Share this page:

Client Registry

A Client registry is a directory that lists all patients and their relevant personal information (names, addresses, etc.)

A component of an electronic health record (EHR) system, a client registry supports the centralized storage and retrieval of client (i.e. patient) identification data and enterprise client identifiers (ECIDs).


The Infoway pre-implementation client registry certification is relevant to those health information technology solutions involved in client registries at the national, jurisdictional, regional or local level providing a comprehensive and unambiguous identification of clients. The client registry pre-implementation certification allows for assessment of a client registry application alone, or as an application-based service provider offering.

Certification criteria

The pre-implementation assessment criteria include:

  • Generic Criteria, applying to all classes of health information technology application or service (for example, requirements having to do with privacy and security)
  • Interoperability Criteria, which specifically apply to a client registry.

The criteria have been developed in consideration of a client registry being available in one of two ways:

  • As an application component to be integrated into an EHR system, and operated by the implementing jurisdiction; or
  • As an application-based service hosted by a vendor, integrated with a jurisdiction’s EHR systems.

When the criterion states: "Organizations providing services must..." then the criterion only applies when the organization is providing an ASP model service, and the criterion applies to the organization itself, rather than the application.

The key factor, which in most cases determines the applicability of a criterion, is whether or not the organization seeking certification will become a custodian of personal information. If not, then many of the organization-related generic criteria are not applicable.

These criteria use the phrase “personal information” to mean any personal information maintained by the application or service about the subjects of health care. Therefore even basic demographic information falls into the category of “personal information” and is therefore subject to the requirements of these criteria.

The framework for the assessment criteria is shown in the table below. It consists of two classes of criteria:

Solution – Refers to the aspects of privacy, security and interoperability that need to be assessed.

Management – Refers to how the organization providing the product manages risk, data, system security, as well as third party solutions and services.

Client Registry Assessment Criteria
Solution Management




Data safeguards

Identifying purposes & limiting collection

Limiting use, disclosure & retention




User identity management

Access control

Data integrity

Data availability



Data confidentiality





Risk management

Data management

System security

Solution accreditation

Third party services

Get answers to frequently asked questions

infoway logo

Digital Health Working for You.


Transforming health care in Canada through health information technology.

Contact Us

General Inquiries

T: (416) 979-4606
Toll Free: 1-888-733-6462

InfoCentral Inquiries

T: (416) 595-3417
Toll Free: 1-877-595-3417


T: (514) 868-0550

Media Inquiries

T: (416) 595-3424
Toll Free: 1-888-733-6462