MEDNET NEWS

March 27, 2008

Role-based Access to Healthcare Information Uses SmartCard & Token System

Orlando, FL (March 27, 2008) -- MEDNETWorld.com announced today that MEDNET and GE Healthcare successfully demonstrated a PKI Certificate-based federated identity solution that allows role-based access to patient information for healthcare professionals. The demonstration was performed at the Integrating the Healthcare Enterprise (IHE®) Connectathon 2008. Their demonstration showed that users with different roles (Physician, Nurse, and Clerk) could access the GE Healthcare systems to view medical documents using MEDNET issued digital certificates stored in a smart card or a USB token.

Such a system ensures that the only medical or insurance information accessed by that user is the information required by their particular "role." The importance of such a system is exemplified by the five "rights” of healthcare: the right information, at the right time, on the right device, in the right format, and in the right context.

MEDNET and GE Healthcare have been working together to demonstrate that the GE Healthcare system supports patient healthcare information exchange by implementing the IHE profiles such as:

PIX (Patient Identifier Cross-referencing)

XDS.b (Cross–Enterprise Document Sharing)

BPPC (Basic Patient Privacy Consent)

MEDNET's Federated Identity solution provides a user's (healthcare professional or care giver) federated identity along with the user's various healthcare related attributes such as affiliations, roles, licenses, and specialties. MEDNET provided GE Healthcare with a software package to connect the GE Healthcare Document Exchange system to the MEDNET Identity Manager.

IHE provides a detailed implementation and testing process to promote the adoption of standards-based interoperability by vendors and users of healthcare information systems. The process culminates in the Connectathon, a weeklong interoperability-testing event. The MEDNET Identity solution provides a secure federated identity source across multiple security domains by combining the smart card / secure token solution into it.