ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
0.14.0 - CI Build
ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1 - Local Development build (v0.14.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
Active as of 2024-06-01 |
Manage access to EHR-S resources.
To ensure access is controlled, an EHR-S must authenticate and check authorization of entities for appropriate operations.
TI.1.3#01 | SHALL |
The system SHALL conform to function [[TI.1.1]] (Entity Authentication). |
TI.1.3#02 | SHALL |
The system SHALL conform to function [[TI.1.2]] (Entity Authorization). |
TI.1.3#03 | dependent SHALL |
The system SHALL provide the ability to manage system and data access rules for all EHR-S resources according to scope of practice, organizational policy, and/or jurisdictional law. |
TI.1.3#04 | SHALL |
The system SHALL manage the enforcement of authorizations to access EHR-S resources. |
TI.1.3#05 | dependent SHALL |
The system SHALL control access to EHR-S resources after a configurable period of inactivity by terminating the session, or by initiating a session lock that remains in effect until the entity re-establishes access using appropriate identification and authentication procedures, according to organizational policy, and/or jurisdictional law. |
TI.1.3#06 | dependent SHOULD |
The system SHOULD provide the ability to control-access to data, and/or functionality according to scope of practice, organizational policy, and/or jurisdictional law. |
TI.1.3#07 | SHALL |
The system SHALL control-access to data, and/or functionality by using authentication mechanisms that comply with regulatory and policy guidelines (e.g.,by using a combination of Username and Password, Digital Certificates, Secure Tokens, and/or Biometrics). |
TI.1.3#08 | MAY |
The system MAY provide the ability to determine the identity of public health agencies for healthcare purposes through the use of internal, and/or external registry services or directories. |
TI.1.3#09 | MAY |
The system MAY provide the ability to determine the identity of healthcare resources (e.g., Meal Delivery services for home-based patients) and devices (e.g., wheelchairs) for resource management purposes through the use of internal, and/or external registry services or directories. |