visolveemr wrote on Monday, April 05, 2010:
Hi Team,
One of the MUO related to security is :
“”
Verify that a person or entity seeking access to electronic health information across a network is the one claimed and is authorized to access such information in accordance with the standard specified. Use of a cross-enterprise secure transaction that contains sufficient identity information such that the receiver can make access control decisions and produce detailed and accurate security audit trails (e.g., IHE Cross Enterprise User Assertion (XUA) with SAML identity assertions)
“”
We’ve analyzed the XUA profile and our understanding of the profile & the requirements are mentioned in http://www.openmedsoftware.org/wiki/9._XUA_-_Cross_Enterprise_User_Assertion.
Currently we are performing analysis on creating SAML assertions and we’ll also enhance the wiki page based on our current research.
Note: In the previous release of the security standards, the deadline for the implementation of this profile was mentioned as 2013. Not sure what the final standards are going to say?
Do share your views, if any.
Thanks
ViCarePlus Team