In      


Note: To order products from this page you need to Log In or Register as a User

Cover Image
 

AS 4400-1995
Personal privacy protection in health care information systems

General Product Information

Document Type:  Standard
Status:  Withdrawn
Publisher:    Standards Australia
Committee:  IT-014
Withdrawn Date:  14 Oct 2004
Supersedes:
DR 94277



Available Products          [Log In or Register as a User to order products] My Location :

Order   Product Price [USD]
Preferred Currency

   Details  
Add To Cart


  
 PDF    $63.96
Published:   05 Oct 1995  
ISBN: 0-7337-0115-9
Pages: 22
Add To Cart


  
 Hardcopy    $63.96
Published:   05 Oct 1995  
Delivery Time: up to 10 days
ISBN: 0-7337-0115-9
Pages: 22

Abstract

Sets out the requirements for the protection of personal information held in health care information systems from breaches of integrity and confidentiality. It applies to all forms of health information, whether held in computerised systems or hard copy records, in both private and public sector organizations.

Scope

This Standard establishes requirements for the protection of personal information in health care information systems. The Standard has been developed to apply to all forms of health information, including that held in computerized systems or hard copy records.

The Standard recognizes that many organizations with personal information in health care information systems operate under the requirements of legislation or codes of practice or guidelines that have a legal basis. For these organizations these arrangements will take precedence over the requirements of the corresponding sections of this Standard.

The Standard recognizes the requirement for properly authorized and conducted health research, quality assurance and clinical audit, and accepts that there needs to be a balance between the requirements of personal information privacy and the health benefits achievable through such recognized activities.

The Standard outlines what a reasonable individual, whether health care provider or patient, might expect in relation to the protection of personal information by way of protection of data and systems security. Importantly, the Standard recognizes the balance required between the protection of personal privacy and the genuine, controlled and legitimate use of this information in providing and improving health care systems.

The Standard also serves as a benchmark which may be used to audit performance and to determine whether a holder of personal information may be able to trust a third party with that information, based on their compliance with this Standard, in whole or in part.

Application
Each organization is expected to develop its own information policy or code of practice, appropriate to its own operating environment, based on this Standard.

Where an organization does not comply fully with the requirements of this Standard, it shall record in its policy the extent of noncompliance and the alternative measures taken to protect personal information. The policy, including noncompliance should be reviewed and approved by an appropriate independent body.

The appropriate independent body which approves an organization's information policy should have the power to grant exemptions to particular requirements of this Standard, provided that such exemptions are recorded in the organization's information policy.

An appropriate independent body which grants exemptions should adopt guidelines on when an exemption may be granted. Decisions to grant exemptions should be publicly available.

History

First published as AS 4400-1995.

Tell a friend about this search result             

Suggestions
 
Shopping Guide & FAQs | Privacy Policy | Copyright Policy | Returns Policy | Terms and Conditions | SAI Global
© 2009 SAI Global Limited