Resources

From detailed guides to online courses – resources are available to provide you with the knowledge necessary to build and integrate EHR applications.

Security Principles

eHealth Ontario uses the following principles to secure EHR assets:

  • Leadership: Top management shall demonstrate leadership and commitment with respect to the information security management system by:
    • Ensuring the information security policy and the information security objectives are established and are compatible with the strategic direction of the organization
    • Ensuring the integration of the information security management system requirements into the organization’s processes
    • Ensuring that the resources needed for the information security management system are available
  • Planning: eHealth Ontario shall plan the information security management system by considering the issues and the requirements to determine the risks and opportunities that need to be addressed, by:
    • Defining and applying an information security risk assessment process
    • Establishing information security objectives at relevant functions and levels
  • Supporting: eHealth Ontario shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the information security management system by:
    • Maintaining a competent staff
    • Ensuring staff are aware of security policies and need to comply with them
    • Documenting information necessary for the functioning of the organisation
  • Operating: eHealth Ontario shall plan, implement and control the processes needed to meet information security requirements by:
    • Performing information security risk assessments at planned intervals or when significant changes are proposed or occur 
    • Implementing an information security risk treatment plan
  • Evaluating performance: eHealth Ontario shall evaluate the information security performance and the effectiveness of the information security management system through:
    • Audits and compliance checks
    • Management review of the information security management system
  • Improving: eHealth Ontario shall improve the implementation of the information security management system by:
    • Taking corrective action of non-conformities
    • Continually improving the suitability, adequacy and effectiveness of the information security management system
Back to Top

Explore the Blueprint

Multiple views describe the many ways the blueprint supports EHR delivery.

Get Us Involved

From advisory consultations on blueprint alignment to standard selection, we can help you align, adopt and implement solutions.

Contact Us

Stay Up To Date

Published four times a year, the Blueprint Bulletin provides readers with regular insight into the elements, services and new developments associated with the Ontario eHealth blueprint.

Looks like you’re using an old browser.

To view this site, you’ll need to upgrade your browser.

Upgrade Now

×