Personal Health Record System Functional Model, Release 2
0.1.0 - CI Build
Personal Health Record System Functional Model, Release 2 - Local Development build (v0.1.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
| Active as of 2024-01-31 |
| TI.1.8#01 | SHALL |
The system SHALL provide the ability to maintain compliance with requirements for patient privacy and confidentiality according to scope of practice, organizational policy, and/or jurisdictional law (e.g., US HIPAA Privacy Rules, US Federal Conditions of Participation for Medicare/Medicaid Providers). |
| TI.1.8#02 | SHALL |
The system SHALL conform to function [[TI.1.1]] (Entity Authentication). |
| TI.1.8#03 | SHALL |
The system SHALL conform to function [[TI.1.2]] (Entity Authorization). |
| TI.1.8#04 | SHALL |
The system SHALL conform to function [[TI.1.3]] (Entity Access Control). |
| TI.1.8#05 | SHALL |
The system SHALL conform to function [[TI.1.5]] (Non-Repudiation). |
| TI.1.8#06 | SHALL |
The system SHALL conform to function [[TI.1.6]] (Secure Data Exchange). |
| TI.1.8#07 | SHALL |
The system SHALL conform to function [[TI.2]] (Audit). |
| TI.1.8#08 | SHALL |
The system SHALL provide the ability to maintain varying levels of confidentiality according to patient preferences, user role, scope of practice, organizational policy, and/or jurisdictional law. |
| TI.1.8#09 | SHALL |
The system SHALL provide the ability to mask parts of the electronic health record (e.g., medications, conditions, sensitive documents) from disclosure according to patient preferences, user role, scope of practice, organizational policy, and/or jurisdictional law. |
| TI.1.8#10 | SHALL |
The system SHALL provide the ability to unmask (override a mask) in emergency or other specific situations in accordance with users' role, and according to scope of practice, organizational policy, and/or jurisdictional law. |
| TI.1.8#11 | SHOULD |
The system SHOULD provide the ability to maintain indicators (flags) to health record users that content has been masked in accordance with users' role, and according to scope of practice, organizational policy, and/or jurisdictional law. |
| TI.1.8#12 | SHALL |
IF the system allows a user to unmask (override a mask) in an emergency or other specific situation, THEN the system SHALL provide the ability to capture the reason for unmasking or overriding the mask. |
| TI.1.8#13 | SHALL |
The system SHALL provide the ability to manage patient consents to, or restrictions against, any access to data. |
| TI.1.8#14 | SHALL |
The system SHALL provide the ability to manage a privacy policy according to patient preferences, user role, scope of practice, organizational policy, and/or jurisdictional law. |
| TI.1.8#15 | SHALL |
The system SHALL provide the ability to control access by specified user(s) to a particular patient health record either by inclusion or exclusion according to patient preferences, user role, scope of practice, organizational policy, and/or jurisdictional law. |