ID | Description | Expected impact on technical design and/or the overall KONFIDO project activities |
---|---|---|
F1 | The need for HIT services and applications tends to overcome the insecurity regarding personal data misuse | It confirms the need for solutions that provide added value in real-world healthcare settings, while still promoting a holistic security approach. |
F2 | End-users support cross-border data exchange (even for research) | It confirms the value of the KONFIDO key concepts. Does not affect design decisions. |
F3 | Common legislation activities between EU Member States | GDPR and other initiatives will form the legal base for the solution and guide the respective design decisions (e.g. on the consent process). |
F4 | Technical EU initiatives are currently ongoing | The design will create a liaison with and build upon existing/evolving frameworks in Europe (epSOS, OpenNCP, eIDAS). |
F5 | Standards already established and widely accepted | The design and implementation will follow security standards, such as those from ISO/IEC 27k. |
F6 | Wide recognition of the need for a security policy based on standards | The technical solution should be based on widely-accepted standards and therefore implicitly increasing compatibility with standard based security policies. |
F7 | Exchange of data between organizations is based on agreements following GDPR | The design shall take GDPR into account wherever applicable (e.g. in the design of the consent process). |
F8 | Common mechanism of eID currently built (eIDAS) | The design of the solution shall be based on eIDAS, which is expected to be the de-facto standard among EU Member States. |
F9 | Cloud services, compatible with medical data exchange legislation | KONFIDO will be able to use cloud infrastructure being compatible with the respective legislation. |
F10 | Credible network services available | Facilitate the engagement in high mobility scenarios. |