From: Lee Gibbon <leegib@MICROSOFT.com>
Date: Fri, 13 Jun 1997 04:15:38 +0800
To: "'cypherpunks'" <cypherpunks@Algebra.COM>
Subject: FYI: release of "For the Record: Protecting Electronic Health Information"
Message-ID: <51194C00BD39CF11839000805F385DB204587083@RED-65-MSG.dns.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain



On-line versions appear to be available at this site as well as means to
buy it.

http://www.nap.edu/bookstore/enter2.cgi?0309056977

For the Record: Protecting Electronic Health Information 
by:   Committee on Maintaining Privacy and Security in Health Care
Applications of the National Information Infrastructure, National
Research Council
ISBN 0-309-05697-7; 1997, 288 pages

"...This book makes practical detailed recommendations for technical and
organizational solutions and national-level initiatives. For the Record
describes two major types of privacy and security concerns that stem
from the availability of health information in electronic form: the
increased potential for inappropriate release of information held by
individual organizations (whether by those with access to computerized
records or those who break into them) and systemic concerns derived from
open and widespread sharing of data among various parties. The committee
reports on the technological and organizational aspects of security
management, including basic principles of security; the effectiveness of
technologies for user authentication, access control, and encryption;
obstacles and incentives in the adoption of new technologies; and
mechanisms for training, monitoring, and enforcement...."