Advanced search
Publication Cover
Medical Informatics and the Internet in Medicine Volume 28, 2003 - Issue 4
Journal homepage
43
Views
4
CrossRef citations to date
0
Altmetric
Original Article

Security issues in the electronic transmission of prescriptions

DP Mundy The University of Hull Centre for Internet Computing, Scarborough Campus, Filey Road, Scarborough, YO11 3AZ, UKCorrespondence[email protected]
&
DW Chadwick IS Institute, University of Salford, The Crescent, Salford, M5 4WT, UK
Pages 253-277 | Received 01 Dec 2002, Published online: 12 Jul 2009

References

  • NHS, 2002, The NHS plan – a plan for investment – a plan for reform, Presented to Parliament by the Secretary of State for Health, Available at http://www.nhs.uk/nationalplan/nhsplan.htm (February 21).
  • ALLSCRIPTS, 2002, http://www.allscripts.com/ahcs/index.htm (November).
  • MIDDLETON, H., 2000, Electronically transmitted prescriptions – a good idea. The Pharmaceutical Journal, 265(7107), 172– 176.
  • UK GOVERNMENT, 1998, Data protection act 1998 (c.29), Crown Copyright.
  • INFORMATION COMMISSIONER, 2002, Use and Disclosure of Health Data, May, Available from http://www.dataprotection.gov.uk/dpr/dpdoc.nsf/ed1e7ff5aa6def30802566360045bf4d/ 7b7d02d29c28e76d80256bb5005d7bb3/$FILE/HEALTHGU.pdf (July 2003)
  • Electronic transmission of prescriptions, http://www.doh.gov.uk/Pharmacy/etp.htm (June 2002).
  • MUNDY, D. P. and CHADWICK, D. W., 2002, A system for secure electronic prescription handling, Second International Conference On The Management Of Healthcare And Medical Technology On: The Hospital of the Future Bringing Together Technology, Health Care and Management. Abstract and Main Paper on accompanying CD-Rom, Stuart Graduate School of Business, Center for the Management of Medical Technology, Illinois Institute of Technology, Chicago, Illinois, USA, July 28 – 30.
  • MUNDY, D. P., CHADWICK, D. W., BALL, E.,MARSDEN, P., BELL, D.,WHATLEY, J. E., SOBREPEREZ, P. and NEW, J., 2003, Towards Electronic Transfer of Prescriptions (ETP) in the United Kingdom National Health Service – Stakeholder Evaluation of ETP Pilots, 3rd International Conference on The Management of Healthcare and Medical Technology, Warwick, 7 – 9 September.
  • STALLINGS, W., 1999, Cryptography and network security: principles and practice Second Edition (London: Prentice Hall).
  • NATIONAL BUREAU OF STANDARDS, 1977, Data encryption standard, FIPS PUB 46, January.
  • ADAMS, C., 1997, The CAST-128 encryption algorithm, RFC2144.
  • ADVANCED ENCRYPTION STANDARD, 2002, Available at http://csrc.nist.gov/encryption/aes/ (November).
  • DIFFIE, W. and HELLMAN, M. E., 1979, Privacy and authentication: an introduction to cryptography, Proceedings of the IEEE, 67(3), 397– 427.
  • ISO/ITU-T REC., 2002, X.509 the directory: authentication framework.
  • GRITZALIS, S., GRITZALIS, D., MOULINOS, C. and ILIADIS, J., 2001, An integrated architecture for deploying a virtual private medical network over the Web. Medical Informatics and the Internet in Medicine, 26(1), 49– 72.
  • NHS EXECUTIVE, 2002, The Caldicott Committee: report on the review of patient-identifiable information – December 1997, Available at http://www.doh.gov.uk/confiden/crep.htm (November).
  • SAYERS, S. 2002, Lies, damn lies… and CVs!. t Magazine, March. Available at http://www.tmag.- co.uk/articles/Mar00p26.html (November).
  • CARVEL, J., 2002, Checks failure could allow ‘bogus’ GPs to treat patients. Guardian Unlimited, Available at http://society.guardian.co.uk/health/news/0,8363,410289,00.html (November).
  • NATIONAL AUDIT COMMISSION, 2002, Cover story – the use of locum doctors in NHS Trusts. Available at http://www.audit-commission.gov.uk (November).
  • LOCUM GPS, 2000, Health Which? (December).
  • UK GOVERNMENT CM5557, 2002, Entitlement cards and identity fraud – a consultation paper, July, Available at http://www.homeoffice.gov.uk/cpd/entitlement_cards.pdf (August).
  • EUROPEAN PARLIAMENT, 2000, Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal L 013, 19/01/2000, 12 – 20.
  • CEN WORKSHOP AGREEMENT, 2001, Secure signature-creation devices. CWA 14169.
  • DEPARTMENT OF HEALTH, 2002, Available at http://www.doh.gov.uk/Pharmacy/FAQs.htm (June).
  • PHARMED, 2002, http://www.pharmed.co.uk (June).
  • DAVIS, E., 2000, Electronic transfer of prescriptions in primary care. The British Journal of Healthcare Computing & Information Management, 17(8), 29– 31.
  • MOORE, J., FARRAR, K., HUGHES, D. and SPOURS, A., 1996, Electronic prescribing – the perfect prescription. The British Journal of Healthcare Computing and Information Management, 13(4), 25– 27.
  • MOORMAN, P. W. and BERNSTEIN, K. (editors) 1999, The CoCo project report. (Odense: Danish Centre for Health Telematics).
  • POCKETSCRIPT, 2002, http://www.pocketscript.com/ (November).
  • EPHYSICIAN, 2002, http://www.ephysician.com/ (November).
  • ECKSTEIN, L. and STRUIF, B., 1999, Electronic prescription and medication documentation on a patient data card – the smartcard – project of the ABDA, German National Research Center for Information Technology (GMD) and Institute for Secure Telecooperation (SIT), November.
  • NHS MANAGEMENT EXECUTIVE, 1990, The care card – evaluation of the Exmouth project (London: HMSO).
  • SONG, W. J. and AHN, B. H., 2002, A secure transmission of the prescription order communication system based on the internet and the public-key infrastructure using master smart cards, 35th Annual Hawaii International Conference on System Sciences (HICSS’02), Vol. 6, p.156b, January.
  • SHARPLES, S. and WOODHEAD, A., 1996, Improving security: electronic transfer of prescription data in primary care. The British Journal of Healthcare Computing and Information Management, 13(1), 21– 22.
  • GREETHAM, D. and FRASER, R., 2002, Explanatory guideline to PKI for patients and the public, NHS Information Authority Guidance.
  • LOCKLEY, J., 2000, Editorial piece. Torus – Torex User Group Journal, No.42, December, Page 2.
  • IMPACT, 1999, Doctors demand encrypted NHSnet. Pharmaceutical Journal, 263 (7069)697, October 30, News. Available at http://www.pharmj.com/Editorial/19991030/news/nhsnet.html (November 2002).
  • KEMBER ASSOCIATES, 2002, Research with patients. Available at http://www.pharmed.co.uk/text/ reseach3.html (August 29).
  • SCHNEIER, B., 1996, Applied Cryptography, Second Edition (New York: John Wiley & Sons).
  • MCHUGH, J. andMICHAEL, J. B., 1999, Secure Group Management in Large Distributed Systems: What is a Group and What Does it Do?, Proceedings of the 1999 workshop on new security paradigms, Caledon Hills, Ontario, Canada, pp. 80 – 85.
  • ANDERSON, R., 1993, Why Cryptosystems Fail, 1st Conf.- Computer and Comm. Security ‘93, Fairfax, VA: ACM.
  • FOUNDATION FOR INFORMATION POLICY RESEARCH, 1999, Framework for Smart Card Use in Government – A Consultation Response. Available at http://www.fipr.org/cards/fipr_cards.html. September 2003.
  • CHADWICK,D.W., 1999,Smart cards aren’t always the smart choice. IEEEComputer, 32(12), 142– 143.
  • PRIVACY INTERNATIONAL, 2003, see http://www.privacyinternational.org/ (February).
  • YAN, J., BLACKWELL, A., ANDERSON, R. and GRANT, A., 2000, The memorability and security of passwords – some empirical results, University of Cambridge Technical Report, Number 500, September.
  • BALL, E., CHADWICK, D. W. and MUNDY, D. P., 2003, Patient Privacy in Electronic Prescription Transfer. IEEE Security and Privacy, March/April.
  • CHADWICK. D. W. and OTENKO, A., 2002, The PERMIS X.509 role based privilege management infrastructure, Proceedings of the 7th ACM Symposium On Access Control Models And Technologies (SACMAT 2002), Monterey, USA, June, pp 135 – 140.
  • BLAZE, M., FEIGENBAUM, J. and IOANNIDIS, J., 1999, The keynote trust-management system version 2, RFC 2704, September.
  • DEPARTMENT OF HEALTH, 2002, New legislation to facilitate electronic transmission of prescription pilot schemes, Available at http://www.doh.gov.uk/pharmacy/etpleg.htm (November).
  • SANTESSON, S., POLK, W., BARZIN, P. and NYSTROM, M., 2001, Internet X.509 public key infrastructure qualified certificates profile, RFC 3039, January.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.