Your SlideShare is downloading. ×
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy

751

Published on

Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy. Ruotsalainen P. eHealth week 2010 (Barcelona: CCIB Convention Centre; 2010)

Secondary Use of Electronic Health Information – the Way to Guard Patient Secrecy. Ruotsalainen P. eHealth week 2010 (Barcelona: CCIB Convention Centre; 2010)

Published in: Health & Medicine
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
751
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Secondary use of electronic health information – the way to guard patient secrecy Pekka Ruotsalainen, Research professor National Institute for Health and Welfare Helsinki, Finland
  • 2. General starting points People access health services to receive care and treatment – not to become objects of research (excluding clinical trials) Research using digitalised health information can lead to great improvements on care, prevention and medication. People have high willingness to disclose their health history for research purposes if the information secrecy is proven.
  • 3. Things making difficult to guarantee patient’s information secrecy • It is not self-evident when we are patients • Research takes many forms • Ongoing transition from EHR to the PHR • The ubiquitous computing environment • The information content of the EHR/PHR
  • 4. It is not self-evident are we patients or persons • Early warning health care systems • Continuously monitoring • The management of chronically diseases • Pro-active prevention • Patients using portable personal health devices • Connected personal health models
  • 5. Research has many faces and environments Different kind of applied research, settlements and analysis are called “research”. Researcher society has been expanded outside clinical settings. It is multi-organisational and cross-border. Researchers as a profession are not as tightly regulated as health care providers (i.e. researcher working for insurers and industry). Their ethics can remain unknown. The content of the legal EHR is not sufficient for modern health research.
  • 6. The transition from legal EHR to PHR and LPWR LPWR PHR Legal EHR Lifelong EHR Copy EHR of the LEHR EHR Present research target The Lifelong Personal Wellness Record (LPWR) includes the personal health record (PHR) and pervasive wellness information
  • 7. The information content of the PHR/LPWR From birth to grave all kind of information: • The content of legal EHR, • Data about personal health behaviours • Genealogical and genomic data • Social and psychological functionality • Lifestyle, smell, • Vital signs from BAN, sleeping data, • Communication data, • Context data, • Signals received by implanted nano-sensors, • Emotions etc.
  • 8. We are moving to the pervasive health - Health information is stored in PHRs or LPWRs - Enables pervasive access to PHRs and lifelong EHRs - Uses services of the ubiquitous computing Challenges of the ubiquitous computing - Context information is widely collected and used - Different data sources can easily be linked - Large number of heterogeneous users and purposes - Nearly impossible to guarantee privacy and security using present safeguards and services Data Primary and Secondary users banks Sensors
  • 9. Where we are now ? Present principles guaranteeing patient’s information secrecy are based on paternalistic tradition where public purposes override patients personal preferences and obligations. To day the patient has to blindly trust that: - Researchers are processing his/her data lawful and ethically - ICT-systems and databases are secure and privacy is protected In most of cases the patient even do not know that his/her EHR has been used for research purposes.
  • 10. Two roads to guarantee patient secrecy 1. No new principles and rules are used but the uptake of new security services will improve security and privacy. 2. A new model Personal Data Under Personal Control is accepted and implemented using opportunities of already existing context- and policy-aware IC-technology
  • 11. We are between Scylla and Charybdis Present paternalistic rules Present IC-technology Benefits for research Risks caused by insecure research environments, ubiquitous computing and Source: Google the rich data content of the PHR It is time to define new rules !
  • 12. Present paternalistic model can be improved using 1. Encryption together with the Trusted Third Partner architecture for encryption key management - It is costly, technically complicated and static solution 2. Anonymisation or de-identification - Some research requires correct identification of patients (i.e. cohort based research, risk prediction) and also knowledge of individual's normal functions. - Makes data linking complicated (a TTP is still needed) - Makes PHR sharing complicated - Difficult to manage in large scale
  • 13. Personal health data under personal control is the most sustainable and generic solution because we can use solutions developed for trusted ubiquitous Web. For it we have to accept New rights for the patient or data subject and to develop A new interoperable data model with rich meta-data for the PHR/LPWR A dynamic context-aware and policy enabled information infrastructure
  • 14. Personal Health Data Under Personal Control - new rules The data subject/patient should have the right to define dynamically personal policies (i.e. privileges and obligations) ruling who, where, in what context and for what purposes his/her health data can be used. The patient should be aware of the context and security policies of users and organisations using his/her data. The patient should have tools to trigger de-identification on-the-fly based on his/her preferences.
  • 15. How this can be done and by whom ? • Policy makers, research society and administrators should accept new principles and make them mandatory. • Standardisation organisations and the industry should implement necessary standards and interoperable data models. •Software vendors and network operators should implement the future proof, dynamic and policy enabled infrastructure.
  • 16. Thank you for listening ! Questions and comments are welcome. pekka.ruotsalainen@THL.fi

×