BSI 20/30376066 DC 2020

$13.70

BS EN ISO 27789. Health informatics. Audit trails for electronic health records

Published By	Publication Date	Number of Pages
BSI	2020	53

Guaranteed Safe Checkout

Categories: 35.240.80 - IT applications in health care technology, BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This document specifies a common framework for audit trails for electronic health records (EHR), in terms of audit trigger events and audit data, to keep the complete set of personal health information auditable across information systems and domains.

It is applicable to systems processing personal health information which, complying with ISO 27799, create a secure audit record each time a user accesses, creates, updates, or archives personal health information via the system.

NOTE

Such audit records at minimum uniquely identify the user, uniquely identify the subject of care, identify the function performed by the user (record creation, access, update, etc.), and record the date and time at which the function was performed.

This document covers only actions performed on the EHR, which are governed by the access policy for the domain where the electronic health record resides. It does not deal with any personal health information from the electronic health record, other than identifiers, the audit record only containing links to EHR segments as defined by the governing access policy.

It does not cover the specification and use of audit logs for system management and system security purposes, such as the detection of performance problems, application flaw, or support for a reconstruction of data, which are dealt with by general computer security standards such as ISO/IEC 15408^[⁹^].

Annex A gives examples of audit scenarios. Annex B gives an overview of audit log services.

Status

Definitive

Pages

Publication Date

2020-04-22

Standard Number

20/30376066 DC

Title

BS EN ISO 27789. Health informatics. Audit trails for electronic health records

Identical National Standard Of

ISO/DIS 27789

Descriptors

Data recording, Data transmission methods, Information handling, Data handling, Data processing, Data layout, Data storage, Personal health, Data representation, Data transmission, Health services, Data syntax, Information exchange, Data transfer, Records (documents)

Publisher

BSI

Committee

IST/35

ICS Codes

35.240.80 - IT applications in health care technology


PDF Format	Searchable	Printable	Preview Now

BSI 20/30376066 DC 2020

Related products