109 - Information technology in prevention and safety of laboratory data
Autor(s): M. Pradella, A. Pastorino
Issue: RIMeL - IJLaM, Vol. 2, N. 3-S1, 2006 (MAF Servizi srl ed.)
Page(s): 109-115
The product of the medical laboratories as health care activity is information. Therefore, most of safety assurance of laboratory medicine passes through the computer science technologies. The informatic system first of all must guarantee the minimal measures established by art. 169 of the Code of the Privacy (D.Lvo 196/03), for which penal endorsements are previewed. Requirement of confidentiality, integrity and availability of the digital information are object of various technical norms. ISO/IEC 17799 describes how to realize the risk analysis for the emergency and supplies a list of targets of control in 11 areas, for a total of 39 categories. ISO/DIS 27799 defines the guidelines for the interpretation and the realization of 17799 procedures in health care informatics. ISO/IEC 27001 introduces the concept of “Information Security Management Systems” and describes the framework of the controls to realize. ISO/TR 16142 guides to the selection of the standard documents for safety. CEN/TS 15260 introduces the techniques of “risk management” in the context of health care informatics, in analogy to what happens for the medical devices. EN 14484 regards the international transfer of personal data. The system of standard ISO 17090 codifies the nature and the use of the public key infrastructure, that is digital signature. ENV 12924 supplies the instruments to build the profile of risk and to choose the level of the opportune measures of safety. On the other hand, the management of verifications, errors and corrections of the laboratory data must be searched in the standards of good professional practice, like the checklists of the College of American Pathologists, and in the guidelines for using the protocols of messages HL7.