Chapter Review

This chapter introduced the basics of access control and showed how to apply the controls to an EHR and a healthcare information exchange. The basics of access control rely on user identity provisioning and deprovisioning providing a specified level of assurance to each user identity. Human users will authenticate to computer systems using various types of authentication technology: combinations of something they have, something they know, and something they are. The access control decisions are based on the user identity but also information about the patient, the resources, and the context of the access to healthcare information. Policies are the rules that define what can and cannot be done and call upon the access control information ...

Get Healthcare Information Technology Exam Guide for CompTIA Healthcare IT Technician and HIT Pro Certifications now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.