Privacy Considerations
Infoway has developed a privacy primer, Privacy as an Enabler, that provides an introduction to interoperability, an overview of Canadian privacy laws and some practical approaches to privacy for interoperability. It delves into the role privacy plays in the creation of interoperable health systems. It addresses the myth that privacy laws mean patient data can’t be shared. The primer outlines how privacy laws enable the sharing of patient data by providing guidance on how to share health data safely, with a patient’s consent, and the responsibilities of both parties when patient information is shared.
Download the privacy primer here: Privacy as an Enabler: Sharing Personal Health Information for Interoperability Primer.
Security Considerations
It is recommended that vendors and jurisdictions ensure appropriate security services, mechanisms and functionality are in place for the PS-CA Specifications, depending on maturity levels of current capabilities. For example, security considerations include the following:
- Authorization
- Authentication
- Role-Based Access Control
- Data Encryption
- Segregate Duties
- Audit Logging
- Security Labels
- Digital Signatures
- Communication
- Narrative