Panel C E-Health. Mr. Jesús Rubí Navarrete, Spain



Similar documents
Information for patients and the public and patient information about DNA / Biobanking across Europe

Medical College of Georgia Augusta, Georgia School of Medicine Competency based Objectives

Under European law teleradiology is both a health service and an information society service.

Keeps a physician up to date on all laws and regulations affecting medical practice.

I. INTRODUCTION DEFINITIONS AND GENERAL PRINCIPLE

GENERAL BIOETHICS COMMISSION

Following are detailed competencies which are addressed to various extents in coursework, field training and the integrative project.

Financial Services Guidance Note Outsourcing

CORE COMPETENCIES AND HEALTH MATTERS SCHOOL OF NURSING AND MIDWIFERY. UCC Fitness to Practise Policy

Code of Ethics for Pharmacists and Pharmacy Technicians

The post is based at Headquarters. Flexible working hours are required to meet the needs of the business.

Consent Form: Example 2 (DNA Sequencing)

JOB DESCRIPTION. JOB TITLE & BAND: Lead Pharmacy Technician, Education & Training -Band 5. Pharmacy Department, Altnagelvin Hospital

FARMAINDUSTRIA S STANDARD CODE ON PERSONAL DATA PROTECTION IN CLINICAL RESEARCH AND PHARMACOVIGILANCE

Framework Terms and Conditions

Universal Declaration on Bioethics and Human Rights

International Paralympic Committee Medical Code. December 2011

Act on the Protection of Privacy in Working Life (759/2004)

EU DIRECTIVE ON GOOD CLINICAL PRACTICE IN CLINICAL TRIALS DH & MHRA BRIEFING NOTE

Clinical Trial Compensation Guidelines

The Good medical practice framework for appraisal and revalidation

Australian Bone Marrow Donor Registry PROTECTING YOUR PRIVACY OUR PRIVACY POLICY

LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT

About Early Education

S P E C I A L I S T A N D M A S T E R S T U D I E S

Harness Care Cooperative Ltd Quality primary care services provided through local cooperation Company registration:

European School Brussels II. Avenue Oscar Jespers Brussels

Code of Conduct. 3. SCOPE: All PHI Air Medical Personnel

How To Inspect A Blood Bank

Panel discussion on Intellectual Property and Human Rights

ETHICS GUIDE FCT INVESTIGATOR PROGRAMME. 25 July 2013

Olympic Movement Medical Code In force as from 31 March 2016

Guidelines approved under Section 95A of the Privacy Act December 2001

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

Cord Blood - Public and Private Cord Blood Banking

United Nations Educational, Scientific and Cultural Organisation Organisation des Nations Unies pour l éducation, la science et la culture

An organization properly establishes and operates its control over risks regarding the information system to fulfill the following objectives:

Elaboration of the Declaration on Universal Norms on Bioethics : Third Outline of a Text

CONTRATO DE ENSAYO CLÍNICO

BEREC Monitoring quality of Internet access services in the context of Net Neutrality

HIPAA PRIVACY NOTICE PLEASE REVIEW IT CAREFULLY

REGULATIONS OF THE COMPLIANCE UNIT OF IBERDROLA GENERACIÓN ESPAÑA, S.A.U. 16/12/14

Draft guidance for registered pharmacies providing internet and distance sale, supply or service provision

Administration of Medication

Business Continuity Planning and Disaster Recovery Planning

South African Nursing Council (Under the provisions of the Nursing Act, 2005)

HIPAA COMPLIANCE PLAN. For. CHARLES RETINA INSTITUTE (Practice Name)

ISSUE DATE: AUGUST 2010 GOOD OCCUPATIONAL MEDICAL PRACTICE

The EFGCP Report on The Procedure for the Ethical Review of Protocols for Clinical Research Projects in Europe (Update: April 2011) Denmark

How To Protect Your Privacy At A Clinic

St. George s University

NHS Constitution. Access to health services:

Policy Brief: Protecting Privacy in Cloud-Based Genomic Research

READ ONLY COPIES (These forms to be completed in the doctor s office at time of visit)

Summary of the role and operation of NHS Research Management Offices in England

EDITORIAL MINING FOR GOLD : CAPITALISING ON DATA TO TRANSFORM DRUG DEVELOPMENT. A Changing Industry. What Is Big Data?

Opinion and recommendations on challenges raised by biometric developments

CITIZENS MEDICAL ALERT SERVICE AGREEMENT

(INDIVIDUALS ONLY) IndContPkge Version: 1.7 Updated: 18 Jul. 03

(2) The neurological surgeon shall not participate in any activity, which is not in the best interest of the patient.

Presentations by panellists were followed by a dialogue with members of the Council. These discussions are hereunder summarized.

Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information

Compliance Management Systems

EUROPEAN COMMISSION HEALTH AND CONSUMERS DIRECTORATE-GENERAL

Privacy and Security Resource Materials for Saskatchewan EMR Physicians: Guidelines, Samples and Templates. Reference Manual

The problem of cloud data governance

Code of Ethics Approved by Council April 9, 2016

TUFTS UNIVERSITY SCHOOL OF MEDICINE Institutional Educational Objectives

INFORMATION GOVERNANCE POLICY

Ethics and Patient Rights (EPR)

Appendix 1 Waiver of the requirement for informed consent for a clinical trial in a medical emergency Page 1 of 2

ehealth EHR Viewer & Integration Joint Service/Access Policy Executive Summary for Authorized Provider Organizations ("APOs")

Global Policy on Interactions with Healthcare Professionals

GUIDELINE ON THE APPLICATION OF THE OUTSOURCING REQUIREMENTS UNDER THE FSA RULES IMPLEMENTING MIFID AND THE CRD IN THE UK

Albany Medical Center Code of Conduct Approved by the AMC Board of Directors 07/05/06

Floyd Healthcare Management, Inc. Notice of Privacy Practices

Dental Assisting (Levels I and II) Program Standard

Human Research Protection Program University of California, San Diego ISSUES ON DNA AND INFORMED CONSENT

No employee, student, contractor or visitor shall in connection with any workrelated

GUIDELINE No. 117 THE PHYSICIAN MEDICAL RECORD*

Applications are invited for the above Contract Agent post at the European Centre for Disease Prevention and Control (ECDC).

Yale University Open Data Access (YODA) Project Procedures to Guide External Investigator Access to Clinical Trial Data Last Updated August 2015

Canada Health Infoway

EUROPASS DIPLOMA SUPPLEMENT

PSPPROC506A Plan to manage a contract

Stakeholder Guide

The ICN CODE OF ETHICS FOR NURSES

Transcription:

Panel C E-Health Mr. Jesús Rubí Navarrete, Spain E-Health encompasses a variety of scopes, many of which are interrelated. The one that concentrates most attention is related to EMH (Electronic Medical History), although there are other aspects, such as electronic prescriptions, electronic health card, or cloud computing services for the provision of healthcare services. The EMH provides great benefits, such as facilitating higher treatment quality thanks to greater information, improving the cost/effectiveness ratio. The first topic proposed was legitimisation. The debate went as follows: Does the ownership of the Medical History depend on the patient s consent or on that of the healthcare professional? Is it possible for there to be legal authorisations excluding these consents? Does it have to be linked to the public interest (quality, epidemiology, research, teaching ) Can there be several kinds of legitimisation depending on whether healthcare systems are public or private? Other capital aspects of EMH are access and security. Reliable patient identification and a very precise definition of users having authorised access are essential: Who can access this information? Only the professionals treating the patient, other professionals, invoicing services, etc.? It is important to specify whether accesses are in read-only mode or if writing is enabled. This is also related to modular accesses depending on who acted and how (medication, vaccination, emergency, appointment reminders for patients, physician s subjective notes, etc.) Regarding electronic health cards, it was established that this element has the advantage of facilitating the unequivocal identification of patients and is particularly relevant in the case of transferred patients. Here, options and questions arose: Must only access be facilitated or must a chip be included with

minimum health information on the holder? Who has access to the information in such circumstances, and how? On the other hand, electronic prescriptions were considered, taking into account their basic objective which is medication dispense. However, as in other cases, there is a variety of possibilities among which is the physician s assessment of the prescription and the rational use of medication, access by the pharmacist to previous prescriptions and access of the pharmacist to the EMH for pharmacological surveillance tasks. Lastly, the general problems of computation on the cloud were discussed, which are larger on account of it being especially protected data. What is the applicable law? The supplier s or the customer s? Can the customer audit the security of the service, need he/she know about existing subcontracts? Guarantees on demand are also important to transfer data to third countries as well as knowing whether third country authorities can access health information. Mr. Carlos Delpiazzo, Uruguay Mr. Delpiazzo stated that the two big issues at stake are health data and security. Health data is the group of sensitive data that, within the category of personal data, deserves special treatment in many legislations due to its vulnerability and to the specific issues it deals with. In comparative law, and also in Uruguayan law, other health data is regulated to special effects or due to its special features, apart from the data contained in the medical history. On the other hand, it was commented that several legal problems arise from genetic data, derived both from its incidence on each person s right of identity and from consequences arising from the treatments that could be applied on coding and non-coding DNA. This is sensitive data both for the holder and for other dimensions

approached by comparative law and jurisprudence (patenting or not of the data obtained through genetic research). Likewise, data from scientific research in humans is another category to be considered. Since medicine became science, research has been made that includes experiments on humans. Not only medicines are the object of experiments, but also human beings. The data resulting from scientific research refers to the health of individuals having an identity, who have volunteered to undergo research studies for epidemiological and medicinal assessment purposes, among many others. A fourth group of health data consists of data derived from organ, cell and tissue donation. In this respect, there has always been great concern in comparative and national law to specifically protect this kind of data because, regardless of the fact that donation is an altruistic manifestation, the aim is to prevent the illicit trade that unfortunately occurs in situations of extreme poverty, which contributes to promote this kind of market. There is a common element to all this data: it is health-related data. Therefore, it has to be processed under the general rules for sensitive data and provided with security. This leads to the second term of the proposed equation: safe health data processing. Security as a gender is a concept, a noun, which translates a status or a situation of fact, a certainty regarding something. Therefore, when the adjective legal is added to the concept security, this situation refers to the certainty provided to patients, medical operators and the general population in the case of sensitive data by the Law as a body of rules and principles. These principles are particularly relevant. In nearly all Ibero-American personal data protection laws, the discussion of whether security is a value or an ethical matter is transcended and erected as a principle. Some laws establish that security is a principle that shall serve to solve interpretation issues that may arise, etc. That is, it is often not written as a rule of law because general principles are, precisely, unwritten legal rules. However, they

have the same value as legal rules and shed a light to help solve the multiple practical problems posed by reality. But this legal security, when speaking of health data and also in other scopes, is insufficient. Technical security must also be regarded. The category security is not only specified in rules and principles providing a secure framework, but also in technical rules that support said legal security and make it possible. There is an indestructible relation between legal security and technical security. To sum up the issue of principles, in Uruguay two main lines may be verified: one that concentrates the whole issue of health data under the generic tutelage of personal data, and another one, more specifically focused on the characteristics of each type of health datum. However, there are common elements: security as a principle and the data holder s informed consent. In what regards the moderator s questions, Delpiazzo, LLD, expressed the following: The first question referred to whether health data processing should always be based on consent or other procedures are possible. It was established that a distinction ought to be made between two different traditional objectives of the State concerning health matters: 1st) healthcare services, both within the public and private scope, and 2nd) more specifically, Public Health as an essential mission of the State, for which the Uruguayan and other Constitutions use the expression Public Hygiene. In what regards health services, both in the public and private sector, the primary solution for health data processing must be the holder s previous informed consent. In Uruguay, this expressly arises from sections 9 and 18 of Law 18331. Within the scope of public health, the general interest is often jeopardized as epidemiological aspects may arise that exceed each individual s situation and the data can be processed without the holder s previous consent. This

construction is also foreseen in the Uruguayan legal system by sections 18 and 19 of Law 18331. Public Health regulations and, especially, the rule that confers missions to the Ministry of Public Health, contain a set of rules conferring legal powers that even allow the Ministry to isolate a person who is suffering from a contagious infectious disease, for example. So the law allows data processing hypotheses without the data holder s previous consent. Delpiazzo, LLD, was consulted whether data modules must be established with several access requirements for health professionals. The issue of medicine prescriptions was pointed out as an example, as well as what kind of access should be permitted. From a legal point of view, Uruguayan law and the law of several Ibero- American countries do not contain any express laws on the subject. However, the question can be answered from the viewpoint of the convenience of establishing distinctions, depending on the case. For this, the applicable general principles should be taken into account as a reference, especially, those included in all data protection laws, as well as in finality and responsibility principles. Likewise, it was pointed out that laws usually contemplate the possibility of disregarding personal consent, when the data derives from a contractual, scientific or professional situation of the data holder. This hypothesis is configured in many cases in situations of private services or private health systems, where the relationship between the patient and the system arises from a contract. Next, the problems related to health data protection stored in mobile devices or other electronic means were considered and it was stated that the legal framework is clear in what regards the obligation to guarantee security and undertake the liabilities arising from failure of doing so. Rather than a situation of legal security, we are facing a technical security issue, an aspect on which the development of standards has made great progress in the last few years.

Lastly, when speaking of E-health, it is important to highlight the position of the person as the centre of the system. The individual, as such, has an eminent dignity that is not given to him/her but that is a consequence of his/her condition as a person. Said dignity places the person at an eminent legal position with respect to any other subject of legal rights. When speaking of health data as a kind of data configuring each person s individuality, behaviour, the way in which the data is processed and the values put at stake are elements that surround and adorn the person s eminent dignity which is at the centre of any legal system in a Democratic and Social Rule of Law. Evidently, if other values, or the State, are placed above the individual, the answers could be different. But in situations where the individual is at the centre of the system, security shall be inherent to all processing. Mr. Philip Evans, United States of America Reflections concerning how technology is changing the way in which medicine is being developed were shared. Most countries healthcare regimes are based on two aspects: firstly, the wish to withhold the least possible amount of medical information of an individual and, secondly, the dissemination of such medical information (devoid of personal data) for the purpose of carrying out research. The way to overcome this contradiction is to distinguish identified from de-identified information. The opportunity and the challenge of medical electronic records imply that e-formats should allow to rapidly exchange medical e-records of patients and supplier institutions, thus having the potential to reduce errors, save lives and reduce costs, as well as allow that dissociated medical records be reidentified. The dilemma increases with the arrival of the Big Data concept in

medicine, as it implies the use of genomic or ambient information. It allows handling great amounts of information that may be used both for processing and for research. The advent of the big data allows starting to use this information in new extraordinary ways. In order to face the problem of the different ways in which to provide healthcare services, the data must be created in such a way that doctors should be able to see whenever their opinion differs from that of their colleagues. But all this requires that data be exchanged, thus, it should be included at a local and granular level. Technology affects medicine and the traditional differences considered between personal data and anonymity, patient-owned and researcher-owned data, closed data and open data, are falling apart. Perhaps it is necessary to pass from an absolutistic distinction to the management of a continuous and evolutionary dilemma between utility and privacy. Technology can help manage the issue of privacy versus business utility. But it is very difficult to regulate. Trusting those who have access can eventually be more important than controlling the format of the data or information, whereby it is important to regulate reliable institutions on the one hand and restrict the flow of information to such institutions on the other. Ms. Deven Mc Graw, United States of America Both patients and consumers have great interest in preserving the privacy of their health data and, at the same time, patients want to make sure that they are receiving the best possible healthcare for them and their families. Consequently, it was expressed that no advance can be achieved in health, healthcare and wellness without being able to access and robustly analyse health. Therefore, these two aspects should not be seen as conflicting for patients as they are joined and configure very significant interests. When thinking of how to resolve issues entailed by the creation of data

privacy policies, the need of patients to access better healthcare services must be taken into account. The amount of data provides the key for it to be available for analysis, ensuring that healthcare systems and patients have access to analysis results in order to make the best decisions in the future. Based on the premise that it is necessary to analyse the medical data of individuals in order to protect patients health, the question arises of how to continue protecting privacy. One of the ways to achieve this is keeping this data dissociated. Within the concept of Big Data, consumers share their data in a more active way, through their mobile phones, on the Internet and social networks, among others. This raises fees and increases the healthcare databases provided by consumers. This data is potentially very useful and there is also a business interest on it. Therefore, if the idea is that consumers should continue feeling comfortable when using these tools as an effective way to manage their and their families health data, trust must be built through legal systems and the establishment of good business practices. Ms. Sarah Wynn-Williams, New Zealand Communications before Facebook were much slower, today they are much faster. On the social network, each person builds his/her own community, configured by colleagues, friends and family members. The impact of social networks in cases of disasters, such as earthquakes, was analysed as, in many cases, sharing health information on the social network has served to save lives. The case of organ donation was mentioned. It was stated that it is a practice that has not been adequately shared at a social level. In the US, Facebook has used the power of the social network to increase said practice. The company has made available the possibility to indicate whether a person consents to donate his/her organs, with the possibility of selecting who is

enabled to visualize such information. Lastly, Ms. Wynn-Williams expressed that this is the first Facebook experience in what regards e-health initiatives and the idea is to make the most of the power of connecting people in order to connect donators with citizens who need transplants.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information