This table provides key considerations for  various concepts for Data Protection, Privacy and Security for the Patient Summary-CA specifications. Additional details can be found in the Patient Summary – Companion Guide to Use Cases and Definitions. 

*Note: The list presented is not exhaustive.  These are important considerations for vendors and jurisdictions. 

Key Considerations 

PrivacySecurity
  • Compliance to Canadian Data Privacy Laws & Regulations (e.g. PIPEDA, PHIPA, Provincial Privacy Laws)
  • Patient Identity
  • Provider Identity
  • Patient Consent
  • Data Confidentiality
  • Accountability
  • Portability
  • Attestation
  • Limiting Sharing
  • Limiting Access
  • Accurate Information 
  • Data Retention
  • Data Authorization & Authentication
  • Data Encryption
  • Segregate Duties
  • Role-Based Access Control
  • Secure Audit Logs
  • Anonymization



  • No labels