Health informatics - Secure User Identification for Health Care - Management and Security of Authentication by Passwords

This document is designed to improve the authentication of individual users of health care IT systems, by strengthening the automatic software procedures associated with the management of user identifiers and passwords, without resorting to additional hardware facilities.
This document applies to all information systems (hereafter called systems) within the health care environment that handle or store sensitive person identifiable health information, using passwords as the only means of authenticating the entered user identifier, i.e., verifying the claimed identity of a user. Systems that fall within the scope of this document include for example electronic patient record systems, patient administrative systems and laboratory systems, containing personal health information.
This document does not apply to systems outside the health care environment. Neither does it apply to systems within the health care environment that use other means of identification and authentication, such as smart cards, biometric methods or other technical facilities.

Medizinische Informatik - Sichere Nutzeridentifikation im Gesundheitswesen - Management und Sicherheit für die Authentifizierung durch Passwörter

Informatique de santé - Sécurité de l'identification de l'utilisateur des soins de santé - Gestion et sécurité de l'authentification des mots de passe

Zdravstvena informatika – Varna identifikacija uporabnikov v zdravstvenem varstvu – Upravljanje in varnost avtentikacije z gesli

General Information

Status
Published
Publication Date
17-Aug-2004
Withdrawal Date
27-Feb-2005
Current Stage
9093 - Decision to confirm - Review Enquiry
Completion Date
10-Mar-2021

Relations

Buy Standard

Standard
EN 12251:2005
English language
13 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Zdravstvena informatika – Varna identifikacija uporabnikov v zdravstvenem varstvu – Upravljanje in varnost avtentikacije z gesliMedizinische Informatik - Sichere Nutzeridentifikation im Gesundheitswesen - Management und Sicherheit für die Authentifizierung durch PasswörterInformatique de santé - Sécurité de l'identification de l'utilisateur des soins de santé - Gestion et sécurité de l'authentification des mots de passeHealth informatics - Secure User Identification for Health Care - Management and Security of Authentication by Passwords35.240.80Uporabniške rešitve IT v zdravstveni tehnikiIT applications in health care technologyICS:Ta slovenski standard je istoveten z:EN 12251:2004SIST EN 12251:2005en01-januar-2005SIST EN 12251:2005SLOVENSKI
STANDARDSIST ENV 12251:20031DGRPHãþD



SIST EN 12251:2005



EUROPEAN STANDARDNORME EUROPÉENNEEUROPÄISCHE NORMEN 12251August 2004ICS 35.240.80 English versionHealth informatics - Secure User Identification for Health Care -Management and Security of Authentication by PasswordsInformatique de santé - Sécurité de l'identification del'utilisateur des soins de santé - Gestion et sécurité del'authentification des mots de passeMedizinische Informatik - Sichere Nutzeridentifikation imGesundheitswesen - Management und Sicherheit für dieAuthentifizierung durch PasswörterThis European Standard was approved by CEN on 21 June 2004.CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this EuropeanStandard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such nationalstandards may be obtained on application to the Central Secretariat or to any CEN member.This European Standard exists in three official versions (English, French, German). A version in any other language made by translationunder the responsibility of a CEN member into its own language and notified to the Central Secretariat has the same status as the officialversions.CEN members are the national standards bodies of Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France,Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Slovakia,Slovenia, Spain, Sweden, Switzerland and United Kingdom.EUROPEAN COMMITTEE FOR STANDARDIZATIONCOMITÉ EUROPÉEN DE NORMALISATIONEUROPÄISCHES KOMITEE FÜR NORMUNGManagement Centre: rue de Stassart, 36
B-1050 Brussels© 2004 CENAll rights of exploitation in any form and by any means reservedworldwide for CEN national Members.Ref. No. EN 12251:2004: ESIST EN 12251:2005



EN 12251:2004 (E) 2 Contents page Foreword.3 Introduction.4 1 Scope.5 2 Normative references.5 3 Terms and definitions.5 4 Requirements.6 4.1 Unique identification and authentication.6 4.2 Identification and authentication prior to all other interactions.6 4.3 Associating unique identity with users.6 4.4 Maintaining the identity of active users.6 4.5 Log-on message.7 4.6 Number of log-on trials.7 4.7 Incorrectly performed log-on procedure.7 4.8 Display of log-on statistics.7 4.9 Password sharing.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.