Describes the basic principles needed to securely preserve health records in any format for the long term.

The purpose of this Technical Specification is to define the basic principles needed to securely preserve health records in any format for the long term. It concentrates on previously documented healthcare-specific archiving problems. It also gives a brief introduction to general archiving principles. Unlike the traditional approach to standardization work, where the perspective is that of modelling, code sets and messages, this Technical Specification looks at archiving from the angle of document management and related privacy protection. The document management angle has traditionally been used in connection with patient records in paper form and it can also be applied to digitally stored documents. There are different architectural and technical ways to develop and implement long-term preservation of electronic health records. Archiving can be a function of the online record-keeping system, and we can have a separate independent archive or a federated one. Electronic health records are, in many cases, archived in the form of documents, but other technical solutions also exist.

In this Technical Specification archiving is understood to be a wider process than just the permanent preservation of selected records. Archiving of EHRs is a holistic process covering records maintenance, retention, disclosure and destruction when the record is not in active use. Archiving also includes tasks the EHR system should perform before the record is sent to the EHR-archive.

This Technical Specification defines architecture and technology-independent security requirements for the long-term preservation of EHRs having fixed content.

This Technical Specification and a complementary Technical Report, ISO/TR21548, concentrate on the security requirements (integrity, confidentiality, availability and accountability) necessary for ensuring adequate protection of health information in long-term digital preservation. This Technical Specification will also address privacy protection requirements for both the EHR and eArchiving systems used in the healthcare environment.

This Technical Specification defines functional security requirements for long-term archiving of EHRs, but the practical archiving models and technology required are outside the concept of this Technical Specification.

It is also outside of the Scope of this Technical Specification to comment on the following.

• The creation, management and storage of active health records (records which can be modified, updated and accessed any time at the level of a single object or item) inside the EHR-system. However this Technical Specification defines responsibilities and tasks the EHR-system should undertake before it transfers an EHR to the electronic archive.

• The content of information submission packets sent to the EHR-archive. However this Technical Specification defines security requirements for those packets.

• Any storage structures used (such as DICOM, HL7 or XML) or metafile descriptions used (such as Dublin core or HL7 CDA header) in the eArchiving process.

• Implementation of security services such as PKI, electronic signatures, etc.

• Any of the storage times of EHRs or media applicable for their storage; rather, these will continue to be provided in accordance with national legislation.