There a many other products that will provide the same sort of Secure Message Delivery as well. (HIPPA ain't an insignificant piece of work,,, but hey,, they might not have it right....)
Guys,,,Don't get bogged down in the technical detail,, define the business process and rules first,, and the rest will follow. _____ Alby Creevey ph: (melb) +61 (0)3 9533 9999 (syd) +61 (0)2 9263 2700 fx: (melb) +61 (0)3 9533 9988 (syd) +61 (0)2 9263 2711 mob: +61 (0)419 478 650 url: www.SeeBeyond.com <hhtp:\\www.SeeBeyond.com> acreevey at SeeBeyond.com <mailto:acreevey at SeeBeyond.com> -----Original Message----- From: [email protected] [mailto:owner-openehr-technical at openehr.org]On Behalf Of Thomas Clark Sent: Monday, 5 May 2003 1:54 PM To: Bill Walton; openehr-technical at openehr.org; Thomas Beale Subject: Re: Access controls and Audit trails (was Re: openEHR security); Bill Walton Hi Bill. The following link might be appropriate for ftp-based messaging solutions: http://www.linuxmednews.com/linuxmednews/1046134538/index_html TITLE: "... and open-source Electronic Data Interchange" NOTES: -"... SolAce Server was designed to do reliable, secure messaging in compliance with the HIPAA Security Rule ..." -written in Java -Thomas Clark ----- Original Message ----- From: "Bill Walton" <[email protected]> To: <openehr-technical at openehr.org>; "Thomas Beale" <thomas at deepthought.com.au> Sent: Sunday, May 04, 2003 8:14 PM Subject: Re: Access controls and Audit trails (was Re: openEHR security) > Hi Thomas, > > Thomas Beale wrote: > > > > Bill Walton wrote: > > > > > > > > BW: Further, it looks like the EHR access history should include > > > reads as well as writes. That way, the trail would lead to the > > > providers that have, with permission, made copies of the EHR within > > > their own systems. > > > > > > > SH: True - it will only be able to be stored as an HTML rendition > > > unless there is an extract in openEHR - but you are right - this could > > > be saved - this is difficult to police. > > > > > > Oops! I'd assumed there would be extracts in openEHR. HIPAA > > > specifies, under the Transaction Rules that go into effect in October > > > of this year, a number of EDI transactions between systems that would > > > require this. HTML will not be sufficient. > > > > Can anyone clarify this bit of the debate - I have lost track of what is > > being said here! > > I was inquiring about the audit trail capabilities intended to be > incorporated in v1.0 of openEHR and Sam was very graciously trying to > enlighten me. His commment re: HTML made me expand the question to > extracts. I'm not sure I was sufficiently clear about my line of > questioning, and comments by others make me wonder whether or not I should > take this off-line. I am specifically trying to ascertain the applicability > of openEHR to the emerging requirements here in the U.S. and do not wish to > infringe on the group's bandwidth if there is a less intrusive way to handle > my questions. Please let me know how you'd like me to proceed. And thank > you all for your patience to date. > > Best regards, > Bill > > - > If you have any questions about using this list, > please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
