eLaws | eCases | Ohio Courts | Counties & Cities of Ohio | Code of Federal Regulations and Register |
Home » 2003 Issues » Weekly Report - 25/08/2003 to 29/08/2003 » 5122-27-09 Security of clinical records systems.

  5122-27-09 Security of clinical records systems.  

  • Text Box: ACTION: Final Text Box: DATE: 08/25/2003 8:10 AM

     

     

     

    5122-27-09                  Security of clinical records systems.

     

     

     

    (A)Each agency shall have policies and procedures addressing the security of its clinical records system.

     

    (B)Policies  and/or  procedures  for  agencies  maintaining  a  computer-based  clinical records system shall include consideration of the following components:

     

    (1)Authentication  -  providing  assurance  regarding  the  identity  of  a  user  and corroboration that the source of data is as claimed;

     

    (2)Authorization - the granting of rights to allow each user to access only the functions, information, and privileges required by his/her duties;

     

    (3)Integrity - ensuring that information is changed only in a specific and authorized manner. Data, program, system and network integrity are all relevant to consideration of computer and system security;

     

    (4)Audit  trails  -  creating  immediately  and  concurrently  with  user  actions  a chronological record of activities occurring in the system:

     

    (5)Disaster recovery - the process for restoring any loss of data in the event of fire, vandalism, disaster, or system failure;

     

    (6)Data   storage   and   transmission    physically   locating,   maintaining   and exchanging data; and

     

    (7)Electronic signatures - a code consisting of a combination of letters, numbers, characters, or symbols that is adopted or executed by an individual as that individual's electronic signature; a computer-generated signature code created for an individual; or an electronic image of an individual's handwritten signature created by using a pen computer. Client record systems utilizing electronic signatures shall comply with section 3701.75 of the Revised Code.

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    5122-27-09                                                                                                                            2

    Effective:                                09/04/2003

    R.C. 119.032 review dates:    03/12/2003 and 09/04/2008

    CERTIFIED ELECTRONICALLY

    Certification

    08/25/2003

    Date

    Promulgated Under:   119.03

    Statutory Authority:   5119.01(H), 5119.61(A),

    5119.611(C)

    Rule Amplifies:           5119.01(H), 5119.61(A),

    5119.611(C)

Visit the Official Version
Leave a Comment

Document Information

Effective Date:
9/4/2003
File Date:
2003-08-25
Last Day in Effect:
2003-09-04
Five Year Review:
Yes
Rule File:
5122-27-09_PH_FF_N_RU_20030825_0810.pdf
Related Chapter/Rule NO.: (1)
Ill. Adm. Code 5122-27-09. Security of clinical records systems