This European Prestandard specifies a methodology for defining, expressing and selecting a communication protection profile (CPP) specification, and thus provides:
1. a standard way of expressing healthcare user security needs in relation to communication
2. a standard method of successive refinement of policy statements, hereby helping to identify standardised security implementation specification that can be utilised to meet these security needs.
Security aspects contained within the communication protection profile include integrity, confidentiality, and availability, and also auditability.
This methodology shall thus serve the purpose of being a tool for:
A. the end-user in collaboration with security experts, while seeking effective solutions for relevant and powerful healthcare communication security needs;
B. the standardization process in which trustworthy links between 1) actual selections of such user needs and 2) technological standards, are established.