/uksecbib.html
Regards!
-Thomas Clark
Tim Churches wrote:
>On Tue, 2004-03-09 at 23:20, Thompson, Ken wrote:
>
>
>>2) A mechanism on the patient record itself that displays a list of all
>>users that have accessed the record (with date and time). This will probably
>&
ld be accompanied by notifications so
that the
prior security mechanisms would be able to track record handling.
This is a deep topic and as always requires constant attention and
modifications.
Regards!
-Thomas Clark
Thompson, Ken wrote:
>Has anyone got any experience with the effect of providing us
y and duty. Consult an
experience
attorney.
Regards!
-Thomas Clark
Nathan Lea wrote:
> On 9 Mar 2004, at 06:51, Thomas Beale wrote:
>
> A well known study in Harvard medical school (I think) showed that
> putting the message "Do not inappropriately access patient
Hi Thomas,
A security audit coming across this tidbit would raise more than one red
flag!
Regards!
-Thomas Clark
Thomas Beale wrote:
> Tim Cook wrote:
>
>> On Sat, 2004-03-06 at 14:17, Tim Churches wrote:
>>
>>
>>> In general, caches should be
>>>
is essential.
Regards!
-Thomas Clark
Tim Churches wrote:
>On Sun, 2004-03-07 at 10:18, Tim Cook wrote:
>
>
>>On Sat, 2004-03-06 at 14:17, Tim Churches wrote:
>>
>>
>>>In general, caches should be
>>>held on encrypted filesystems, either on-dis
application for security, e.g.,
separating users
is feasible.
Other security techniques can be applied to resource caching if deemed
necessary.
Restricted file systems for 'cached' data can do more than encryption,
e.g., fragment,
has and encrypt.
Regards!
-Thomas Clark
Tim Cook w
Hi Matt,
Comments in text.
Regards!
-Thomas Clark
Matt Evans wrote:
>Dear all,
>
>I would be grateful for some advice on an issue that has been troubling me
>for some time. I am a clinician currently on secondment full time to an EHR
>project. I do not wish to name the softwa
ill also be sufficient for payers and
>governments.
>
>
Variable precision is something you would not want to support in a
malpractice case.
>Presently, each doctor and EMR software vendor is cooking up his own
>shorthand-language, and I'm suggesting that information should be
ections to humans, I object to incorporating humans in a
procedure that involves accuracy and precision. They are better at
receiving dissimilar information, evaluating it, developing alternatives,
making decisions and following a course of action as long as it appears
to be the right thing to do.
Automatic, knowledge-based processes and procedures could serve the
Patient and Provider well. Modelling the Patient-Provider is very difficult.
-Thomas Clark
-
If you have any questions about using this list,
please send a message to d.lloyd at openehr.org
into it. My suspicion is that the gov has documented
HIPAA
as well as it can and is letting the healthcare community tell it what it
said.
-Thomas Clark
- Original Message -
From: "Christopher Feahr"
To: "Thomas Clark" ; "norbert Lipszyc"
;
Sent: Thursday, A
Hi Chris,
One always has to check the 'terms and conditions' of the agreement
between the Patient and the Provider. Generalizing may lead one down the
wrong path.
Comments in text.
-Thomas Clark
- Original Message -
From: "Christopher Feahr"
To: "Thomas
e types of requirements
must be integrated in the design and affecting all levels. I just forget to
mention them.
-Thomas Clark
- Original Message -
From: "norbert Lipszyc"
To: "Christopher Feahr" ; ;
Sent: Wednesday, August 06, 2003 1:23 AM
Subject: Re: Distributed Records
n the records systems but I believe he has the
basics in-hand. Ask him and one might get a verbose response.
-Thomas Clark
- Original Message -
From: "Christopher Feahr"
To: ; "Thomas Beale" ;
Sent: Tuesday, August 05, 2003 1:05 PM
Subject: Re: certification an
The 'users (hospitals and specially the doctors)' are quite diverse globally.
A basic
requirement for the OpenEHR project should be adaptable structure and
applications.
-Thomas Clark
- Original Message -
From: HOPTIMIS at aol.com
To: tclark at hcsystems.com
Cc: ch
ing to mind is that of a frame-based Fibre
Channel network. It does, or can, interface to a wide variety of
technologies. As
a frame-based information transfer system you decide what goes in the frame.
Some modifications serve storage-related tasks; other serve data
communications-
related tasks
herit from ancestors and healthcare-related objects (e.g., disease,
ethnic,
cultural, social, mental, work, environmental). Embedded in this is OpenEHR
as much more than a record-based system.
Regards!
-Thomas Clark
- Original Message -
From: "Christopher Feahr"
To: "Tho
Hi karsten,
Comments in text.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Wednesday, May 07, 2003 4:14 AM
Subject: Re: openEHR security; Directed to Thomas Beale
> Thomas,
>
> >> To me this is simply:
>
> > Patient prior hi
Hi David,
Definitely a component to be included in the:
facility-facility-DataStore-Management
network. There are other candidates, i.e., want to avoid focusing on a
single technology.
-Thomas Clark
- Original Message -
From: "David Forslund"
To: "Patrick Lefebvre&quo
Hi Karsten,
Comments in text.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Tuesday, May 06, 2003 4:43 PM
Subject: Re: openEHR security; Directed to Thomas Beale
> Thomas,
>
> maybe I'm too dense but I cannot appreciate the complexi
Hi Karsten,
At all levels (e.g., records, applications, storage/retrieval, security) it
would be beneficial to enlist the aid of SQA Engineers in an attempt
to break the code. Better before than after.
I'll see if there are some of these folks with spare cycles.
-Thomas Clark
- Ori
to handle.
Interesting problem!
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Tuesday, May 06, 2003 2:06 PM
Subject: Re: openEHR security; Directed to Thomas Beale
> Hi Thomas,
>
> > Constructive! Do you anticipate entering this type status inform
Hi Bill,
This is a good article to review and get a sense of what the
Public Health people are dealing with. Personally it justifies effort placed
toward the OpenEHR project.
-Thomas Clark
- Original Message -
From: "Bill Walton"
To:
Sent: Tuesday, May 06, 2003 11:32
s one area where source code control is a
necessity. SQA (Software Quality Assurance) has stringent
requirements often not met with open peer review.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Tuesday, May 06, 2003 9:02 AM
Subject: Re: Encoding conc
Hi Karsten,
Comments in text.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Tuesday, May 06, 2003 8:56 AM
Subject: Re: openEHR security; Directed to Thomas Beale
> Thomas
>
> > Unless you are planning on an early retirement, etc., it
uld be able to ignore the fact that there are devices and
systems working
together that support different record formats.
-Thomas Clark
- Original Message -
From: "Patrick Lefebvre"
To: ; "Thomas Beale"
Sent: Tuesday, May 06, 2003 6:18 AM
Subject: Re: openEHR
suggestion would be a project to perform Quality Assurance on these
drug databases, since the Healthcare Community seems to presume
correctness.
Just more rambling!
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Tuesday, May 06, 2003 4:50 AM
Subject: Re: Encodi
Hi Karsten,
Thanks for the response. Comments in text.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Tuesday, May 06, 2003 5:05 AM
Subject: Re: openEHR security; Directed to Thomas Beale
> Thomas,
>
> apologies for I at times respond a bit t
e.g., they may still want to
attend that meeting.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Monday, May 05, 2003 9:14 AM
Subject: Re: openEHR security; Directed to Thomas Beale
> Uhm,
>
> > Faced with handling a potential
> > SAR
proper diagnosis and treatment.
Good effort! Good luck!
-Thomas Clark
- Original Message -
From: "Jim Warren"
To:
Sent: Monday, May 05, 2003 2:12 AM
Subject: FW: Encoding concept-relationships in openehr archetypes.
> Dear Tom et al:
>
> This is my "de-lurking"
g in
compliance with the HIPAA Security Rule ..."
-written in Java
-Thomas Clark
- Original Message -
From: "Bill Walton"
To: ; "Thomas Beale"
Sent: Sunday, May 04, 2003 8:14 PM
Subject: Re: Access controls and Audit trails (was Re: openEHR security)
> Hi T
ot;relevance" and NEED TO KNOW are essential elements of the security
system and that a successful authentication carries with it an assurance
that the requestor is provided access to only "relevant"/"germane"
information.
-Thomas Clark
- Original Message -
From:
include the assignment of a
right to copy today's EHR and pertinent history with copy ownership
remaining with the Healthcare Practitioner or Organization.
-Thomas Clark
- Original Message -
From: "Bernd Blobel"
To: "Paul Juarez"
Cc: ;
Sent: Tuesday, Apri
Hi Gerard,
Great! Agree! Thanks!
-Thomas Clark
- Original Message -
From: "Gerard Freriks"
To: "Thomas Clark" ; "Paul Juarez"
; ;
Sent: Monday, April 28, 2003 11:57 PM
Subject: Re: GEHR philosophical background info
> On 2003-04-29 3:44, &qu
function, e.g.,
health and social services.
-Thomas Clark
- Original Message -
From: "Bill Walton"
To:
Sent: Monday, April 28, 2003 12:15 PM
Subject: normalizing access vs. normalizing denial (was openEHR security)
> This is a multi-part message i
issues must be handled up front.
-Thomas Clark
.
- Original Message -
From: "Paul Juarez"
To: ;
Sent: Monday, April 28, 2003 1:48 PM
Subject: Re: GEHR philosophical background info
> This is a MIME message. If you are reading this text, you may want to
> consider ch
d Security
communities would be nice.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Monday, April 28, 2003 2:37 AM
Subject: Re: openEHR security; Directed to Thomas Beale
> Thomas
>
> > NEED TO KNOW is a 'working label' [...]
>
A prior comment.
-Thomas Clark
- Original Message -
From: "Thomas Beale"
To: "Thomas Clark"
Sent: Monday, April 28, 2003 3:26 AM
Subject: Re: openEHR security; Directed to Thomas Beale
> [Thomas - you might want to send this reply to the list]
>
> Thoma
ublic Health
Administrator may be conditional, and the Physician that lives down the
block has to build a case for having some NEED TO KNOW.
-Thomas Clark
- Original Message -
From: "Karsten Hilbert"
To:
Sent: Sunday, April 27, 2003 5:48 AM
Subject: Re: openEHR security; Direc
Hi Thomas,
I have been monitoring the messages and have a keen interest in security
issues (background in secure operating systems and Enterprise storage).
Patient Centered Healthcare Informatics is a main focus currently.
This thread is really going well! I would like to add to it:
1)Many of the
39 matches
Mail list logo