Healthcare Information Systems Faculty of Information Technology at the Queensland University Australia, have written this article to point out the need to change the method of access control in the current health care environment. They have introduced this method keeping in the mind the latest information technology system structures, legal and regulatory requirements and the demands of security operation in the Health Information Systems. The authors have proposed "Open and Trusted Health Information System" as the feasible solution along with the capability to dominate the provision of appropriate levels of secure access control in order to protect the sensitive health data.

Authors have also pointed out what is the problem with NEHTA work programs. NEHTA focuses on securely and reliably exchanging the clinical information with the help of electronic means and secure messaging technology. Authors have raised an important issue that these critical health information computer systems are openly connected to the internet and make "cyber attacks" possible for the attackers.

The authors are very much correct on the point that health care is a very intensive and informative business. The purpose of combining electronic health information and communication technology is to create a system which helps in the decision making process...

However, creating such a system through technological development of an interface is not enough, because if confidential information is not secured than its consequences will be a lot more than its benefits. Authors have given a very detailed explanation about this issue in detail that if the hardware facilities of the computer is not secure than the operating system itself cannot be secure because it is not possible to get security at the higher level if there is no function security at lower level. Therefore it is very essential to protect such information from the privacy threats and the security hazards.
Keeping in mind, this problem, authors suggest that a complete architecture is needed for securing this data and not just a secure messaging system is enough for maintaining the security. Therefore they have come up with "Open and Trusted Health Information Systems (OTHIS)" which is a proper architecture and assures the privacy protection and security for the health system in "end to end" manner. They have introduced this architecture in addition to the current work which is performed in the Health Information System security areas. They have come up with an approach with a trusted operating system which has the capacity to provide a great solution for the protection of…