Health informatics. Secure user identification for health care. Management and security of authentication by passwords

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

03-09-2004

Publisher

British Standards Institution

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Requirements
  4.1 Unique identification and authentication
  4.2 Identification and authentication prior to all
       other interactions
  4.3 Associating unique identity with users
  4.4 Maintaining the identity of active users
  4.5 Log-on message
  4.6 Number of log-on trials
  4.7 Incorrectly performed log-on procedure
  4.8 Display of log-on statistics
  4.9 Password sharing
  4.10 Password storage
  4.11 Logging of passwords
  4.12 Password display suppression
  4.13 User-changeability of passwords
  4.14 Default passwords
  4.15 Initialised passwords
  4.16 Temporary passwords
  4.17 Password expiration
  4.18 Password expiration notification
  4.19 Password reuse
  4.20 Password complexity
Annex A (informative) Potential password complexity
                      requirements
Annex B (informative) User responsibilities
Annex C (informative) Password communication
Bibliography

Designed to improve the authentication of individual users of health care IT system, by strengthening the automatic software procedures associated with the management of user identifiers and passwords, without resorting to additional hardware facilities.

This document is designed to improve the authentication of individual users of health care IT systems, by strengthening the automatic software procedures associated with the management of user identifiers and passwords, without resorting to additional hardware facilities. This document applies to all information systems (hereafter called systems) within the health care environment that handle or store sensitive person identifiable health information, using passwords as the only means of authenticating the entered user identifier, i.e., verifying the claimed identity of a user. Systems that fall within the scope of this document include for example electronic patient record systems, patient administrative systems and laboratory systems, containing personal health information. This document does not apply to systems outside the health care environment. Neither does it apply to systems within the health care environment that use other means of identification and authentication, such as smart cards, biometric methods or other technical facilities.

Committee	IST/35
DevelopmentNote	Supersedes DD ENV 12251. (09/2004)
DocumentType	Standard
Pages	16
PublisherName	British Standards Institution
Status	Current
Supersedes	DD ENV 12251:2001

Standards	Relationship
SN EN 12251 : 2005	Identical
NF EN 12251 : 2004	Identical
UNI EN 12251 : 2004	Identical
EN 12251:2004	Identical
NEN EN 12251 : 2004	Identical
NS EN 12251 : 1ED 2004	Identical
I.S. EN 12251:2004	Identical
DIN EN 12251:2005-07	Identical
NBN EN 12251 : 2004	Identical
UNE-EN 12251:2004	Identical

ECMA 205 : 1ED 93	COMMERCIALLY ORIENTED FUNCTIONALITY CLASS FOR SECURITY EVALUATION (COFC)
ISO 7498-2:1989	Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture

View more information

£142.00

Excluding VAT

Product format

I agree to the DRM document license rules apply against the PDF selection made.

Please confirm that you agree to the document license rules for this document.

I agree to the document license rules .

Please confirm that you agree to the document license rules for this document.

Access your standards online with a subscription

Features

Simple online access to standards, technical information and regulations.
Critical updates of standards and customisable alerts and notifications.
Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

Get in touch with us

Log into your Account

BS EN 12251:2004

Current

Table of Contents

Abstract

Scope

General Product Information

International Equivalents

Standards Referencing This Book

Category

Subcategory

Access your standards online with a subscription