Designing a model for security requirements of electronic health records in Iran

ABSTRACT

Flourishing capacity of information technologies for collecting, storage and transmission unheard of amount of information creates a great deal of concerns for patients. Patients are worried over the access of numerous people to their electronic health records. To determine the security requirements of electronic health records for Iran. This descriptive study was carried out in 2007. Security requirements of electronic health records gathered from comparative study performed in Australia, Canada and England countries followed by designing the initial model. The final model was prepared through gathering the information by questionnaire and the use of Delphi Technique. The values under 50 percent were eliminated from the model and those equal or higher than 75 percent added to the model. The proposed model for Iran includes the requirements for organizing information, information classification, human resources, communication and operation management, and access control security. A comprehensive model of electronic health records security requirements was designed for Iran. The approval of this model by authorities for protecting the electronic health information security is recommended