EN 13606-4:2007
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
Health informatics - Electronic health record communication - Part 4: Security
03-07-2019
28-03-2007
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviations
5 Conformance
6 Record Component Sensitivity and Functional Roles (Normative)
6.1 RECORD_COMPONENT sensitivity
6.2 Functional Roles
6.3 Mapping of Functional Role to RECORD_COMPONENT Sensitivity
7 Representing access policy information within an EHR_EXTRACT
7.1 General
7.2 Archetype of the Access policy COMPOSITION
7.3 ADL representation of the archetype of the access policy
COMPOSITION
7.4 UML representation of the archetype of the access policy
COMPOSITION
8 Representation of audit log information
8.1 EHR_AUDIT_LOG_EXTRACT model
Annex A (informative) - Illustrative access control example
Annex B (informative) - Relationship of this part standard
to the Distribution Rules: ENV 13606-3:2000
Bibliography
This part of this multipart standard on Electronic Health Record Communication describes a methodology for specifying the privileges necessary to access EHR data. This methodology forms part of the overall EHR communications architecture defined in Part 1 of this standard.This standard seeks to address those requirements uniquely pertaining to EHR communications and to represent and communicate EHR-specific information that will inform an access decision. It also refers to general security requirements that apply to EHR communications and points at technical solutions and standards that specify details on services meeting these security needs.NOTESecurity requirements for EHR systems not related to the communication of EHRs are outside the scope of this standard.
| Committee |
CEN/TC 251
|
| DevelopmentNote |
Supersedes ENV 13606-4. (04/2007)
|
| DocumentType |
Standard
|
| PublisherName |
Comite Europeen de Normalisation
|
| Status |
Superseded
|
| SupersededBy |
| Standards | Relationship |
| DIN EN 13606-4:2007-06 | Identical |
| NBN EN 13606-4 : 2007 | Identical |
| NEN EN 13606-4 : 2007 | Identical |
| NS EN 13606-4 : 1ED 2007 | Identical |
| I.S. EN 13606-4:2007 | Identical |
| PN EN 13606-4 : 2009 | Identical |
| SN EN 13606-4 : 2007 | Identical |
| UNI EN 13606-4 : 2007 | Identical |
| BS EN 13606-4:2007 | Identical |
| UNE-EN 13606-4:2007 | Identical |
| NF EN 13606-4 : 2007 | Identical |
| I.S. EN 12967-3:2007 | HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 3: COMPUTATIONAL VIEWPOINT |
| 08/30176350 DC : DRAFT MAR 2008 | BS ISO 12967-2 - HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 2: INFORMATION VIEWPOINT |
| I.S. EN ISO 21549-8:2010 | HEALTH INFORMATICS - PATIENT HEALTHCARD DATA - PART 8: LINKS |
| UNI EN ISO 12967-2 : 2011 | HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 2: INFORMATION VIEWPOINT |
| BS EN 13940-1:2007 | Health informatics. System of concepts to support continuity of care Basic concepts |
| EN 12967-2:2007 | Health informatics - Service architecture - Part 2: Information viewpoint |
| EN 12967-3:2007 | Health informatics - Service architecture - Part 3: Computational viewpoint |
| EN 13940-1:2007 | Health informatics - System of concepts to support continuity of care - Part 1: Basic concepts |
| CEN/TR 15872:2014 | Health informatics - Guidance on patient identification and cross-referencing of identities |
| BS EN ISO 21549-8:2010 | Health informatics. Patient healthcard data Links |
| BS EN ISO 12967-2:2011 | Health informatics. Service architecture Information viewpoint |
| 08/30176347 DC : DRAFT MAR 2008 | BS ISO 12967-1 - HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 1: ENTERPRISE VIEWPOINT |
| I.S. EN ISO 12967-2:2011 | HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 2: INFORMATION VIEWPOINT |
| EN ISO 12967-2:2011 | Health informatics - Service architecture - Part 2: Information viewpoint (ISO 12967-2:2009) |
| I.S. EN 13940-1:2007 | HEALTH INFORMATICS - SYSTEM OF CONCEPTS TO SUPPORT CONTINUITY OF CARE - PART 1: BASIC CONCEPTS |
| 10/30231944 DC : 0 | BS EN ISO 12967-2 - HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 2: INFORMATION VIEWPOINT |
| UNE-EN ISO 12967-2:2012 | Health informatics - Service architecture - Part 2: Information viewpoint (ISO 12967-2:2009) |
| ISO 21549-8:2010 | Health informatics Patient healthcard data Part 8: Links |
| I.S. EN 12967-2:2007 | HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 2: INFORMATION VIEWPOINT |
| I.S. EN 12967-1:2007 | HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 1: ENTERPRISE VIEWPOINT |
| 08/30153875 DC : DRAFT FEB 2008 | BS ISO 25720 - GENOMIC SEQUENCE VARIATION MARKUP LANGUAGE |
| 08/30176353 DC : DRAFT MAR 2008 | BS ISO 12967-3 - HEALTH INFORMATICS - SERVICE ARCHITECTURE - PART 3: COMPUTATIONAL VIEWPOINT |
| S.R. CEN/TR 15872:2014 | HEALTH INFORMATICS - GUIDANCE ON PATIENT IDENTIFICATION AND CROSS-REFERENCING OF IDENTITIES |
| BS EN 12967-1:2007 | Health informatics. Service architecture Enterprise viewpoint |
| BS EN 12967-2:2007 | Health informatics. Service architecture Information viewpoint |
| EN ISO 21549-8:2010 | Health informatics - Patient healthcard data - Part 8: Links (ISO 21549-8:2010) |
| 10/30209040 DC : 0 | BS EN 13940-2 - HEALTH INFORMATICS - SYSTEM OF CONCEPTS TO SUPPORT CONTINUITY OF CARE - PART 2: HEALTH CARE PROCESS AND WORKFLOW |
| 12/30255894 DC : 0 | BS EN ISO 13940 - HEALTH INFORMATICS - SYSTEM OF CONCEPTS TO SUPPORT CONTINUITY OF CARE |
| PD CEN/TR 15872:2014 | Health informatics. Guidance on patient identification and cross-referencing of identities |
| UNE-EN ISO 21549-8:2010 | Health informatics - Patient healthcard data - Part 8: Links (ISO 21549-8:2010) |
| BS EN 12967-3:2007 | Health informatics. Service architecture Computational viewpoint |
| ISO 12967-2:2009 | Health informatics Service architecture Part 2: Information viewpoint |
| EN 12967-1:2007 | Health informatics - Service architecture - Part 1: Enterprise viewpoint |
| ISO/TS 22600-1:2006 | Health informatics Privilege management and access control Part 1: Overview and policy management |
| ISO 22857:2013 | Health informatics — Guidelines on data protection to facilitate trans-border flows of personal health data |
| ISO/TS 18308:2004 | Health informatics Requirements for an electronic health record architecture |
| ISO/TS 21091:2005 | Health informatics Directory services for security, communications and identification of professionals and patients |
| EN 14484:2003 | Health informatics - International transfer of personal health data covered by the EU data protection directive - High level security policy |
| ENV 13608-2 : DRAFT 2000 | HEALTH INFORMATICS - SECURITY FOR HEALTHCARE COMMUNICATION - PART 2: SECURE DATA OBJECTS |
| ISO 7498-2:1989 | Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture |
| ENV 13608-3 : DRAFT 2000 | HEALTH INFORMATICS - SECURITY FOR HEALTHCARE COMMUNICATION - PART 3: SECURE DATA CHANNELS |
| ISO/IEC 2382-8:1998 | Information technology Vocabulary Part 8: Security |
| ISO/TS 22600-2:2006 | Health informatics Privilege management and access control Part 2: Formal models |
| EN 14485:2003 | Health informatics - Guidance for handling personal health data in international applications in the context of the EU data protection directive |
| ISO/IEC 17799:2005 | Information technology Security techniques Code of practice for information security management |
| ENV 13608-1:2000 | HEALTH INFORMATICS - SECURITY FOR HEALTHCARE COMMUNICATION - PART 1: CONCEPTS AND TERMINOLOGY |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.