An immunization registry is a electronic system that supports the centralized storage and retrieval of immunization events and patient immunization profiles.
The Infoway pre-implementation immunization registry certification is relevant to health information technology solutions involved in immunization registries at the national, jurisdictional, regional or local level, providing comprehensive and unambiguous immunization information.
The immunization registry pre-implementation certification evaluates and assesses client registry applications offered as a hosted service and/or a product deployed at client sites.
The pre-implementation certification requirements are focused on four areas to evaluate immunization registries:
- Privacy requirements (mandatory) are based on Infoway's Privacy and Security Conceptual Architecture, Government of Canada’s Personal Information protection and Electronic Documents Act; the Canadian Standards Association model code for the protection of personal information (CAN-CSA-Q830-03) as well as ISO 29100:2011 – Information technology – Security techniques – Privacy Framework.
- Security requirements (mandatory) are based on Infoway's Privacy and Security Conceptual Architecture as well as the International Organization for Standardization's (ISO) codes of practice for health information system security management (ISO 27799, ISO 17799, ISO 27001, ISO 27002, ISO 27005, ISO 27018, ISO 27789).
- Management Control requirements (mandatory for hosted services) are based on the Canadian Standards Association’s Risk management: Guideline for Decision Makers – CAN-CSA-Q850-97, the Information Systems Audit and Control Association’s Control Objectives for Information and Related technology (COBIT) as well as the Information Technology Infrastructure Library (ITIL).
- Interoperability requirements (optional) specifically apply to a immunization registry.