Inventory of Health Care Information Standards. Computer-based Patient Record Institute (CPRI)

01/01/1997

The Computer-based patient Record Institute (CPRI) through its Work Group on Confidentiality, Privacy and Security, under co-chairs Kathleen Frawley, JD and Dale Miller, has, under ongoing development, a set of security-related efforts oriented towards the establishment of guidelines, confidentiality agreements, security requirements, and frameworks. The CPRI, while not currently an ANSI accredited SDO, works very closely with accredited SDOs in the establishment of security and medical record standards, and enjoys significant cross-representation on SDO security committees.

CPRI security and framework development is completed, or underway, in the following areas:

Published

· Guidelines for Establishing Information Security Policies at Organizations Using Computer-based Patient Record Systems

· Guidelines for Information Security Education Programs at Organizations Using Computer-based Patient Record Systems

· Guidelines for Managing Information Security Programs at Organizations Using Computer-based Patient Record Systems

· Glossary of Terms Related to Information Security for Computer-based Patient Record Systems

· Security Features for Computer-based Patient Record Systems

· Sample Confidentiality Statements and Agreements for Organizations Using Computer-based Patient Record Systems

· Computer-based Patient Record Description of Content

· Computer-based Patient Record System Description of Functionality

· Computer-based Patient Record Project Evaluation Criteria
· Computer-based Patient Record Project Scenarios

Under Development

· Guidelines for Access Control in Computer-based Patient Record Systems

· Guidelines for Implementation of Electronic Authentication in Computer-based Patient Record Systems

Under Consideration (tentatively targeted for development in the second half of 1997)

· Guidelines for the use of the Internet for Computer-based Patient Record Systems

· Ethics Related to Health Information Security and Confidentiality in Computer-based Patient Record Systems

· Guidelines for Conducting Audit Control in Computer-based Patient Record System Security

· Guidelines for Business Resumption Planning in Computer-based Patient Record Systems

Computer-based Patient Record Institute (CPRI) contact:

Margret Amatayakul

Executive Director

Computer-based Patient Record Institute

1000 E. Woodfield Rd., Suite 102

Schaumburg, IL 60173

cprinet@aol.com

847-706-6746 [voice]

847-706-6747 [fax]