The following appeared in Computerworld a day or so ago.
Tail of e-health must not wag the dog of personal health care: report
Protection of the individual is the primary function of personal health care data, says APF
02 September, 2009 15:25
The protection of the individual is the primary function of personal health care data and the tail of health administration and research must not be permitted to wag the dog of personal health care, according to an Australian Privacy Foundation (APF) policy position document.
The document, sets out the APF principles for assessing eHealth initiatives and eHealth regulatory measures.
“Calls for a general-purpose national health record are for the benefit of tertiary users (administration, insurance, accounting, research, etc), not for the benefit of personal health care,” the document reads.
"The tail of health and public health administration and research must not be permitted to wag the dog of personal health care."
Much More here:
The release that prompted this article is found here:
http://www.privacy.org.au/Papers/eHealth-Policy-090828.pdf
Australian Privacy Foundation
Policy Position
eHealth Data and Health Identifiers
28 August 2009
http://www.privacy.org.au/Papers/eHealth-Policy-090828.pdf
This document builds on the APF's submissions over the last two decades, and particularly during the last three years, in order to consolidate APF's policy position. It presents a concise statement of general Principles and specific Criteria to support the assessment of proposals for eHealth initiatives and eHealth regulatory measures.
The first page contains headlines only, and the subsequent pages provide further explanation.
General Principles
1 Health Care Must Be Universally Accessible
2 The Health Care Sector is by its Nature Dispersed
3 Personal Health Care Data is Inherently Sensitive
4 The Primary Purpose of Personal Health Care Data is Personal Health Care
5 Other Purposes of Personal Health Care Data are Secondary, or Tertiary
6 Patients Must Be Recognised as the Key Stakeholder
7 Health Information Systems are Vital to Personal Health Care
8 Health Carers Make Limited and Focussed Use of Patient Data
9 Data Consolidation is Inherently Risky
10 Privacy Impact Assessment is Essential
Specific Criteria
1 The Health Care Sector Must Remain a Federation of Islands
2 Consolidated Health Records Must Be the Exception not the Norm
3 Identifiers Must Be at the Level of Individual Applications
4 Pseudo-Identifiers Must Be Widely-Used
5 Anonymity and Persistent Pseudonyms Must Be Actively Supported
6 All Accesses Must Be Subject to Controls
7 All Accesses of a Sensitive Nature Must Be Monitored
8 Personal Data Access Must Be Based Primarily on Personal Consent
9 Additional Authorised Accesses Must Be Subject to Pre- and Post-Controls
10 Emergency Access Must Be Subject to Post-Controls
11 Personal Data Quality and Security Must Be Assured
12 Personal Access and Correction Rights Must Be Clear, and Facilitated
See the release for the extra details and explanation.
Then the following article appeared in the Australian on the weekend.
Fears over sharing of medical data: electronic records
Karen Dearne, IT writer | September 05, 2009
Article from: The Australian
A CONSUMER backlash over slow progress on electronic health record adoption has begun, with patient and privacy groups launching a new forum to force a wider public debate on key confidentiality and security issues.
Consumer-Centred eHealth Coalition convener Juanita Fernando says founding members are angry over ``secrecy and Clayton's consultations'' as the federal and state governments plan the nationwide sharing of patients' medical records.
``We absolutely recognise the importance of e-health records for consumers, doctors and other healthcare providers, plus the potential benefits for patient safety and quality care,'' Fernando says.
``But there are strong, valid, arguments that, unless concerns are addressed, patient safety will be threatened.
``If consumers are not confident in the privacy and security aspects, they won't participate or, worse, they will fail to disclose vital information to protect their privacy.''
The coalition is setting up a website with the aim of giving ``people a voice'' in the debate, and hopes other organisations will share their views and resources as well.
Fernando, chairwoman of the Australian Privacy Foundation's health committee, says privacy lobbyists ``are tired of being portrayed as blocking e-health projects'', when governments ``are failing to do the real work'' and their bureaucrats ``are failing to deliver'' workable systems.
The flashpoint was the Healthcare Identifiers and Privacy paper, issued by the Australian Health Ministers' Advisory Council, which proposes a ``legal quick-fix'' so ministers don't have to miss a self-imposed deadline to begin issuing patient identity numbers based on the existing Medicare number by the middle of next year.
Full long article here:
http://www.theaustralian.news.com.au/story/0,25197,26026392-23289,00.html
The Consumer-Centred eHealth Coalition can be found here:
All this activity is much more important than might seem at first glance.
First the Australian Privacy Foundation (APF) are both well informed (having been thinking about e-Health issues for many years) and capable lobbyists in terms of getting their message out.
Second, in this Policy Position I do not think they are being at all out there or extreme. If asked most people want to be pretty sure their health information is being well managed and not being disclosed except to those who have a genuine need to know – in their interests or, if properly and fully de-identified - for genuine and legitimate research and health sector management purposes. They certainly do not want to be unexpectedly confronted with someone knowing private things about their lives that they have not authorised and are comfortable with.
Third anxiety about such disclosure can substantially damage the prospects for successful adoption of e-Health and thus delay or prevent realisation of considerable benefit.
NEHTA should see this as a ‘straw in the wind’ and promptly open a genuine dialogue with the APF to make sure their reasonable concerns are fully addressed. Of course they also need to address the issues raised by the Privacy Commissioner! See here:
http://aushealthit.blogspot.com/2009/08/privacy-commissioner-administers.html
Not to do so courts disaster!
David.
No comments:
Post a Comment