Dr. Irving Buchbinder, The long-term goal of the project is to develop a standards-based EHR system and a patient-maintained EPR system such that the two will be able to interact with each other. We are at the initial point where we are reviewing existing EHR/EPR systems and standards around the world with the aim of making informed choices. My specific responsibility at this point happens to be investigating security, privacy and confidentiality aspects of healthcare information management. I am new to both computer security and healthcare information security, privacy and confidentiality - I'm just taking my initial steps in these domains.
True, security and privacy are not the same. I have noted that in literature on EHR/EPR, there is reference to "security and privacy" and sometimes to "privacy and confidentiality". I am not sure whether these references refer to the terms' meaning in computer security or in healthcare profession/domain or whether or not the terms mean the same in both domains. We welcome technical clarification of these concepts (security, privacy and confidentiality) in the context of healthcare information management and/or EHRs. I am currently studying your distribution. Thank you Regards --- Kuda On Fri, 2008-03-14 at 14:52 -0400, Dr. Irving Buchbinder wrote: > Greetings > > How, specifically, can we help you. We maintain an open copy of our > distribution so you can look to see how privacy is maintained. > Security and privacy are not the same. What sort of project are you > doing? > > I hope we can help you.. > > On Fri, Mar 14, 2008 at 1:52 PM, Kudakwashe Dube > <kd.open.ehcr at gmail.com> wrote: > Hi All, > > I'm just beginning a research project on > security/privacy/confidentiality in EHRs. I will greatly > appreciate any > pointers to any material on this topic, especially with > respect to > openEHR. > > I've just noted that in the US, HIPAA is driving > security/privacy/confidentiality implementations in existing > EHR systems > and it seems its is turning out to be a policy/framework-level > security > standard for EHRs in the US that does not prescribe > implementation > issues. I am not sure whether or not EHR standards that > incorporate > HIPAA compliance have emerged yet. > > In the EU region, the situation seems different in the absence > of > HIPAA-type punitive legislation for enforcing healthcare > information > security and privacy. A number of EHR standards generally > incorporate > security and privacy considerations. I am not sure whether > there are any > security and privacy compliance requirements spec standards > and > implementation (incl. openEHR) in the EU region. I will > appreciate any > pointer to material in this regard. > > Thank you in advance > > Regards > ---- > Kuda > > _______________________________________________ > openEHR-technical mailing list > openEHR-technical at openehr.org > http://lists.chime.ucl.ac.uk/mailman/listinfo/openehr-technical > > > > -- > -- > Irving J. Buchbinder, DPM, DABPS > Director, FreeMED Software Foundation, INC > -=Technology advances. People stay the same=- > Leigh Rubin > skype at irvbuchbinder > > *** E-MAIL CONFIDENTIALITY *** > This e-mail may contain confidential and proprietary material for Any > review or distribution by others is strictly prohibited. If you are > not the intended recipient please contact info at freemedsoftware.com and > delete all copies. > _______________________________________________ > openEHR-technical mailing list > openEHR-technical at openehr.org > http://lists.chime.ucl.ac.uk/mailman/listinfo/openehr-technical
