Implementation of security policy for clinical information systems over wireless sensor networks

Various healthcare areas such as diagnosis, surgery, intensive care and treatment, and patient monitoring in general, would greatly benefit from light, autonomous devices which can be unobtrusively mounted on the patient’s body in order to monitor and report health-relevant variables to an interconnection device in the vicinity. This interconnection device should be able to connect to access points at different locations within the healthcare institution. In this manner, health-relevant measurements can be forwarded to the central medical database and stored therein. In this scenario, integrity and privacy of personal medical data is of utmost importance. In this paper we address the networking and security architecture of a healthcare information system comprised of patients’ personal sensor networks, department/room networks, hospital network, and medical databases. We discuss confidentiality and integrity policies for clinical information systems and propose the feasible enforcement mechanisms over the wireless hop. We also compare two candidate technologies, IEEE 802.15.1 and IEEE 802.15.4, from the aspect of resilience to jamming and denial-of-service attacks.