Role Based Access Control

Protecting privacy is foundational to electronic health records and healthcare information exchange. In 2007, the Healthcare Information Technology Standards Panel specified the technical standards needed to ensure the security of patient records and these will be incorporated into vendor products over the next 2-3 years.

At BIDMC, our privacy controls are based on the concept of “minimum need to know” and are implemented via single sign-on authentication, auditing, role-based access control and a “lock box” for mental health notes.

Leave a Reply

Your email address will not be published. Required fields are marked *