Hi Thomas, I forgot I had set up an inbox rule for posts from this forum so have probably missed the last 40 or more posts. Will have to go back through them all to see exactly what has been covered.
Thank you for your useful description. I had meant to put my case as a clinican but as this is the 'technical' forum I don't know if it was the right place. I agree that the described approach makes sense and offers a great deal of customsation regarding access. What I am concerned about, I suppose, is how the system will be implemented. These concerns stem from some examples I have heard - for instance an orthopaedic surgeon only requiring information to perform an operation. Perhaps this is an inaccurate example? My viewpoint is that I spend up to an hour when assessing a patient carefully extracting as much information as possible. My colleagues rely on the thoroughness of this information to look after this patient. We also rely on full access to the entire medical record (ever recorded) in order to safely and holistically care for our patients. I would hope I would have full access to the medical record in order to fulfill my clinical responsibilities. In my field, it is not unusual for patients to either provide unreliable details or to conceal facts. We often rely on recorded facts rather than what we are told. In these circumstances I have concerns about the patient's right to keep private parts of their records. I believe that the suggestion that a patient may essentially exclude sections of their notes from viewing represents a major shift in the way we work. I would also argue that it's difficult for a patient to know when this concealment may put themself or others at risk. Is the intended approach that the viewer would know there was information that they could not view or that it is simply hidden? Matt >-----Original Message----- >From: Thomas Clark [mailto:tclark at hcsystems.com] >Sent: 02 May 2003 04:18 >To: Matt Evans; openehr-technical at openehr.org >Subject: Re: openEHR security; Directed to Thomas Beale > > >Hi Matt, > >Fragmented records and securing individual and groups of >records is a common >approach. It is very much like taking a 300 page document and >building a >security system that enables security: >1)covering the entire document >2)separate security covering chapters and >3)separate security for tables, graphs and figures. > >Access to the document is the first step; access to a specific chapter >requires separate authentication; access to tables, etc can >require separate >authentication. This focuses a specific reader's requests to >those portions >that are "relevant"/"germane". > >"one authentication" systems, e.g., password to your windows >PC or Linux >workstation are really ancient security systems. There are >typically more >ways to break-in than log-in. > >Recall than system and network managers are often the targets >of security >probes because they can access your raw data at will; that may >include your >sensitive data. If you grant access to the entire EHR for a Patient to >anyone successfully passing a "one authentication" gate you >are likely to >experience some real "pushback". Your obligation as a >designer is to ensure >that "relevance" and NEED TO KNOW are essential elements of >the security >system and that a successful authentication carries with it an >assurance >that the requestor is provided access to only "relevant"/"germane" >information. > >-Thomas Clark > > >----- Original Message ----- >From: "Matt Evans" <mge at totalise.co.uk> >To: <openehr-technical at openehr.org> >Sent: Thursday, May 01, 2003 2:30 PM >Subject: FW: openEHR security; Directed to Thomas Beale > > >> >[...] >> >> At all points NEED TO KNOW >> >> governs access >> >[...] >> > >> >Except that the Need-To-Know paradigm doesn't work very well >> >in healthcare. The provider may not know what she needs to >> >know at the time of the patient encounter. The patient can't >> >possibly correctly decide what her doctor must know in order >> >to be able to make the right decisions (of course, the patient >> >is fully able to decide what she *wants* the doctor to know). >> >Etc. >> > >> >Medicine is neither the military nor a secret service, literally >> >(it's not mass media either, on the other end of the spectrum). >> > >> >Just a clinician's muttering ... >> > >> >Karsten >> >-- >> >> Karsten, >> >> I agree and have concerns about being expected to take responsibility >> without access to all the facts. >> >> I suppose this may not be an issue as I suspect that most >people won't >> restrict the information in their file. >> >> However, to fragment a medical file into bits I can and can't see is >similar >> to taking the view that mind and body are separate entities. >> >> If something is restricted, will I know there is something >there that I >> can't see? Or will I be blisfully ignorant? How can I know >if a piece of >> information is irrelevant unless I can see it to assess it? >> >> More mutterings! >> >> Matt >> >> >> - >> If you have any questions about using this list, >> please send a message to d.lloyd at openehr.org > > - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
