Difference between revisions of "PHI"

From MgmtWiki
Jump to: navigation, search
(Solutions)
(Full Title or Meme)
Line 2: Line 2:
 
*As defined in [[FHIR]] Protected Health Information must be protected by [[Secure Node]] interchanges.
 
*As defined in [[FHIR]] Protected Health Information must be protected by [[Secure Node]] interchanges.
 
*Note that in some documents this is called Personally Identifiable Healthcare Information.
 
*Note that in some documents this is called Personally Identifiable Healthcare Information.
 +
*Sometimes rendered as ePHI for electronic Protected Health Information.
  
 
==Context==
 
==Context==

Revision as of 13:10, 14 September 2018

Full Title or Meme

  • As defined in FHIR Protected Health Information must be protected by Secure Node interchanges.
  • Note that in some documents this is called Personally Identifiable Healthcare Information.
  • Sometimes rendered as ePHI for electronic Protected Health Information.

Context

The context of an FHIR interaction is the transfer of PHI although other transaction could occur of the interchange so established.

Problems

  • FHIR is focused on the data access methods and encoding leveraging existing Security solutions. Security in FHIR needs to focus on the set of considerations required to ensure that data can be discovered, accessed, or altered only in accordance with expectations and policies.
  • Privacy in FHIR is focused on the data access methods and encoding leveraging existing Security solutions. Security in FHIR needs to focus on the set of considerations required to ensure that data can be discovered, accessed, or altered only in accordance with expectations and policies.

Solutions

FHIR taken as a whole is designed to securely exchange PHI in a Privacy preserving manner.

References

FHIR STU3 version of the Security and Privacy Module has a good overview of protection of health information.