United States Health Information Knowledgebase

 

You are viewing the Abridged Children's EHR Format.
To view the Full Children's EHR Format, you must first agree to the HL7 License Agreement.

Req-2007: Incorporate and adhere to local and national laws in regards to patient EHR access
Release Package: 2015 Priority List


Release Package:

2015 Priority List

Requirement ID:

Req-2007

Title:

Incorporate and adhere to local and national laws in regards to patient EHR access

Description:

The system shall provide the ability to apply age-based triggers for Pediatric Patient Portal access to comply with varying Federal, State, and local laws.
• As an example, it is expected that the system will comply with the Children’s Online Privacy Protection Act.
• The vendor shall identify the States and localities for which the system complies.
• Recommended implementation of this requirement includes line item segmentation of conditions and treatments to allow separation of access between the patient and the parent/guardian.

Related Requirements:

Relationship Release Package Requirement ID Requirement Title Requirement Type SHALL / SHOULD / MAY Compare Requirements
Req-2007 is associated with 2013 Format Req-524 Incorporate and adhere to legal local and national laws in regards to patient EHR access Normative Statements SHALL Compare

Topic Area(s):

Requirement Type:

Normative Statement

Shall/Should/May:

SHALL

Critical/Core:

Yes

Status:

Released

Implementation Notes:

A system must be able to support end users in configuring access to a minor patient’s personal health data through a patient portal in a manner that complies with Federal, State, and local laws. The system is not expected to be compliant with the variation of State/local laws across States but to provide the ability to configure the proposed functionality to adjust to local mandates. Age-based triggers should support the provider in that compliance. For instance, to support compliance with the Federal Children’s Online Privacy Protection Act, the system should trigger a request for parent/guardian permission before collecting personal information from the minor patient online when a minor is younger than 13 years old. Systems should also support setting age-based triggers that reflect providers’ own criteria around portal access. If a system supports the application of relevant State and local laws through age-based triggers, the vendor should identify which States and localities are supported.
Importantly, to support the exposure of information through the portal in a manner that complies with relevant laws, the system should enable the selection of data or portions of the record for separation of access as between the minor patient and the parent/guardian based on localized legal requirements. See Requirement 2041 for further detail on data segmentation.

Select Download Type:

Download the selected requirement in a ZIP file that contains an MS Excel spreadsheet file.
PDF
Download the selected requirement in a ZIP file that contains a PDF file.
Download the selected requirement in a ZIP file that contains an MS Word file.

File Reader Downloads:

Programs which can be used to read the various file formats available on this page can be accessed below:

Microsoft Excel File Reader (for XLS files)
Download Excel Reader Exit Disclaimer

Portable Document Format Reader (for PDF files):
Download PDF Reader Exit Disclaimer

Microsoft Word Reader (for DOCX files):
Download Word Reader Exit Disclaimer

Last Updated 04/13/2016
Scroll To Top