Personal Health Record System Functional Model, Release 2
0.1.0 - CI Build
Personal Health Record System Functional Model, Release 2 - Local Development build (v0.1.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
| Active as of 2024-01-31 |
{
"resourceType" : "Requirements",
"id" : "PHRSFMR2-TI.1.6",
"meta" : {
"profile" : [
🔗 "http://hl7.org/ehrs/StructureDefinition/FMFunction"
]
},
"text" : {
"status" : "extensions",
"div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <table id=\"statements\" class=\"grid dict\">\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.6#01</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL secure all modes of PHR data exchange.</p>\n</div></span>\n \n\n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.6#02</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL conform to function [[TI.1.7]] (Secure Data Routing).</p>\n</div></span>\n \n\n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.6#03</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHOULD provide the ability to de-identify data.</p>\n</div></span>\n \n\n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.6#04</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL encrypt and decrypt PHR data that is exchanged over a non-secure link.</p>\n</div></span>\n \n\n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.6#05</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>IF encryption is used, THEN the system SHALL exchange data using recognized standards-based encryption mechanisms according to organizational policy, and/or jurisdictional law.</p>\n</div></span>\n \n\n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.6#06</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <span>SHOULD</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>IF the PHR-S is the recipient of a secure data exchange, THEN the system SHOULD provide the ability to transmit an acknowledgment of the receipt of the data.</p>\n</div></span>\n \n\n \n </td>\n </tr>\n \n <tr>\n <td style=\"padding-left: 4px;\">\n \n <span>TI.1.6#07</span>\n \n </td>\n <td style=\"padding-left: 4px;\">\n \n <span>SHALL</span>\n \n </td>\n <td style=\"padding-left: 4px;\" class=\"requirement\">\n \n <span><div><p>The system SHALL provide the ability to determine static or dynamic addresses for known and authorized sources and destinations.</p>\n</div></span>\n \n\n \n </td>\n </tr>\n \n </table>\n</div>"
},
"url" : "http://hl7.org/ehrs/Requirements/PHRSFMR2-TI.1.6",
"version" : "0.1.0",
"name" : "TI_1_6_Secure_Data_Exchange",
"title" : "TI.1.6 Secure Data Exchange (Function)",
"status" : "active",
"date" : "2024-01-31T14:45:34+00:00",
"publisher" : "EHR WG",
"contact" : [
{
"telecom" : [
{
"system" : "url",
"value" : "http://www.hl7.org/Special/committees/ehr"
}
]
}
],
"description" : "Whenever an exchange of PHR information occurs, it requires appropriate security and privacy considerations, including data obfuscation as well as both destination and source authentication when necessary. For example, it may be necessary to encrypt data sent to remote or external destinations.",
"statement" : [
{
"key" : "PHRSFMR2-TI.1.6-01",
"label" : "TI.1.6#01",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL secure all modes of PHR data exchange."
},
{
"key" : "PHRSFMR2-TI.1.6-02",
"label" : "TI.1.6#02",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL conform to function [[TI.1.7]] (Secure Data Routing)."
},
{
"key" : "PHRSFMR2-TI.1.6-03",
"label" : "TI.1.6#03",
"conformance" : [
"SHOULD"
],
"conditionality" : false,
"requirement" : "The system SHOULD provide the ability to de-identify data."
},
{
"key" : "PHRSFMR2-TI.1.6-04",
"label" : "TI.1.6#04",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL encrypt and decrypt PHR data that is exchanged over a non-secure link."
},
{
"key" : "PHRSFMR2-TI.1.6-05",
"label" : "TI.1.6#05",
"conformance" : [
"SHALL"
],
"conditionality" : true,
"requirement" : "IF encryption is used, THEN the system SHALL exchange data using recognized standards-based encryption mechanisms according to organizational policy, and/or jurisdictional law."
},
{
"key" : "PHRSFMR2-TI.1.6-06",
"label" : "TI.1.6#06",
"conformance" : [
"SHOULD"
],
"conditionality" : true,
"requirement" : "IF the PHR-S is the recipient of a secure data exchange, THEN the system SHOULD provide the ability to transmit an acknowledgment of the receipt of the data."
},
{
"key" : "PHRSFMR2-TI.1.6-07",
"label" : "TI.1.6#07",
"conformance" : [
"SHALL"
],
"conditionality" : false,
"requirement" : "The system SHALL provide the ability to determine static or dynamic addresses for known and authorized sources and destinations."
}
]
}