Secure and robust

Explanation

Citizens, professionals, and others must be able to trust that safety is central and privacy is safeguarded.

Rationale

In healthcare, citizens must be able to trust that their data is secure. Safe care requires both data security and a sense of safety for staff.

Implications

• Authentication (Who are you?) and authorization (What can you see?) must be completed before any data retrieval request is processed.
• Access/autorisation decisions consider the context of the patient, taking into account purpose of use (e.g., emergency vs. routine), the healthcare provider, the facility, and the patient's consent status.
• Authentication and authorization is logged for audit tracebility.

Source: Based on ZiRA/Sigra, translated for the caribbean cross-border context.