On Mon, Nov 06, 2017 at 11:57:28AM +0100, GF wrote:
> Small example.
>
> As GP I had scanned early 1990’s to CD’s all ‘Green cards’, meaning patient
> records.
> I can not remove these files on write-only media.
Oh, you can, but it is not feasible:
Re-read all CDs, delete from recovered data any data that
needs to be deleted, destroy old CDs, burn new CDs.
> Logical deletion is possible at best.
> Logical deletion means that that data no longer is actively used in health
> care provision processes.
> Absolute and full Physical deletion many times is impossible, or not
> practical.
Exactly, the latter. An example for *you* are unable (as
opposed to *it* is not possible):
Your CDs were handed over to a data keeping company to
which you don't have access (say, it went bankrupt).
Under German law you might well be responsible for a) having
made sure that company complies with German law, and b) you
may *still* potentially be liable today.
Case in point: under German law when a doctor's children
inherit (!) patient charts hey automatically become the
legally responsible custodians of the records and become,
among other obligations, liable to litigations for privacy
breaches both by the parent they inherited from and also
themselves ! Yes, *non-doctors* may fall under doctor-patient
privacy laws just because they become heirs to a former GP
office's patient charts...
I doubt any such crazy thing is possible anywhere else.
Karsten
--
GPG key ID E4071346 @ eu.pool.sks-keyservers.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
_______________________________________________
openEHR-technical mailing list
[email protected]
http://lists.openehr.org/mailman/listinfo/openehr-technical_lists.openehr.org
