Comprehensive management of the access to the electronic patient record: towards trans-institutional networks
- PMID: 17084663
- DOI: 10.1016/j.ijmedinf.2006.09.014
Comprehensive management of the access to the electronic patient record: towards trans-institutional networks
Abstract
Background: A system ensuring tight control access is used since 5 years at the University Geneva Hospitals (HUG) over a four campuses health care system with ambulatory care settings behaving like a small community care network. Access to identified clinical information is limited to care providers that have a therapeutic relationship with the patient and to those data needed for that relation. The same policy applies to administrative or scientific research accesses. This paper presents how the HUG met the challenging goal of protecting patient privacy within regulatory limits while keeping the system operational in terms of use and management.
Solution: The main characteristics of the system are: (a) an institution-wide policy for access rights to the computerized patient record; (b) an institutional management of the contracts of the collaborators; (c) access profiles based on application-independent, fine-grained access rights; (d) a decentralized attribution of profession-specific access profiles; (e) a complete, centralized log of all accesses to the clinical information system; and (f) a decentralized verification of the accesses. Many of these characteristics can be maintained when evolving towards a trans-institutional computerized patient record, but new constraints need to be taken into account.
Similar articles
-
Comprehensive management of the access to a component-based healthcare information system.Stud Health Technol Inform. 2006;124:251-6. Stud Health Technol Inform. 2006. PMID: 17108533
-
EMR confidentiality and information security.J Healthc Inf Manag. 2003 Summer;17(3):41-8. J Healthc Inf Manag. 2003. PMID: 12858596
-
Design of a patient-centered, multi-institutional healthcare information network using peer-to-peer communication in a highly distributed architecture.Stud Health Technol Inform. 2004;107(Pt 2):1048-52. Stud Health Technol Inform. 2004. PMID: 15360972
-
Information governance in NHS's NPfIT: a case for policy specification.Int J Med Inform. 2007 May-Jun;76(5-6):432-7. doi: 10.1016/j.ijmedinf.2006.09.008. Epub 2006 Oct 27. Int J Med Inform. 2007. PMID: 17070728 Review.
-
The need to know the history of the use of digital patient data, in particular the EHR.Int J Med Inform. 2007 May-Jun;76(5-6):438-41. doi: 10.1016/j.ijmedinf.2006.09.009. Epub 2006 Oct 25. Int J Med Inform. 2007. PMID: 17067851 Review.
Cited by
-
Assessing and comparing information security in swiss hospitals.Interact J Med Res. 2012 Nov 7;1(2):e11. doi: 10.2196/ijmr.2137. Interact J Med Res. 2012. PMID: 23611956 Free PMC article.
-
Using Ethereum Smart Contracts to Store and Share COVID-19 Patient Data.Cureus. 2022 Jan 18;14(1):e21378. doi: 10.7759/cureus.21378. eCollection 2022 Jan. Cureus. 2022. PMID: 35198290 Free PMC article.
-
A survey aimed at general citizens of the US and Japan about their attitudes toward electronic medical data handling.Int J Environ Res Public Health. 2014 Apr 25;11(5):4572-88. doi: 10.3390/ijerph110504572. Int J Environ Res Public Health. 2014. PMID: 24776721 Free PMC article.
Publication types
MeSH terms
LinkOut - more resources
Full Text Sources
Miscellaneous
