Concept of Operations: Relating to the introduction of a Personally Controlled Electronic Health Record System
5.6 Ensuring data provenanceIn order to ensure trust in the information available via PCEHR System, users will require information about the source of a clinical document.
As mentioned in Section 4.2, all clinical documents will be accompanied by document source information stating where the document was created, when it was created and who created it. The healthcare provider uploading the document will be required to have a HPI-I, and the healthcare organisation submitting the clinical document will be required to have a HPI-O.
Clinical documents will be digitally signed by the supplying healthcare organisation using the healthcare organisation’s NASH digital credential and will be used to ensure that the clinical document has not been modified since it was submitted to the PCEHR System.