As part of the overall Euromed project, Euormed-ETS succeeded in providing a secure solution for medical data traffic and applications over the World Wide Web. Security has been built into the system by means of the Secure Session Layer (SSL) protocol as well as through the assistance of Trusted Third Party Services (TTPs). The establishment of the Web-based electronic health care record with countless hyperlinks however entails the emergence of electronic commerce with regard to telemedicine related health care activities. Dr. Despina Polemi from the National Technical University of Athens has investigated in which ways electronic commerce transactions can be harmoniously implemented into the telemedical environment of the Next Generation Internet.
The general definition of electronic commerce can be termed as the conduct of business with the assistance of telecommunications and of telecommunications-based tools between two major parties. On the one hand there is the selling party which offers certain goods and on the other, there is the buying party which purchases them. In a telemedical context, the health care goods or services are provided by the hospital, the physician, a medical laboratory, or an insurance company. The patient and the insured individual or hospital can be regarded as the purchasers. The traded items may consist of different kinds or types, like custom-built articles or services, medical data or images, customized products, insurance information, medical equipment, health care commodities such as shares and stocks, as well as telemedical publications.
Telemedical commercial transactions have a similar structure as those which occur in the physical health care environment. Most common is the ordering and offering of goods after a mutual agreement or contract. Before the start of any transaction, the contract needs certification. In certain cases, this is done by means of accreditation before, for instance, allowing a patient to use the hospital facilities. A commercial agreement implies the fair exchange of goods or services against payment, but equally the right for the telemedicine seller or customer to dispute erroneous transactions. Sometimes, assistance is required from a third party, such as high performance computing centres, computer laboratories, financial institutions, or electronic brokerage centres.
There are four different configurations in which telemedical transactions can take place, namely between two health care entities, between a health care participant and a health care entity, between a health care entity and a co-operative entity, and between a health care participant and a co-operative entity. All commercial transactions within these four patterns require the presence of the four integrated elements of security, which are availability, confidentiality, integrity, and authenticity. Dr. Polemi also distinguishes a number of typical electronic commerce scenarios in telemedicine. The most common is the mail-order retailing, which can be executed both off-line and on-line. Other scenarios refer to the telemedicine mall, auctions, the medical subscription services, document statements, and contract signing.
Some scenarios are related to more immaterial transactions, such as medical insurance, ticketing for well-defined services, electronic mail, support for the health care participant, availability of corporate marketing information, and electronic publishing. For all these levels of the electronic commerce related platform within the telemedical information society, a serious analysis has to be carried out with regard to the different aspects of security threats, risks and failures, in order to create a secure environment for commercial medical transactions. For more details, you can check out the home page of the Security Group at the National Technical University of Athens.