Healthcare Code of Conduct

From MgmtWiki

Revision as of 18:18, 2 August 2021 by Tom (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Contents

1 Full Title or Meme
2 Context
3 Examples
- 3.1 CARIN
- 3.2 Norwegian
4 References

Full Title or Meme

In Healthcare Identity Management a Code of Conduct applies to those software elements that handle the Patient Health Information.

Context

See the wiki page Health Care Digital Identity for more about the context of this topic.

Examples

CARIN

Norwegian

There are two categories, large and small organization.
There are a series of fact sheets which includes. These all include something that looks like assessment criteria.
- the actors in a healthcare covered entity.
- There Sallowed be a security management system where PHI is present.
- Procedures must be inlace before processing PHI.
- Security Audits shall be conducted at least annually.
- Rich assessments must be carried out prior to operations, including any change that may impact security.
- External data processors must agree to follow and report on compliance with regulations.
- Access control appears to be granted based on the purpose of access. It seems to be up to each organization to create the purposes or roles. (RBAC?)

References

See the wiki page CARIN App Registration for details on one use case for the CARIN code of conduct.

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Healthcare_Code_of_Conduct&oldid=11564"

Health