Article Preview
TopIntroduction
The United Nations (2002) report entitled “World Population Ageing: 1950-2050” report made four major propositions:
- •
Population ageing is unprecedented, without parallel in human history —and the twenty-first century will witness even more rapid ageing than did the century just past.
- •
Population ageing is pervasive, a global phenomenon affecting every man, woman and child—but countries are at very different stages of the process, and the pace of change differs greatly. Countries that started the process later will have less time to adjust.
- •
Population ageing is enduring: we will not return to the young populations that our ancestors knew.
- •
Population ageing has profound implications for many facets of human life.
This report has profound implications for the development and operation of e-health systems worldwide particularly in those countries most affected, such as Japan, Australia and others. It has been argued that e-health information systems have the potential to markedly improve service delivery in this area and numerous countries have such systems in some stage of development, including Singapore, Australia, Canada, the United States of America, the United Kingdom and the Netherlands. Interestingly, these countries have been seen as being particularly exposed to the problems of an aging population as report by the United Nations. The concern, then, given that an aging population is seen as requiring more and better, and often more advanced, healthcare services, e-health information systems will play a vital role in providing new levels of efficiency in this area.
Overall information security/assurance plays a vital role in the acceptance of any system. In turn, any assurance system must be both understandable to its users while being capable of providing notable levels of expansion capacity and overall performance and efficiency. In this regard, legislative and regulatory actions have taken place in some countries to attempt to improve such trust. This includes the United States’ Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996 to spur the development and usage of these systems to improve the deliverability of healthcare services as well as to potentially decrease overall costs in the healthcare sector. HIPAA required appropriate levels of cyber-security services to be incorporated.
Cryptography has been the method of choice for the creation of security services in most on-line information systems, including those in the banking and finance sector in particular. Indeed cryptographic technologies play a vital role in the provision of the confidentiality, integrity, authentication, non-repudiation and like services needed to create such trust in any information system. Their role in e-health systems cannot be underestimated when aspects of confidentiality, and resulting privacy concerns, take on added dimensions. However, the cryptographic keys used, for both public and private key cryptographic schemes, must be secure requiring that keys be safely generated, distributed, managed, used and deleted when no longer required. In particular, keys used for digital signature purposes require particular security services, for instance extended lifetime for the purposes of safe and secure archiving of patient records. The cryptographic sub-systems must, however, besides being themselves particularly secure since other information security services depend upon them, be efficient, scalable and easily understood and managed. This obligation largely resides with the e-health system provider and manager who must recognise that cryptographic key management is a critical aspect of overall systems security and protection in an e-health environment.