Electronic Health Record System (EHR-S) Scorecard Toolkit

Module 4: Safety Requirements



It is essential that an EHR-S tool provides the necessary mechanisms and elements to ensure the privacy and confidentiality of clinical information.

An EHR-S tool that is not secure is not acceptable

We can define information security as a series of practices to protect information managed through computer systems. It involves preventing or at least reducing the likelihood of unauthorized or improper access to data, or the illegal use, disclosure, interruption, deletion, corruption, modification, inspection, registration, or devaluation of information. It also involves actions aimed at reducing the adverse impacts of such incidents, i.e., when an incident occurs that breaches security.

The objectives of health information security are:

  • Availability
    •  When it comes to clinical information, if access to information is not ensured or is not available, a serious problem arises. For example, because of server or system crashes, or because the information has been degraded, etc.
  • Confidentiality
    •  It refers to the control of access to information, which requires authentication and assignment of profiles and roles.
  • Integrity
    • That the information cannot be altered once validated. In connection with (or requires) encryption
  • Non repudiated
    • Let it be perfectly identified who has done what so that this fact cannot be denied. It requires, depending on the degree of security required, a digital certificate and signature.
  • Audit
    • The system records and stores all accesses and operations carried out with each access to each register so that they can be investigated.


Why is it necessary to have security measures in an EHR-S system?

  • The information processed by EHR-S platforms, by its nature, contains sensitive data that requires security policies to ensure the confidentiality and integrity of the data.
  • Preventing improper access, unauthorized tampering, downloading of confidential documents, etc., is essential during today's communications. Many of our day-to-day actions depend on IT security along the entire data path.
  • Systems that do not meet the appropriate security conditions can be targeted by specialized intruders, who can alter the source codes of programs, obtaining images and documents.

For this reason, it is important to find architecture and security elements that protect the integrity of the system and data, which can decapsulate the different layers of a solution to protect it. These elements are deployed throughout the architecture of the ISO-OSI model.

The organization of the hospital, health center, or facility is also especially important. It has been found that most of the inappropriate access to information comes from people within the system's staff and that many security breaches are due not so much to the technology as to the internal organization.

Within the framework of this chapter, the following components[1] of relevance are identified:

  1. Privacy and information security
  2. ICT Standards

In addition, ISO / IEC 27002[2], which covers both the infrastructure and the procedures for information exchange, is considered as the base reference framework ISO IEC 27002. Also, the OWASP recommendations for security in Web environments.

The concept of security and the requirements that define it can be separated into different sections; of which, in this document, the following are contemplated:

  • Identification and authentication
  • Permissions and roles of actors
  • Traceability of actions.
  • Information integrity, availability, and confidentiality
  • Risk Management
  • Standards and regulatory monitoring

Refer to the attached document for a detailed explanation of this module.

[1] Components defined in the document issued in Phase III of this same project, Maturity Model Reference Framework.

[2] https://www.iso.org/standard/54533.html


Click here to learn more about the safety requirements.