Hi Thomas, Thanks for the link. I've enjoyed your posts.
Best regards, Bill ----- Original Message ----- From: "Thomas Clark" <[email protected]> To: "Bill Walton" <bill.walton at jstats.com>; <openehr-technical at openehr.org>; "Thomas Beale" <thomas at deepthought.com.au> Sent: Sunday, May 04, 2003 10:54 PM Subject: Re: Access controls and Audit trails (was Re: openEHR security); Bill Walton > Hi Bill. > > The following link might be appropriate for ftp-based messaging solutions: > > http://www.linuxmednews.com/linuxmednews/1046134538/index_html > > TITLE: "... and open-source Electronic Data Interchange" > > NOTES: > -"... SolAce Server was designed to do reliable, secure messaging in > compliance with the HIPAA Security Rule ..." > > -written in Java > > -Thomas Clark > > ----- Original Message ----- > From: "Bill Walton" <bill.walton at jstats.com> > To: <openehr-technical at openehr.org>; "Thomas Beale" > <thomas at deepthought.com.au> > Sent: Sunday, May 04, 2003 8:14 PM > Subject: Re: Access controls and Audit trails (was Re: openEHR security) > > > > Hi Thomas, > > > > Thomas Beale wrote: > > > > > > Bill Walton wrote: > > > > > > > > > > BW: Further, it looks like the EHR access history should include > > > > reads as well as writes. That way, the trail would lead to the > > > > providers that have, with permission, made copies of the EHR within > > > > their own systems. > > > > > > > > > SH: True - it will only be able to be stored as an HTML rendition > > > > unless there is an extract in openEHR - but you are right - this could > > > > be saved - this is difficult to police. > > > > > > > > Oops! I'd assumed there would be extracts in openEHR. HIPAA > > > > specifies, under the Transaction Rules that go into effect in October > > > > of this year, a number of EDI transactions between systems that would > > > > require this. HTML will not be sufficient. > > > > > > Can anyone clarify this bit of the debate - I have lost track of what is > > > being said here! > > > > I was inquiring about the audit trail capabilities intended to be > > incorporated in v1.0 of openEHR and Sam was very graciously trying to > > enlighten me. His commment re: HTML made me expand the question to > > extracts. I'm not sure I was sufficiently clear about my line of > > questioning, and comments by others make me wonder whether or not I should > > take this off-line. I am specifically trying to ascertain the > applicability > > of openEHR to the emerging requirements here in the U.S. and do not wish > to > > infringe on the group's bandwidth if there is a less intrusive way to > handle > > my questions. Please let me know how you'd like me to proceed. And thank > > you all for your patience to date. > > > > Best regards, > > Bill > > > > - > > If you have any questions about using this list, > > please send a message to d.lloyd at openehr.org > > - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
