Peut-on concilier la vocation des archives avec la protection des

36th International Conference (Mauritius)
16th October 2014
Panel 7: E-Health and Data Protection
The electronic health records in
Gérard Lommel (President)
The electronic health records in Luxembourg
Healthcare systems in Europe
 Largely publicly funded and build on compulsory
“social security” insurances (universal health care)
 Challenges:
– The demand for health care is rapidly growing as a
result of ageing populations and of rising public
– How to keep Healthcare systems able of delivering
equal, efficient and high quality services at affordable
cost without:
• avoiding redundancy of medical acts and
unnecessary care
• encouraging a closer interdisciplinary cooperation of
professionals and a coordinated follow up of
treatments and care
– Make it ready for integration of advanced eMedecine and
mobile technologies
16th October 2014
The electronic health records in Luxembourg
Healthcare systems in Europe
 Can the introduction of “electronic health records”
and a new coordination role of a referred doctor be
the answer to these challenges?
– Make existing data and a comprehensive information
about the patient available helps to ensure best quality of
treatment and follow up
– guidance by a dedicated referring doctor should help to
avoid inefficient consumption of health services
– Enhanced cost efficiency helps control & reduce the
rapid growth of health care costs (avoiding duplication
and unnecessary examination and treatments)
– But the new gatekeeper function raises critics, as it
might limit free access to medical consultation and care
16th October 2014
The electronic health records in Luxembourg
Enhanced sharing of patient information:
a key element of eHealth policy
 Since 10 years, the EU Commission promotes national
eHealth strategies
 Stimulating the set up of:
– Health Portals on the Internet for a comprehensive patient information
– Nationwide directories of health professions by region and
– Collaborative platform facilitating a personalized interaction
among physicians
– Regional and nationwide EHR systems for :
• the sharing of individual patient information by all health
professionals enrolled in care
• chronological record of examinations & medication delivery and
registration of diagnostics/intervention reports
• ePrescription, prepare for smart new technologies …
16th October 2014
The electronic health records in Luxembourg
Other elements of eHealth policy
 In parallel:
– More focus on preventive health policy
– Boosting of statistical data gathering on entire health
population and development of multiple monitoring tools
– Enhanced secondary use of medical data for analytics
and scientific research
 Prepare for integration of new electronic medical devices
and mobile solutions in existing IT systems
16th October 2014
The electronic health records in Luxembourg
Exchange of medical data via a cloud platform
 Compatible with the Medical secrecy obligation?
(the Duty of confidence)
 Threats for privacy and data security:
– The whole consultation and care history of each patient
will be laid down in a central register
– More and more patient data are gathered and accessed
from anywhere by a great number of praticioners
– Data confidentiality and security risks (data hosted
centrally and accessed through a cloud system)
– Secondary use of anonymized data is made possible for
statistical purposes and scientific research
 Importance of trust to win the adherence of the
public to such a large-scale and sensitive project
16th October 2014
The electronic health records in Luxembourg
Introduction of EHR in Luxembourg
 Method chosen by the Data Protection Authority for
assessing privacy risks and data protection = PIA
Privacy Impact Assessment
– Constructive dialogue between CNPD and “eSanté”agency (in charge of the developpment of the system
and running of the EHR platform)
– “Privacy by design” methodology best fitting to the
scope and sensitivity of the project
 Important to build trust through transparency and
a high level of implemented safeguards
 Public acceptance of our intervention is crucial for
the credibility of Luxembourg’s DPA’ action
16th October 2014
The electronic health records in Luxembourg
Privacy Impact Assessment (PIA)
 Evaluation of the model (central indexation, partly
decentral storage) and its technical & operational
 Detailed analysis of all potential privacy risks and of
the validity of implemented safeguards which are to
be examined with their long-term consequences
 The PIA grid will continue to be a part of our
monitoring of the further evolution of the “eSanté”management
 Close look on ways of expression of patient
consent/opt-out and tools for giving him own control
16th October 2014
The electronic health records in Luxembourg
Main focus of the PIA
 The technical security measures
architectural design of the system,
security of data communication (transmission ways),
security of data storage,
encryption policy
advanced anonymisation techniques, ...
 The organisational data governance
code of conduct for all implicated actors,
implementation of a data security policy,
business continuity plans,
audit policy, ...
 The data accountability
– respect of a patient’s self determination and a proper privacy policy,
– limitation of data exchange to the needs of treatment, care, follow-up, etc.
– granular definition and control of limited access rights (e.g. EHR matrix
– prevention of abuse, tracing of all accesses,
– facilitation of data subjects rights,
– Transparency and appropriate information policy.
16th October 2014
The electronic health records in Luxembourg
Informational self-determination
 Opt-out: Each person covered by social security will
automatically get an EHR. He can however decide to
deactivate it at any time
 Patients get own control over what information may be
shared: they can hide certain data/documents (of
sensitive nature) from a particular practitioner or
completely ban them from sharing across the system
 The patient can add personal comments or particular
information about his well-being to the EHR (personal
expression space)
 The patient can verify any time who accessed his EHR
16th October 2014
The electronic health records in Luxembourg
Public criticism
 A patient right organization claimed for:
– leaving a full “opt-in”-choice to the patient : explicit consent
asked before his EHR is activated and for each including of
data and documents
– a more detailed and comprehensive code of conduct
applicable to the medical and administrative staff with severe
sanctions established for cases of misuse and data
confidentiality breach
– stronger technical security measures
– stricter conditions for one-time access allowed to medical
staff by-passing the normal justification in urgent situations
– User friendly controls for the patients over their health data
– the creation of a specific supervisisory body
16th October 2014
36th International Conference (Mauritius)
16th October 2014
Panel 7: E-Health and Data Protection
The electronic health records in
Commission nationale pour la protection des données
1, avenue du Rock’n’Roll
L-4361 Esch-sur-Alzette (Belval)
[email protected]

similar documents