On Sun, 21 Dec 2003, Richard D Piper wrote: ... > | Specifically, what are the benefits of inter-connecting distributed > | systems via email messages instead of https, for example? > > I think either solution would work.
Richard, If either approach is acceptable to you, my preference is to go with https. There are just so many more tools and systems that will be using https (to transport XML). > They are both simple methods to transmit patient data, in the absence of > a state of the art electronic health record. As I understand it, Argus is also meant to inter-connect diverse electronic health records systems currently in use in Australia? In any case, I anticipate all free EMR systems will be accessible over https anyways (actually, that may already be the case). > Unfortunately, although email and https are consumer technologies, > PKI/PKC have not reached that status, The current "standard" appears to be username-password pair for authenticating client-systems and SSL/certificate for servers --> over https encrypted link. Since this is good enough for banking, I suspect it is fine for health information too. Client-side certificate is just too much of a hassle for most people to use. > I have not used Argus, but it seems to be trying to address this problem > with respect to email. I doubt it has a chance of being successful > unless it becomes an opensource/open standard .... I doubt it. Even if Argus is free/open source, I doubt there will be much interst for it in the U.S.. > An advantage of an https approach is that the software (except for the > ssl related client) is maintained centrally on a server, ... You bet - and when we tell our patients and administrators: "OIO uses the same security as used by banks" - they feel very secure. "Email" evokes thoughts about "virus" and "spam". :-) Best regards, Andrew --- Andrew P. Ho, M.D. OIO: Open Infrastructure for Outcomes www.TxOutcome.Org
