Thanks for addressing this Tom. I'm not certain how this process should be managed but there should be a formal process put in place (maybe by the openEHR Foundation) to mediate the conformance procedures.
On Fri, 2007-11-09 at 19:03 +1000, Thomas Beale wrote: > Content compliance > - the system can receive, store and serve various test items of content; the > served versions do not vary from the received versions > - the system corerctly creates content due to a given series of calls to the > vEHR API component (this API will be standardised in the near future) > - the system corectly creates an EHR Extract in response to a give request. > - the system correctly receives and integrates a test EHR Extract. > - the system correctly responds to test queries > I agree completely. > System integration > - the system correctly receives, converts and serves test messages (e.g. > HL7v2) > - etc for other formats, including CDA, PDF, text, etc > - the system correctly connects to / integrates with IHE, HSSP and/or other > recognised infrastructures. > I completely disagree. Interfacing with other systems *is* important. However, integration compliance outside of openEHR should be tested and confirmed with those agencies. For example, why would anyone in any African nation care if their system was IHE compliant? > Services > - the system correctly responds when each service function of the EHR and > other services are exercised. These certainly need to be specified. As AQL matures and other web service type accesses become recognized as being technically required. In fact, does openEHR want to "specify" that SOA is the proper way to approach healthcare information exchange? > > Privacy > - various tests to show that the privacy settings of a test user are > respected > during querying and other access methods Agree. > > Security > - various tests to show that data integrity and signing are working > Agree. > Performace > - various tests to indicate responds to single patient and populatin queries > - volume tests > Totally agree! > > > Not all of these will necessarily be standardised by openEHR, but a > sufficient > number must be so that users of openEHR systems can have confidence in the > correctness, safety, privacy and other aspects of systems. > Certainly the core conformance testing is keyed around content validity/reproducibility. But I agree that privacy and security should be tested. Of course, openEHR makes this easier by design. ;-) Cheers, Tim -- Timothy Cook, MSc Health Informatics Research & Development Services http://timothywayne.cook.googlepages.com/home LinkedIn Profile:http://www.linkedin.com/in/timothywaynecook
