More solid data protection standards
Most people are willing to share their personal health data with authorised parties. But they do want to make sure its accessibility is restricted to the right hands.
- Authorities have taken legal measures to protect people’s privacy, e.g. the introduction of the GDPR in Europe. This General Data Protection Regulation aims to give individuals control over their personal data, including the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and the right not to be subject to a decision based solely on automated processing.
- ICT developers have finetuned the information security measures built into their applications (e.g. encryption, audit trails, password management).
- Specialised agencies perform audits on privacy compliance.
- More and more health data users adopt ethical codes of conduct, define transparency and privacy notices, introduce consent procedures, have data protection impact assessments done and so forth.
As regulatory requirements need careful understanding and are subject to change, data protection needs to be a permanent topic of evaluation by experts specialised in the matter.
We call on all health data users to clearly demonstrate their privacy initiatives to reassure data providers.
Citizens are entitled to demand full clarity on how and where their health data is being used, and have the power to consent or refuse the use of personal data for specific purposes.
covid-19
A crisis often acts as a catalyst. COVID-19 has accelerated interest in health data sharing and reuse, and has boosted awareness of its potential in tackling health issues. At the same time, it has also heightened concerns about data protection and privacy.
Media exposure on e.g. Covid apps gathering anonymised data or vaccination plans based on people’s medical history has triggered a broad societal discussion that will probably stimulate more efforts into privacy protection measures and standards.
New techniques
New techniques such as AI (artificial intelligence) and NLP (natural language processing) will magnify the value of connecting health data and boost the efficient use of interoperability standards. They will e.g. make lighter work of transforming diseases, diagnoses and procedures into uniform medical codes or transform free texts (doctor’s notes, patient feedback) in structured data fields.
Europe
The European Electronic Health Record Exchange Format (EEHRxF)
The European EHR Exchange Format wants to create the ability to exchange health records across European borders for the sake of citizens seeking treatment while abroad in the EU, such as for specialist advice, or falling ill while travelling, or for those citizens who have moved to another Member State and would like joined up medical records.
In particular it aims at the creation of a European format that will facilitate cross-border access to Electronic Health Records, while ensuring the highest levels of security and data protection.
