The implementation of security in health care information systems: closing the gap between theory and practice.

Even if all necessary information is available, the implementation of security in Hospital Information Systems is a complex process; the gap between theory and practice is still considerable. This paper describes the efforts made at Leiden University Hospital (AZL) to overcome this problem (at least partially), by using a database method to provide some structure in the data. This work is part of the SEISMED-project [1,2], sponsored by the European Union through its AIM-programme (Advanced Informatics in Medicine).