Hi Gerard, Record Level Data Security has little to do with legal, social control and organizational aspects.
I agree that these are important, and in many cases more important, than record level data security. They are more complex issues that are dependent upon factors varying from culture to informal/private business arrangements. To be complete others would have to be added. The approach taken was to start at a level where secure global electronic data interchange of healthcare records is possible, a possible model being the "Association For Payment Clearing Services". http://www.apacs.org.uk/downloads/List%20of%20Standards5.pdf The perceived need is secure, standard record formats so that information can be accessed even though it was created under a system using a different record format. The goal is access to all "relevant"/"germane" information. Hence, interchangeability is crucial. I admit that 'legal, social control and organizational' issues are much harder to solve which is why, in the short term, I am staying away from them. -Thomas Clark ----- Original Message ----- From: "Gerard Freriks" <[email protected]> To: <lakewood at copper.net>; <openehr-technical at openehr.org> Sent: Saturday, May 03, 2003 2:40 AM Subject: Re: Record Level Data Security; storage plus fixed and mobiletransmission > On 2003-05-02 22:43, "lakewood at copper.net" <lakewood at copper.net> wrote: > > > Security begins at the data storage level. Unless it can be protected at > > this level more sophisticated techniques applied to transmission and content > > will not be as effective as desired. > > > > Three common approaches are: > > 1)Data security > > 2)Data management and > > 3)Access to storage media-resident data, e.g., somebody's disk drive > > > >>> > > You leave out completely the legal, social control and organisational > aspects. > Technology isn't a silver bullet. > > Gerard > > -- <private> -- > Gerard Freriks, arts > Huigsloterdijk 378 > 2158 LR Buitenkaag > The Netherlands > > +31 252 544896 > +31 654 792800 > > - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
