cover image: A "conceptual" privacy impact assessment (PIA) on Canada's electronic health record solution (EHRS) blueprint version 2 : Évaluation conceptuelle des facteurs relatifs à la vie privée concernant la version 2 de l'Architecture de solutions du dossier de santé électronique du Canada

Premium

20.500.12592/6tf677

A "conceptual" privacy impact assessment (PIA) on Canada's electronic health record solution (EHRS) blueprint version 2 : Évaluation conceptuelle des facteurs relatifs à la vie privée concernant la version 2 de l'Architecture de solutions du dossier de santé électronique du Canada

17 Dec 2008

The PIA had four main objectives: 1. To describe the high-level types and flows of personal health information in the EHR 2. To analyze the EHRs blueprint against the principles of the CSA model code 3. To identify privacy risks and 4. To identify mechanisms for enhancing privacy protection. [...] The Code has informed virtually every privacy statute introduced in Canada since 1996, and serves as the basis for the 114 privacy and security requirements on which the conceptual privacy and security component of the architecture for the EHR infostructure is based. [...] If the data in the EHR repositories and registries can be compared to the books in a reference library, then the HIAL is analogous to an experienced librarian who knows the library's layout and has the ability to gather all the materials to satisfy an information request, thereby freeing the library's users from needing to know anything about the library layout or which reference materials best an [...] An EHR indexing service allows the EHR Infostructure to quickly locate all the records for a given patient in any of the repositories by cross-linking each ECID in the Client Registry with record identifiers in all of the other repositories that contain records pertaining to the patient. [...] The first scenario describes the entry of personal health information in the EHR Infostructure; the second describes access to EHR information; the third describes the integration of consent directives; and the fourth describes how consent directives are accessed.
information technology health government politics economics public health governance electronic health record science and technology audit computer security confidentiality copyright medical policy information storage and retrieval systems law medicine best practice medical records clinical trial medical records systems, computerized electronic health records privacy health treatment clinical government health care computing and information technology computing ehr personal information access control ehrs information governance
Pages
164
Published in
Canada

Related Topics

All