United States Health Information Knowledgebase

 

You are viewing the Abridged Children's EHR Format.
To view the Full Children's EHR Format, you must first agree to the HL7 License Agreement.

Req-294: Security
Release Package: 2013 Format


Release Package:

2013 Format

Requirement ID:

Req-294

Title:

Security

Description:

STATEMENT: Secure the access to an EHR-S and EHR information. Manage the sets of access control permissions granted within an EHR-S. Prevent unauthorized use of data, data loss, tampering and destruction.

DESCRIPTION: To enforce security, all EHR-S applications must adhere to the rules established to control access and protect the privacy of EHR information. Security measures assist in preventing unauthorized use of data and protect against loss, tampering and destruction. An EHR-S must be capable of including or interfacing with standards-conformant security services to ensure that any Principal (user, organization, device, application, component, or object) accessing the system or its data is appropriately authenticated, authorized and audited in conformance with local and/or jurisdictional policies.

An EHR-S should support Chains of Trust in respect of authentication, authorization, and privilege management, either intrinsically or by interfacing with relevant external services.

Related Requirements:

Relationship Release Package Requirement ID Requirement Title Requirement Type SHALL / SHOULD / MAY Compare Requirements
Req-294 Is Parent Of 2013 Format Req-274 Patient Privacy and Confidentiality Function Not Applicable Compare
Req-294 Is Parent Of 2013 Format Req-573 Entity Authorization. Function Not Applicable Compare
Req-294 Is Parent Of 2013 Format Req-574 Patient Access Management Function Not Applicable Compare
Req-294 Is Parent Of 2013 Format Req-702 Secure Data Routing Function Not Applicable Compare
Req-294 Is Parent Of 2013 Format Req-718 Entity Access Control Function Not Applicable Compare
Req-294 Is Parent Of Req-759 Entity Authentication Function Not Applicable Compare
Req-294 Is Parent Of Req-760 Non-Repudiation Not Applicable Compare
Req-294 Is Parent Of Req-761 Secure Data Exchange Not Applicable Compare
Req-294 Is Parent Of Req-762 Information Attestation Not Applicable Compare
Req-294 Is Parent Of 2013 Format Req-1247 Emergency consent documentation Normative Statements SHALL Compare

Provenance:

HL7 EHR FM R1

Achievability:

Requirement Type:

Header

Shall/Should/May:

Critical/Core:

No

Status:

Released

Links:

Not Provided

See Also:

Not Provided

Comments:

Not Provided

Additional Information:

Not Provided

Select Download Type:

Download the selected requirement in a ZIP file that contains an MS Excel spreadsheet file.
Download the selected requirement in a ZIP file that contains a PDF file.
Download the selected requirement in a ZIP file that contains an MS Word file.

File Reader Downloads:

Programs which can be used to read the various file formats available on this page can be accessed below:

Microsoft Excel File Reader (for XLS files)
Download Excel Reader Exit Disclaimer

Portable Document Format Reader (for PDF files):
Download PDF Reader Exit Disclaimer

Microsoft Word Reader (for DOCX files):
Download Word Reader Exit Disclaimer

Last Updated 04/13/2016
Scroll To Top