Informējam, ka Sistēma pielāgota darbam ar interneta pārlūkprogrammu Internet Explorer (8. un jaunākām versijām) un Mozilla Firefox (3.6 un jaunākām versijām).
Izmantojot citu interneta pārlūkprogrammu, brīdinām, ka Sistēmas funkcionalitāte var tikt traucēta.
This New Work Item Proposal addresses security and privacy protection in those point-of-care electronic patient record that are inter-operable with EHR systems. It does so by providing:
- a set of core security and privacy requirements, along with the guidelines and best practices necessary for implementing compliance and testing programs to assure compliance with those requirements;
- a profile of these core requirements, including examples of proven testing procedures that have been developed to evaluate compliance for electronic patient record systems in community-based physician offices.
This will be a multi-part technical specification, as new profiles may be developed for other targets of evaluation.
PART 1: Foundation is described in a separate Form 4. PART 2 will contain an ISO/IEC 15408-conformant ("Common Criteria") Protection Profile for small scale patient health record systems. This protection profile will include a description of the target of evaluation, security environment, security objectives, functional securiyt requirements, assurance requirements, application notes, and rationale. A general discussion in the techncial specification will also discuss target description, assumptions, and the security requirements (including version control, user identification and authentication, user session control, availability, remote communication, data security, auditing logging capabilities, documentation, and time control); with jurisdictional examples provided where relevant. An informative annex will contain examples of scripts for testing.
A summary outline is attached to the proposal.
Scope Exclusions: Policies and procedural or administrative aspects of security management are out of scope, as these were included in the scope of ISO 27799.
Reģistrācijas numurs (WIID)
36795
Darbības sfēra
This New Work Item Proposal addresses security and privacy protection in those point-of-care electronic patient record that are inter-operable with EHR systems. It does so by providing:
- a set of core security and privacy requirements, along with the guidelines and best practices necessary for implementing compliance and testing programs to assure compliance with those requirements;
- a profile of these core requirements, including examples of proven testing procedures that have been developed to evaluate compliance for electronic patient record systems in community-based physician offices.
This will be a multi-part technical specification, as new profiles may be developed for other targets of evaluation.
PART 1: Foundation is described in a separate Form 4. PART 2 will contain an ISO/IEC 15408-conformant ("Common Criteria") Protection Profile for small scale patient health record systems. This protection profile will include a description of the target of evaluation, security environment, security objectives, functional securiyt requirements, assurance requirements, application notes, and rationale. A general discussion in the techncial specification will also discuss target description, assumptions, and the security requirements (including version control, user identification and authentication, user session control, availability, remote communication, data security, auditing logging capabilities, documentation, and time control); with jurisdictional examples provided where relevant. An informative annex will contain examples of scripts for testing.
A summary outline is attached to the proposal.
Scope Exclusions: Policies and procedural or administrative aspects of security management are out of scope, as these were included in the scope of ISO 27799.
