Bill Walton wrote:
>Hi Thomas, > >Thomas Beale wrote: > >>So. What do we know? >>- role-based access control is required. To make it work properly in a >>shared care community context (e.g. a hospital, 50 GPs, aged care homes, >>nursing care, social workers etc etc) then the roles need to be defined >>congruently. I seem to remember some Canadian project coming to the >>conclusion that really the roles need to be defined the same across the >>entire (national) health care system. I think this is both correct and a >>the same time unrealistic. >> >> > >With all due respect, Thomas, it it's unrealistic then, IMO, it can't be >correct. (Pragmatism R Us ;-) ) > >I'd like to offer food for thought. The fundamental assumption at work here >seems to be that care givers will access the same system, thus driving the >need for all users of the system to be assigned roles that are defined >congruently. Let's consider an alternative model. > when I wrote "health system" above, I meant the whole health delivery system in a country or region, not literally an information system. > >When I travel from the U.S. to the U.K., I (the physical being) move from >one socio-cultural-legal model to another. That does not change who / what >I am, but it does change my behavior because I operate under a different set >of norms and mores in the new environment. I accept new forms of >interaction and find that familiar forms are no longer available. > >Why should it be any different for the information about me than it is for >me? > exactly right. So many aspects of security, care process, what archetypes are used etc will change. >If we work from a perspective that posits that health information will move >from system to system and be used / modified based on the rule sets in place >within the various systems, does that make the problem more amenable to >solution? > I think this is our base assumption. All I wanted to say above is that access control rules somehow have to deal with the varying definitions of same-named roles across widely differing jurisdictions. I like Mike's paper too, I need to give it more thought. - thomas - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
