The primary care-based electronic health record (EHR) and the electronic patient record (EPR) are key features of the UK National Health Service (NHS) Information Strategy. We propose a model for EHR/EPR confidentiality - that is, for restricting access to their contents to authorized users, assuming secure transmission of data. We summarize a UML model for EHR/EPR confidentiality which is consistent with the NHS Healthcare Model. A prototype implementation of the model based on OODB and Internet techniques is described. The work is intended as a contribution to the development of confidentiality systems for the EHR and EPR, and also of computerized tools for Caldicott Guardians to specify and implement privacy policies and procedures.
References
1.
The common basic specification, 1992; NHS IMC, ref E5022.
2.
The clinical view of the common basic specification: the cosmos project clinical process model, 1992; NHS IMC, ref E5018.
Information for Health: an Information Strategy for the NHS, September 1998; NHS Executive, ref A1103.
6.
The NHS Information Authority EPR Website, www.epr.nhsweb.nhs.uk
7.
Longstaff J J, Thick Met al., Confidentiality for a Primary Care-based EPR. Proceedings of TEHRE 98 Conference, Centre for the Advancement of Electronic Health Records (CAEHR), ISBN 1-893378-00-4.
