I am doing research towards a part-time PhD at Nottingham Trent University, part
of which involves creating a fairly abstract formal model of primary healthcare
and secondary healthcare and composing them to assess the impact of interacting
access control security policies.
So that I base my abstract models on reality, I was wondering if anyone have a
detailed access based security policy which they use in their practice which I
could get hold of ? Alternatively, are there standard guidelines which are
available specifically for access control, privacy etc. ?
Finally, a few questions to help me to understand the current state of play :
If you have a security policy, does it work ? (Can you tell ?)
Do you let every staff member (medical and admin) of your practice have access
to all of your patient's records ?
Do you record such access ?
How are you preparing for the arrival of the NHS - Net ?
I already have the recent BMA report but any further help would be greatly
appreciated.
Thanks in advance,
Max Jones
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|