New International Organization for Standardization standards for electronic medical records -
- ISO/TS 21547:2010, Health informatics - Security requirements for archiving of electronic health records - Principles. The basic principles needed to securely preserve health records in any format for the long-term. Archiving "is addressed as a holistic process covering records maintenance, retention, disclosure and eventual destruction."
- ISO/TR 21548:2010, Health informatics - Security requirements for archiving of electronic health records - Guidelines. Additional guidance for implementing ISO/TS 21547, as well as "a practical method and tools for the development and management of eArchives."
The ISO press release says:
"Together, the two documents provide a powerful comprehensive solution to address e-health data integrity, including ethical and legal concerns, privacy protection, regulations concerning access and disclosing of records among other needs specific to the industry.
For instance, unlike other electronic documents, patient records must be available throughout their entire lifecycle (potentially reaching 100+ years), regardless of time and place. The ISO documents take into account the dynamic nature of health data, which may be modified through time, its sensitivity and high security requirements, particularly as transferred between services organizations and healthcare providers, and more.
The ISO documents also take into consideration new initiatives in the field, such as the growing trend to reinforce patients’ self determination and participation in their own healthcare, and the data that must be available to them."
I've not seen copies, does anyone know if they really address the issues as well as the press release says they do? How practicable will it be to implement these standards?
©WH. This work is licensed under a Creative Commons Attribution Non-Commercial Share-Alike England 2.0 Licence. Please attribute to WH, Tech and Law, and link to the original blog post page. Moral rights asserted.