ASTM International - ASTM E1985-98
Standard Guide for User Authentication and Authorization
|Publication Date:||10 October 1998|
|ICS Code (IT applications in health care technology):||35.240.80|
1.1 This guide covers mechanisms that may be used to authenticate healthcare information (both administrative and clinical) users to computer systems, as well as mechanisms to authorize particular actions by users. These actions may include access to healthcare information documents, as well as, specific operations on those documents (for example, review by a physician).
1.2 This guide addresses both centralized and distributed environments, by defining the requirements that a single system shall meet and the kinds of information which shall be transmitted between systems to provide distributed authentication and authorization services.
1.3 This guide addresses the technical specifications for how to perform user authentication and authorization. The actual definition of who can access what is based on organizational policy.