Hi, Let me try again,
I found in the ISO18308-conformance PDF ------------------ The EHRRA must support measures which ensure that every contribution to the record must be attested by a responsible person . (6.1.6) ------------------ openEHR EHR RM: every COMPOSITION includes a AUDIT_DETAILS object which contains the mandatory attribute committer:PARTY_REF. An attestation form of the AUDIT_DETAILS object can be used if desired, allowing digital signing. ------------------ A GP a few days ago was thinking of the following situation A patient goes to the GP, the GP sends the patient to the hospital, in the hospital there are some tests. The results of these tests can arrive in the openehr system, possiblities - the GP may not be allowed to see the results of these tests, because the specialist thinks the GP is not qualified to judge the outcome - the GP may not be allowed to see the results of these tests because the patient does not want him to see them - the GP is allowed to see the results because the specialist and the patient allow him to see the result. As I understand, in this case, the committer of the composition is the specialist ------------------ As I understand this, a authorization application keeping track of authorizations and group-definitions is needed to support the openehr-using application. Are there any thoughts about this? Can I read some more about this, anybody know where And also other thoughts about authorization by other ways are welcome. I was thinking of authorizations on the use of archetypes. In the above example, the specialist could have used a specially prepared archetype to post the test-results in case he did not want the GP to see the results, and another archetype if he grants the GP to see the results, then there would be only one extra authorization necessary, the patient must allow the GP to use all the archetypes, he as a GP is entitled to use. But maybe, very well possible, I am overlooking a lot, so Please help me thinkig about this Thanks Bert Verhees
