Electronic Health Records (EHRs) have many potential advantages over traditional paper records, such as wide scale access, error checking, and protection from physical damage to a record. As with any medical record, paper or electronic, both the patient's privacy and the document's integrity must be guaranteed. With initiatives such as Integrating the Healthcare Enterprise (IHE), computerized
... [Show full abstract] healthcare systems are able to share EHRs on a large scale, while protecting the patient's privacy rights. However, IHE does not yet meet the needs of all healthcare systems, as we will show with the eMOLST project. The eMOLST project delivers software in support of Medical Order for Life Sustaining Treatment (MOLST) forms and uses IHE specifications for cross enterprise document storage and sharing, patient identification, and user authentication and authorization. The Web-based system provides secure access to electronic MOLST documents regardless of the patient's or healthcare provider's location. The eMOLST project allows a user to have Single Sign On (SSO) access to the system from either the user's associated enterprise, or through a Web portal shared amongst all users across all enterprises. In this paper, we show a security solution to allow SSO from multiple access points for IHE compliant systems. Copyright © 2011 John Wiley & Sons, Ltd.