Potrebujeme váš súhlas na využitie jednotlivých dát, aby sa vám okrem iného mohli ukazovať informácie týkajúce sa vašich záujmov. Súhlas udelíte kliknutím na tlačidlo „OK“.
Standard Guide for Information Access Privileges to Health Information (Withdrawn 2017)
Automaticky preložený názov:
Štandardné Guide pre informačnú oprávnenie pre prístup k zdravotníckych informácií
NORMA vydaná dňa 1.3.2013
Označenie normy: ASTM E1986-09(2013)
Poznámka: NEPLATNÁ
Dátum vydania normy: 1.3.2013
Kód tovaru: NS-43842
Počet strán: 13
Približná hmotnosť: 39 g (0.09 libier)
Krajina: Americká technická norma
Kategória: Technické normy ASTM
Keywords:
access, access privileges, confidentiality, health data, health information, healthcare records, ICS Number Code 03.160 (Law. Administration), 11.020 (Medical sciences and health care facilities in general), 35.240.80 (IT applications in health care technology)
Significance and Use | ||||
4.1 The maintenance of confidentiality in paper-based, electronic, or computer-based health information requires that policies and procedures be in place to protect confidentiality. Confidentiality of information depends on structural and explicit mechanisms to allow persons or systems to define who has access to what, and in what situation that access is granted. For guidelines on the development and implementation of privilege management infrastructures supporting these mechanisms, see Guide E2595. 4.2 Confidential protection of data elements is a specific requirement. The classification of data elements into restrictive and specifically controlled categories is set by policies, professional practice, and laws, legislation, and regulations. 4.3 There are three explicit concepts upon which the use of and access to health information confidentiality are defined. Each of these concepts is an explicit and unique characteristic relevant to confidentiality, but only through the combination (convergence) of all three concepts can appropriate access to an explicit data element at a specific point in time be provided, and unauthorized access denied. The three concepts are: 4.3.1 The categorization and breakdown of data into logical and reasonable elements or entities. 4.3.2 The identification of individual roles or job functions. 4.3.3 The establishment of context and conditions of data use at a specific point in time, and within a specific setting. 4.4 The overriding principle in preserving the confidentiality of information is to provide access to that information only under circumstances and to individuals when there is an absolute, established, and recognized need to access that data, and the information accessed should itself be constrained only to that information essential to accomplish a defined and recognized task or process. Information nonessential to that task or process should ideally not be accessible, even though an individual accessing that information may have some general right of access to that information. |
||||
1. Scope | ||||
1.1 This guide covers the process of granting and maintaining access privileges to health information. It directly addresses the maintenance of confidentiality of personal, provider, and organizational data in the healthcare domain. It addresses a wide range of data and data elements not all traditionally defined as healthcare data, but all elemental in the provision of data management, data services, and administrative and clinical healthcare services. In addition, this guide addresses specific requirements for granting access privileges to patient-specific health information during health emergencies. 1.2 This guide is based on long-term existing and established professional practices in the management of healthcare administrative and clinical data. Healthcare data, and specifically healthcare records (also referred to as medical records or patient records), are generally managed under similar professional practices throughout the United States, essentially regardless of specific variations in local, regional, state, and federal laws regarding rules and requirements for data and record management. 1.3 This guide applies to all individuals, groups, organizations, data-users, data-managers, and public and private firms, companies, agencies, departments, bureaus, service-providers, and similar entities that collect individual, group, and organizational data related to health care. 1.4 This guide applies to all collection, use, management, maintenance, disclosure, and access of all individual, group, and organizational data related to health care. 1.5 This guide does not attempt to address specific legislative and regulatory issues regarding individual, group, and organizational rights to protection of privacy. 1.6 This guide covers all methods of collection and use of data whether paper-based, written, printed, typed, dictated, transcribed, forms-based, photocopied, scanned, facsimile, telefax, magnetic media, image, video, motion picture, still picture, film, microfilm, animation, 3D, audio, digital media, optical media, synthetic media, or computer-based. 1.7 This guide does not directly define explicit disease-specific and evaluation/treatment-specific data control or access, or both. As defined under this guide, the confidential protection of elemental data elements in relation to which data elements fall into restrictive or specifically controlled categories, or both, is set by policies, professional practice, and laws, legislation and regulations. |
||||
2. Referenced Documents | ||||
|
Historická
1.3.2012
Historická
1.3.2010
Historická
1.12.2012
Historická
1.6.2010
Historická
1.3.2013
Historická
1.5.2011
Posledná aktualizácia: 2024-12-23 (Počet položiek: 2 217 157)
© Copyright 2024 NORMSERVIS s.r.o.