Upload
aubrey-cox
View
223
Download
2
Tags:
Embed Size (px)
Citation preview
PMRM TCEmergency Responder Use Case
Draft: 2 Aug 2011
Copyright © 1999-2010 International Security Trust and Privacy Alliance (ISTPA)
Privacy Management Reference Model Services
Core Policy Services Agreement- agreements, options, permissions Control – policies – data management
Presentation and Lifecycle Services Interaction - manages data/preferences/notice Agent - software that carries out processes Usage - data use, aggregation, anonymization Access - individual review/updates to PI
Privacy Assurance Services Certification - credentials, trusted processes Audit - independent, verifiable accountability Validation - checks accuracy of PI Enforcement - including redress for violations
Copyright © 1999-2010 International Security Trust and Privacy Alliance (ISTPA)
Syntax for each Service: Functions DEFINE [SVC] operational requirements SELECT [SVC] (input, process, and output) data and parameters INPUT [SVC] data and parameter values in accordance with
Select PROCESS [SVC] data and parameter values within Functions OUTPUT [SVC] data, parameter values, and actions LINK [SVC] to other (named) Services SECURE [SVC] with the appropriate security functions
•Each USE CASE invokes a sequence of Service “calls”
•Each Service call executes a sequence of Functions (drawn from these seven Function categories)
Copyright © 1999-2010 International Security Trust and Privacy Alliance (ISTPA)
Emergency Responder Use Case: On Site Care
ACTOR:
ECS
PI-In
[detailed PI required]
Source (Actor) Requirements Services
Incident Report External sources ECS Privacy and Security Policy
jurisdictional regulations OnStar
Security Control Audit Interaction Validation Usage Certification
Situational Awareness Report
External Sources ECS Privacy and Security Policy
jurisdictional regulations OnStar
Security Control Audit Interaction Validation Usage Certification
Patient EHR Information
Service Provider and other Healthcare systems
HIPAA security and privacy rules HITECH 3rd party inherited policy
agreements
Security Control Audit Interaction Validation Certification Usage
Situation Assessment
On-site Care/Incident Commander
General scene information None
Data Flows TO a Single Actor (ECS) with PMRM Service Invocations
ECS Incident Report External sources ECS Privacy and Security Policy jurisdictional regulations OnStar
Security Control Audit Interaction Validation Usage Certification
Consider one ‘row’ in the table:
External Source connects to the ECS SECURITY: establish confidential communication (encryption)
CERTIFICATION: check External Source credentials INTERACTION: Provide privacy notice to the External Source, if appropriate
Incident Report is transmitted to the ECS VALIDATION: check the PI for reasonableness, veracity, and relevance, possibly against other sources
CONTROL and USAGE: Store the PI, together with all appropriate permissions for subsequent PI use
AUDIT: record the receipt of the PI and Incident Report
Tabular, time-line flow of Service invocations:
Services Operational Requirements
Time Line
ECS Situational Awareness Report
External Sources ECS Privacy and Security Policy jurisdictional regulations OnStar
Security Control Audit Interaction Validation Usage Certification
External Source connects to the ECS SECURITY: establish confidential communication (encryption)
CERTIFICATION: check External Source credentialsINTERACTION: Provide privacy notice to the External Source, if appropriate
Situation Awareness Report is transmitted to the ECS
VALIDATION: check the PI for reasonableness, veracity, and relevance, possibly against other sources
CONTROL and USAGE: Store the PI, together with all appropriate permissions for subsequent PI use
AUDIT: record the receipt of the PI and Situation Awareness Report
Services Operational Requirements
Time Line
Additional Row:
Question: Separate analysis needed for each policy domain (eg, OnStar)?
ECS Patient EHR Information
Service Provider and other Healthcare systems
HIPAA security and privacy rules HITECH 3rd party inherited policy agreements
Security Control Audit Interaction Validation Certification Usage
ECS connects to Service Provider and other Health Care Systems
SECURITY: establish confidential communication (encryption)
CERTIFICATION: mutually check credentials
INTERACTION: Provide privacy notice to the Provider/other Systems, if appropriate
Patient EHR is transmitted to the ECS VALIDATION: check the PI for reasonableness, veracity, and relevance, possibly against other sources
CONTROL and USAGE: Store the PI, together with all appropriate permissions for subsequent PI use
AUDIT: record the receipt of the PI and Patient EHR
Services Operational Requirements
Time Line
Additional Row:
ECS Situation Assessment On-site Care/Incident Commander
General scene information None (?)
Services Operational Requirements
Time Line
Additional Row:
On site Commander records general scene information in the Situation Assessment
SECURITY: establish confidential communication or log-in (encryption)
CERTIFICATION: mutually check credentials
INTERACTION:
Any PI contained in general scene information?
VALIDATION: check the PI for reasonableness, veracity, and relevance, possibly against other sources
CONTROL and USAGE: Store the PI, together with all appropriate permissions for subsequent PI use
AUDIT: record the receipt of the PI and Situation Assessment
Data Flows FROM a Single Actor (ECS) with PMRM Service Invocations
Actor:
ECS
PI-Out Destination (Actor) Requirements
[
Services
Incident Report:
PI Instance and enhancements
On-site Care/Incident Commander System
ECS Privacy and Security Policy Jurisdictional regulations
Security Control Audit Interaction Validation Usage
Situational Awareness Report On-site Care/Incident Commander System
ECS Privacy and Security Policy
-
Jurisdictional regulations
Security Control Audit Interaction Validation Usage
Patient Data Request Service Providers and other healthcare systems
HIPAA security and privacy requirements Unique healthcare system requirements
Security Control Audit Interaction Validation Certification Usage Enforcement
Health Information from Devices Service Providers and other healthcare systems
HIPAA security and privacy requirements Unique healthcare system requirements
Security Control Audit Interaction Validation Certification Usage Enforcement
Virtual Consult On-site Care/Incident Commander System
Virtual Consult On-site Care/Incident Commander System
- examine each row of the OUT table, in turn; then,- Move to each Actor, analyzing the IN/OUT flows
Where Does the Reference Model Fit?
Copyright © 1999-2010 International Security Trust and Privacy Alliance (ISTPA)
Privacy Management Reference Model