-to-end security mechanisms in line with the web services security (WS Security, WS Trust and SecureConversation) specifications. The GEMSS middleware ensures a degree of protection of patient data that is appropriate for the health c

There are no comments yet on this publication. Be the first to share your thoughts.