From detailed guides to online courses – resources are available to provide you with the knowledge necessary to build and integrate EHR applications.
EHR transactions are traced to the individuals who performed them, and to the organization under whose authority they acted. Electronic credentials link users to their real world identity and to their regulatory college, if applicable. They also map to an organization that has authorized the user’s access to specific applications and health care client records. By contrast, system-generated tokens describe the authority for an electronic transaction which can be associated with agreements between contributing parties.
As a consequence of the broad use and need for EHR functionality, eHealth Ontario must support the activities of hundreds of thousands of health care providers and millions of health care clients at thousands of locations throughout the province, while keeping information available, accurate and secure. Providers wanting to access the EHR need to be assigned digital identities – i.e. they need to be securely identified, so that they can be authenticated when they make service requests. They also need to be assigned access privileges so that their requests can be properly authorized. Accurate identification of the requesting provider is also critical to allow consent features to work effectively.
The identify federation concept takes advantage of the fact that many providers have already fulfilled similar requirements in the organization where they work. For example, clinicians in a hospital must satisfy internal criteria in order to access its systems. This provides an opportunity to partner with such organizations, by trusting and sharing their digital user identities. Organizations that are trusted in this way are ‘federated’ with respect to identity.
Federation partners sign agreements to follow relevant federation policies and standards. The agency will ensure that these policies and standards are followed.
Federation can be considered a network of organizations providing access to services based on user identity assertions made by trusted identity providers. For example a clinician’s hospital credentials, (asserted by an identity provider), are used to authenticate to provincial applications presented by eHealth Ontario.
Benefits of federation include:
Figure 25: Access through Identity Federation using Trust Relationship
The eHealth Ontario federation model defines 4 roles for federation members. A federation member may play one or more of these roles:
An organization wanting to be an identity provider, (i.e. issue health care providers with electronic credentials to access EHR applications), or a delivery channel, (i.e. provide an entry point such as a portal, for EHR applications), must sign an agreement with eHealth Ontario to abide by the policy and standards applicable to their role in the federation.
To support providers not affiliated with a hospital that can issue them a user ID and password, such as pharmacists, dentists, dieticians, midwives, occupational therapists, psychologists, administrative staff, and sole practitioners, eHealth Ontario’s ONE ID service acts as a province-wide identity provider, issuing electronic credentials for access to EHR applications. These applications may be hosted by eHealth Ontario or by other organizations. ONE ID is a member of the identity federation and also plays the federation operator role.
The service uses a network of Local Registration Authorities (LRAs) employed by their own organization and acting on behalf of eHealth Ontario to simplify the registration process.
A number of organizations also use ONE ID as their identity provider for access to their applications. Note that they may not necessarily consume any other eHealth Ontario services. By partnering with these organizations, the ONE ID service will reach a critical mass of users so that future applications or systems adopting ONE ID will be accessible to more users who are already registered.Back to Top
Multiple views describe the many ways the blueprint supports EHR delivery.
From advisory consultations on blueprint alignment to standard selection, we can help you align, adopt and implement solutions.Contact Us