PHI
From MgmtWiki
Full Title or Meme
- As defined in FHIR Protected Health Information must be protected by Secure Node interchanges.
- Note that in some documents this is called Personally Identifiable Healthcare Information.
Context
The context of an FHIR interaction is the transfer of PHI although other transaction could occur of the interchange so established.
Problems
- FHIR is focused on the data access methods and encoding leveraging existing Security solutions. Security in FHIR needs to focus on the set of considerations required to ensure that data can be discovered, accessed, or altered only in accordance with expectations and policies.
- Privacy FHIR is focused on the data access methods and encoding leveraging existing Security solutions. Security in FHIR needs to focus on the set of considerations required to ensure that data can be discovered, accessed, or altered only in accordance with expectations and policies.
Solutions
FHIR taken as a whole is designed to exchange PHI is a Privacy preserving manner.
References
FHIR STU3 version of the Security and Privacy Module has a good overview of protection of health information.