Abstract
Throughout the modern world, healthcare is in a crisis. In response, health information systems are going through major changes: focusing more on the patient and what the patient can do to help to improve his own health care. A lot has been said about what the patient's role should be in the 21(st) century. However, in a way, the patient is still being left out, without the ability to decide about his role and impotent to exercise his rights as the owner of his own EHR. Moreover, there exists a general lack of awareness among the general public about the major risks involved in the unbounded disclosure of personal health related data. The continuous growth of privacy incidents, resulting from target profiling and mining off individual health histories, by human resource departments or insurance companies, demonstrates the fragile perception the general public has for these matters. To help us in assessing this situation we have conducted several interviews with patients older than 18 years in order to determine their opinion on matters regarding 'patient empowerment' and their associated EHRs: particularly who should have access and what were the real reasons behind those answers. In this paper we analyze the results of our questionnaire and present and discuss in detail the answers provided by 100 patients: 70 female and 30 male from diverse strata of the Portuguese population.

Abstract
Electronic Health Record (EHR) systems are becoming more and more sophisticated and include nowadays numerous applications, which are not only accessed by medical professionals, but also by accounting and administrative personnel. This could represent a problem concerning basic rights such as privacy and confidentiality. The principles, guidelines and recommendations compiled by the OECD protection of privacy and trans-border flow of personal data are described and considered within health information system development. Granting access to an Elf R should be dependent upon the owner of the record; the patient: he must be entitled to define who is allowed to access his EHRs, besides the access control scheme each health organization may have implemented. In this way, it's not only up to health professionals to decide who have access to what, but the patient himself Implementing such a policy is walking towards patient empowerment which society should encourage and governments should promote. The paper then introduces a technical solution based on web security standards. This would give patients the ability to monitor and control which entities have access to their personal EHRs, thus empowering them with the knowledge of how much of his medical history is known and by whom. It is necessary to create standard data access protocols, mechanisms and policies to protect the privacy rights and furthermore, to enable patients, to automatically track the movement (flow) of their personal data and information in the context of health information systems. This solution must be functional and, above all, user-friendly and the interface should take in consideration some heuristics of usability in order to provide the user with the best tools. The current official standards on confidentiality and privacy in health care, currently being developed within the EU, are explained, in order to achieve a consensual idea of the guidelines that all member states should follow to transfer such principles into national laws. A perspective is given on the state of the art concerning web security standards, which can be used to easily engineer health information systems complying with the patient empowering goals. In conclusion health systems with the characteristics thus described are technically feasible and should be generally implemented and deployed.

Abstract
Health Information Systems (HIS) are often deployed with inadequate security mechanisms and with users being generally pointed out as the weakest link. The launch of the Portuguese digital national identification smart card, the Citizen Card (CC), with strong authentication and digital signing capabilities, represents a new and viable economic opportunity for securing a HIS and at the same time foster the creation of a much more secure national health information infrastructure. Smart cards are being deployed in healthcare in several places around the world with highly encouraging results. Major programs have already been deployed with great success, although there are some well identified issues that need to be addressed. The CC is a versatile and secure card, with the latest in encryption and tamper resistance technologies, with standard support for a Public Key Infrastructure (PKI). We present the advantages and enumerate some of the problems of using a smart card in a HIS, as well as the CC possible contributions in this area, namely as an easy, inexpensive, widely deployed way of using current technology to protect HIS security, and ultimately patient information, while at the same time fostering the expansion and deployment of inter operable HIS. Issues are identified that will need to be resolved and a detailed plan for further work to assess the level of impact the CC can have on the national HIS is indicated.

Abstract
Many heterogeneous and highly specialized software applications for eHealth were implemented and deployed by diverse health organizations, such as public and private hospitals and health care centers. The rational management of these eHealth assets together with their efficient and interoperable integration represents today a major hitherto unresolved challenge for the health sector at a global level. One of the present implications is the serious interoperability issues that arise by the lack of widely accepted standards for the homogeneous integration of the diverse identity and authentication mechanisms used by the eHealth applications ecosystem. Unfortunately this has not yet been a major infrastructure concern for the eHealth context and thus constitutes a major road block for the realization of these applications full integration potential. In this work a high level model and some critical infrastructure components are proposed. Together with the Portuguese eID smart-card, allowed to delineate a novel and more flexible infrastructure for secure identity management and authentication services for eHealth. The secure privacy oriented identity infrastructure proposed fits well the highly demanding and specific needs of a heterogeneous and integrated modern identity infrastructure for eHealth applications, precisely because it provides strong foundations, upon which more reliable, secure, trustworthy and inter-operable eHealth applications can be built.

Abstract
Personal mobile devices with real practical computational power and Internet connectivity are currently widespread throughout all levels of society. This is so much so that the most popular of these devices, the smart phone, in all its varied ubiquitous manifestations is nowadays the de facto personal mobile computing platform, be it for civil or even military applications. In parallel with these developments, Internet application providers like Google and Facebook are developing and deploying an ever increasing set of personal services that are being aggregated and structured over personal user accounts were an ever increasing set of personal private sensitive attributes is being massively aggregated. In this paper we describe OFELIA (Open Federated Environment for Leveraging of Identity and Authorization), a framework for user centric identity management that provides an identity/authorization versatile infrastructure that does not depend upon the massive aggregation of users identity attributes to offer a versatile set of identity services. In OFELIA personal attributes are distributed among and protected by several otherwise unrelated AAs (Attribute Authorities). Only the user mobile device knows how to aggregate these scattered AAs identity attributes back into some useful identifiable entity identity. Moreover by recurring to an IdB (Identity Broker), acting as a privacy enhancing blind caching-proxy, in OFELIA the identity attributes location in the Internet is hidden from the RP/SP (Relying Party, Service Provider) that wants to have temporary access to the users personal data. The mobile device thus becomes the means by which the user can asynchronously exercise discretionary access control over their most sensitive dynamic identity attributes in a simple but highly transparent way.

Abstract
With the advent of more sophisticated and comprehensive healthcare information systems, system builders are becoming more interested in patient interaction and what he can do to help to improve his own health care. Information systems play nowadays a crucial and fundamental role in hospital work-flows, thus providing great opportunities to introduce and improve upon "patient empowerment" processes for the personalization and management of Electronic Health Records (EHRs). In this paper, we present a patient's privacy generic control mechanisms scenarios based on the Extended OpenID (eOID), a user centric digital identity provider previously developed by our group, which leverages a secured OpenID 2.0 infrastructure with the recently released Portuguese Citizen Card (CC) for secure authentication in a distributed health information environment. eOID also takes advantage of Oauth assertion based mechanisms to implement patient controlled secure qualified role based access to his EHR, by third parties.