Web Services At Forefront

If you intend on implementing electronic records and apply for the Electronic Health Record Incentive Program (EHRIP) you must demonstrate “meaningful use” of the electronic health record system. One of the provisions in EHRIP is information sharing. The authors of the EHRIP specifically set out to standardize on two protocols for information sharing:

• SOAP
• REST

Both of these technologies are know as web services. Essentially, web services provide information sharing capabilities using structured data files called XML. The purpose is to use these open standards so that applications developed by different vendors could communicate and share information.

Securing Web Services

In terms of security it is important to ensure that the transmission between applications using these web services is properly encrypted using SSL technology. In addition, considerations should be made to implement network and host intrusion prevention systems to ensure the security and integrity of the systems transmitting the shared information. For example, accepting SOAP requests will require you to set  up a DMZ infrastructure. Servers sitting in the DMZ will need to accept SOAP requests and send them. It is the traffic to and from these servers, and the servers themselves, that need to be protected.

Related articles by Zemanta

• Web Services Hacking And Hardening (slideshare.net)
• The XML Security Relay Race (devcentral.f5.com)
• Health IT Buzz – HHS Launches Healthcare Blog to Communicate with Dr. Blumenthal (ducknetweb.blogspot.com)
• Here’s the rule for meaningful use (clinicalit.blogspot.com)