Gunnar Klein wrote:
>Dear EHR friends, > >I agree very much with David Guest's opinion that it less fruitful to speak >about ownership of information though it is done a lot in the debate in many > actually, I agree - I just used the word as shorthand for being able to exercise rights over the information, i.e. being the moral owner. As a technological concept, it is not useful. >Different from the access rights themselves are the rights to decide access >rights which is quite complicated and varies in different situations. In >many countries today, the patient concerned always has an overriding right >of deciding that "his/her" record should be released for reading to a >specific person or any person. We have an interesting debate in Sweden right >now on the issue if it is possible to ask the patient to give consent to >access to records not yet recorded. > This would surely have to depend on some idea of classification of information. You could sensibly give consent to a certain set of access rights for current medicationa and therapeutic precautions information; when more items in these categories are recorded, the patient probably does not want to have to keep restating their preferences. But for new categories of information it should probably be different. The trick is to devise a way of categorising health data from a user point of view... >Yet another aspect of "ownership" is the issue of destruction of the whole >or parts of an EHR. In our legislation as I believe in many others no >healthcare provider has that right by itself, only a special national body, >in our case the National Board of Health working directly under the ministry >of Health can make a decision that allows it and in fact mandate that it >shall be done usually based on a request by a patient that find that errors >have been made or harmful opinions expressed by less careful professionals. >Since many EHR systems installed do not really have a function to do a >removal of data, these rare situations cause special consultancy services by >the EHR manufacturer often at high costs 5-15000 EUR. > now I'm smiling. I knew there was a reason why CEN, GEHR and all the other works said you can't delete anything ;-) >Of course a standard requirement shoudl allow for deletion but it is not a >matter for EHR communication. > Right; it is a system function, and a governance issue >However, the important thing to note is that >when records actually shall be deleted it shlould be all copies also sent to >other providers. Thus, the record need to store logs of record transfers and >there may be a need to communicate electronically the instruction to the >recieveing end to delete. > this is one way of doing it but i suspect there are better ways which have not been designed yet, due to the unknown factor of how EHRs in the future will be distributed and shared - in community computing infrastructure? In a cerntralised infrastructure? >However, from a Swedish point of view these >deletion issues are so rare that it is not an important requirement that >this should be communicated electronically, one reason is that the >instruction to another system need to convey also the proof (a paper >decision for now and a long time to come) of the Authority decision that the >record can/shall be deleted. > I suspect this should also be true for requests for prior versions of information, when only the latest is of interest to clinical care. - thomas beale - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
