Duke University Health System (DUHS) utilizes various electronic records systems for treatment, payment and operations.  Based on analysis of these systems and an understanding of current regulations, DUHS believes these systems meet HIPAA Security Standards and CMS requirements.  These systems have not been 21 CFR Part 11 certified. DUHS continues to review regulatory requirements and best practices related to the use and security of electronic records systems.  Policies and procedures will be revised and developed as requirements dictate.

 

 

 

FDA Notice of Intent to Use Electronic Signatures [21 CFR 11.100(c)] 

 

Duke University IT Security Office – Access to Employee, Student, Patient, and Donor Information 

 

DUHS Confidentiality of Patient Information Policy 

 

Duke NetID