Table of Contents
Advertisement
46 | DRY 3.4 | Introduction
Privacy and security
Within the healthcare industry, several standardization efforts are ongoing as
a response to Privacy and Security legislation and regulations. The purpose of
this standardization for hospitals and vendors is to enable information
sharing, interoperability and to support the workflow of hospitals in a
multiple vendor environment.
In order to allow hospitals to comply with HIPAA regulations (Health
Insurance Portability and Accountability Act) and to meet the IHE standards
(Integrated Healthcare Enterprise) some security features are included in the
user interface of the printer (available via the web pages only: under 'Security
tools'):
• Product Authentication: HIPAA supported products that communicate
with DICOM use the Transport Layer Security (TLS) protocol. The TLS
protocol uses public key certificates for client and server authentication
(X.509).
• Product Accountability: HIPAA supported products require some level of
user and system activity to be recorded. As a consequence of these actions,
audit records are to be sent to and observed at an Audit Record Repository
(ARR).
• Product User Authentication: 'User Authentication' of HIPAA products
involves password protection for access to User, Key operator, Service
Security/ Administrator and other user interfaces that allow access to
protected health information (PHI). These interfaces include all user
keypads, front panels displays and network connections.
The last two functions are available when access to the Administrator is
granted (i.e. when the Administrator password has been entered correctly).
2602A EN 20191018 0826
Advertisement
Table of Contents
