Society explicitly demands adequate security of medical information from unauthorised access and unauthorised use. From this societal development, the first line umbrella organisations NHG, LHV, KNMP and InEen, together with Nictiz, have developed a helping hand in the form of a package of requirements, 'BEIS', for secure and controllable use of these systems and the medical information contained therein.
BEIS has a dual objective:
1. Promoting/ensuring that first line information systems (will) meet the legislative requirements and NEN standards, and ensure that users can keep control of their security. The requirements are based on ISO 27002, NEN 7510:2011, NEN 7512:2015, PVE organisation well managed system (GBx), the code of conduct for electronic data exchange in care organisations (EGiZ), etc.
2. Members of these umbrella organisations and user associations and platforms from XISSEN facilitate the translation of legislation, requirements and NEN standards to implementable requirements tailored for health care for first line systems.
Data protection has been an important starting point in the development of HiX. ChipSoft provides the most innovative health care ICT to optimally support health care professionals, managers and support staff in providing care of the highest quality, in which patient safety is in the forefront. On the one hand, medical files must be accessible to health care providers and employees that perform health care tasks, or for administrative preparation or settlement. On the other hand, medical files must be as secure as possible so that a health care provider or employee cannot "view and change" a file unseen.
We have studied the requirements of BEIS 1 (authentication and authorisation) and BEIS 2 (access log) and have come to the conclusion that HiX has covered all requirements that are imposed today on an information system in the Dutch health care system. Health care facilities that choose HiX can be certain that their information is secured at the very highest level.