ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
2.1.0 - local International flag

Publish Box goes here

: TI.8 Database Backup and Recovery (Function) - XML Representation

Active as of 2024-11-26

Raw xml | Download


<Requirements xmlns="http://hl7.org/fhir">
  <id value="EHRSFMR2.1-TI.8"/>
  <meta>
    <profile value="http://hl7.org/ehrs/StructureDefinition/FMFunction"/>
  </meta>
  <text>
    <status value="extensions"/>
    <div xmlns="http://www.w3.org/1999/xhtml">
    <span id="description"><b>Statement <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b> <div><p>Provide for the ability to backup and recover the EHR system.</p>
</div></span>

    
    <span id="purpose"><b>Description <a href="https://hl7.org/fhir/versions.html#std-process" title="Informative Content" class="informative-flag">I</a>:</b> <div><p>To enable the preservation of the EHR database and its data, functionality needs to be present to record a copy of the database and its contents to offline media as well as the recovery of the system from a backup copy and resumption of normal system operation. The backup must preserve both data as well as database structure and definition information sufficient to recover a complete functional EHR system. Database components may include, but not be limited to application data, security credentials, log/audit files, and programs; ultimately all EHR components necessary to provide a full and complete operating environment. Finally, the backup must be capable of being used during recovery processing to restore an exact copy of the EHR system as of a particular instant in time. This is a requirement to be able to preserve logical consistency of information within the recovered EHR system.</p>
<p>In providing for this capability the system may include multiple backup, and/or redundancy solutions such as fail-over architecture, database journaling, transaction processing, etc.</p>
<p>The backup and recovery function must address both physical system failure (i.e., failure of EHR system hardware) as well as logical system failure (e.g., database corruption). To support the requirement that the EHR system be available whenever it is needed within the design parameters of the system and provide reliability and redundancy of the EHR database and its data, the backup function shall not impact user functionality or appreciably impact user performance.</p>
<p>The backup function may include features which permit multiple processes and technologies to perform its task. This may include multiple backup technologies such as tape, disk, cloud, etc. Also, multiple architectures such as redundancy, online, near-line and off-line media.</p>
</div></span>
    

    

    
    <span id="requirements"><b>Criteria <a href="https://hl7.org/fhir/versions.html#std-process" title="Normative Content" class="normative-flag">N</a>:</b></span>
    
    <table id="statements" class="grid dict">
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#01</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                <i>dependent</i>
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL provide the ability to backup and recover EHR information according to scope of practice, organizational policy, and/or jurisdictional law.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#02</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHALL provide the ability to backup and recover all database contents including programs and all software components necessary to permit a complete EHR to be recovered. (i.e., 'full' backup and recovery)</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#03</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>MAY</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system MAY provide the ability to backup and recover EHR information using alternative backup methods in addition to a full backup/recovery (e.g., incremental, differential, reverse delta, or continuous).</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#04</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>MAY</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system MAY provide the ability to backup EHR information according to a defined schedule of storage media rotation.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#05</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                <i>conditional</i>
                
                
                <span>SHALL</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>IF the EHR user requirements specify that the EHR system be available continuously, THEN the system SHALL provide the ability to backup EHR information concurrently with the normal operation of the EHR application.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#06</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>SHOULD</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system SHOULD provide the ability to backup EHR information to a remote location.</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#07</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>MAY</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system MAY provide the ability to backup EHR information to more than one storage media (e.g., disk, tape, or cloud).</p>
</div></span>
                
                
            </td>
        </tr>
        
        <tr>
            <td style="padding-left: 4px;">
                
                <span>TI.8#08</span>
                
            </td>
            <td style="padding-left: 4px;">
                
                
                
                <span>MAY</span>
                
            </td>
            <td style="padding-left: 4px;" class="requirement">
                
                <span><div><p>The system MAY provide the ability to encrypt backup data.</p>
</div></span>
                
                
            </td>
        </tr>
        
    </table>
</div>
  </text>
  <url value="http://hl7.org/ehrs/Requirements/EHRSFMR2.1-TI.8"/>
  <version value="2.1.0"/>
  <name value="TI_8_Database_Backup_and_Recovery"/>
  <title value="TI.8 Database Backup and Recovery (Function)"/>
  <status value="active"/>
  <date value="2024-11-26T16:30:50+00:00"/>
  <publisher value="EHR WG"/>
  <contact>
    <telecom>
      <system value="url"/>
      <value value="http://www.hl7.org/Special/committees/ehr"/>
    </telecom>
  </contact>
  <description
               value="Provide for the ability to backup and recover the EHR system."/>
  <jurisdiction>
    <coding>
      <system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
      <code value="001"/>
      <display value="World"/>
    </coding>
  </jurisdiction>
  <purpose
           value="To enable the preservation of the EHR database and its data, functionality needs to be present to record a copy of the database and its contents to offline media as well as the recovery of the system from a backup copy and resumption of normal system operation. The backup must preserve both data as well as database structure and definition information sufficient to recover a complete functional EHR system. Database components may include, but not be limited to application data, security credentials, log/audit files, and programs; ultimately all EHR components necessary to provide a full and complete operating environment. Finally, the backup must be capable of being used during recovery processing to restore an exact copy of the EHR system as of a particular instant in time. This is a requirement to be able to preserve logical consistency of information within the recovered EHR system.

In providing for this capability the system may include multiple backup, and/or redundancy solutions such as fail-over architecture, database journaling, transaction processing, etc.

The backup and recovery function must address both physical system failure (i.e., failure of EHR system hardware) as well as logical system failure (e.g., database corruption). To support the requirement that the EHR system be available whenever it is needed within the design parameters of the system and provide reliability and redundancy of the EHR database and its data, the backup function shall not impact user functionality or appreciably impact user performance.

The backup function may include features which permit multiple processes and technologies to perform its task. This may include multiple backup technologies such as tape, disk, cloud, etc. Also, multiple architectures such as redundancy, online, near-line and off-line media."/>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="true"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-01"/>
    <label value="TI.8#01"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL provide the ability to backup and recover EHR information according to scope of practice, organizational policy, and/or jurisdictional law."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-02"/>
    <label value="TI.8#02"/>
    <conformance value="SHALL"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHALL provide the ability to backup and recover all database contents including programs and all software components necessary to permit a complete EHR to be recovered. (i.e., 'full' backup and recovery)"/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-03"/>
    <label value="TI.8#03"/>
    <conformance value="MAY"/>
    <conditionality value="false"/>
    <requirement
                 value="The system MAY provide the ability to backup and recover EHR information using alternative backup methods in addition to a full backup/recovery (e.g., incremental, differential, reverse delta, or continuous)."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-04"/>
    <label value="TI.8#04"/>
    <conformance value="MAY"/>
    <conditionality value="false"/>
    <requirement
                 value="The system MAY provide the ability to backup EHR information according to a defined schedule of storage media rotation."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-05"/>
    <label value="TI.8#05"/>
    <conformance value="SHALL"/>
    <conditionality value="true"/>
    <requirement
                 value="IF the EHR user requirements specify that the EHR system be available continuously, THEN the system SHALL provide the ability to backup EHR information concurrently with the normal operation of the EHR application."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-06"/>
    <label value="TI.8#06"/>
    <conformance value="SHOULD"/>
    <conditionality value="false"/>
    <requirement
                 value="The system SHOULD provide the ability to backup EHR information to a remote location."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-07"/>
    <label value="TI.8#07"/>
    <conformance value="MAY"/>
    <conditionality value="false"/>
    <requirement
                 value="The system MAY provide the ability to backup EHR information to more than one storage media (e.g., disk, tape, or cloud)."/>
  </statement>
  <statement>
    <extension
               url="http://hl7.org/ehrs/StructureDefinition/requirements-dependent">
      <valueBoolean value="false"/>
    </extension>
    <key value="EHRSFMR2.1-TI.8-08"/>
    <label value="TI.8#08"/>
    <conformance value="MAY"/>
    <conditionality value="false"/>
    <requirement
                 value="The system MAY provide the ability to encrypt backup data."/>
  </statement>
</Requirements>