Legal Frameworks for eHealth
Based on the Findings of the Second Global Survey on eHealth
Given that privacy of the doctor-patient relationship is at the heart of good health care, and that the electronic health record (EHR) is at the heart of good eHealth practice, the question arises: Is privacy legislation at the heart of the EHR? The second global survey on eHealth conducted by the Global Observatory for eHealth (GOe) set out to answer that question by investigating the extent to which the legal frameworks in the Member States of the World Health Organization (WHO) address the need to protect patient privacy in EHRs as health care systems move towards leveraging the power of EHRs to deliver safer, more efficient, and more accessible health care.
The survey began with a question on the existence of generic privacy legislation followed by questions to establish if specific rules had been adopted to address privacy in EHRs. A series of questions followed pertaining to the way in which privacy is addressed in transmittable EHRs and patients rights to access, correct, and control the use of the EHR. The investigation ended by broaching the issue of privacy protection in secondary uses of data contained in EHRs, such as for international research purposes.
In the present report the analysis of the survey responses is preceded by an overview of the ethical and legal roots of privacy protection. Focusing on the ethical concepts of autonomy, beneficence, and justice, the report reminds the reader of the early recognition of the duty of privacy in the Hippocratic Oath and goes on to consider how that is reflected in international binding legislation such as the United Nations Declaration on Human Rights and the European Union Data Protection Directive, as well as non-binding international codes of practice.
The ability to make wide use of EHRs and other eHealth tools will become increasingly important in both developed and developing countries. In the former, EHRs and related eHealth tools will play a key role of providing health care to ageing populations in which social care and health care need to be much more closely connected and where capacity demands will require that care is delivered outside traditional settings such as hospitals. The protection of privacy will also be a significant issue in supporting the changing nature of health care in developing countries, in which mobile eHealth solutions are emerging as an integral part of the health care infrastructure, as demonstrated in the publication mHealth: new horizons for health through mobile technologies.