Towards Improved Security Criteria for Certification of Electronic Health Record Systems

摘要

The Certification Commission for Health Information Technology (CCHIT) is an electronic health record certification organization in the United States. In 2009, CCHIT's comprehensive criteria were augmented with security criteria that define additional functional security requirements. The goal of this research is to illustrate the importance of requiring misuse cases in certification standards, such as CCHIT, by demonstrating the implementation bugs in an open source healthcare IT application. We performed an initial evaluation of an open source electronic health record system, OpenEMR, using an automated static analysis tool and a penetration testing tool. We were able to discover implementation bugs latent in the application, ranging from cross-site scripting to insecure cryptographic algorithms. Our findings stress the importance that certification security criteria should focus on implementation bugs as well as design flaws. Based upon our findings, we recommend that CCHIT be augmented with a set of misuse cases that check for specific threats against EMR systems and thereby improve this aspect of the certification process.