It would be a bad thing to let all patients be restricted in their rights because one patient, suffering in the past from depression and having a recurring cancer can get into problems. Some people are emotionally unstable, they need protection. I don't know the best way, but I would think of something as the digital locked room. (mentioned here below), but this should not default happen for all patients. It is, btw, possible to switch digital locked rooms also when switching data to a new PHR provider. So that all data remain to be maintained at the company the patient chooses.
For research purpose, the must also be solutions. People can allow voluntary access to their data by researchers, this is how it works now. So in the PHR situation, researchers go to the PHR providers instead of the clinicians. Not many people will delete all their data without transporting them to a new PHR provider (if someone wants to do, you can build a net of safety measures, confirmation time, etc), and for those two or three who still destroy all, researchers will not have data. Bert Op za 1 sep. 2018 om 20:29 schreef Thomas Beale <[email protected]>: > I continue to wonder what will happen when a cancer patient (perhaps in a > moment of depression or disaffection with care) asks for the hard delete, > gets better, then has a recurrence a few years later. What does the health > system do when *all the notes are really gone*? > > I think a better solution is to create a digital locked room when such > EHRs are put, one-way encrypted with a giant key provided by the patient. > Then when they have regrets, they can ask - nicely - for their record to > come out of cold storage. > > Another argument against total deletion is that a) the state has invested > in helping sick patients and b) other citizens have a potential interest in > health records belonging to those in the same major disease cohort, i.e. > diabetes, cystic fibrosis, BRCA1 cancer etc. Numerous deletions are > certainly going to compromise research that looks at longitudinal Dx v > treatments v outcomes. Perhaps perhaps permanent anonymisation is a better > solution in this case, with the original patient being given the new EHR id. > > I think GDPR has some way to go yet in healthcare... > > - thomas > > On 01/09/2018 18:57, Diego Boscá wrote: > > If a patient uses a private health provider then he has the right of > taking all that information and move to another provider. In that case he > will want a hard-delete of data. And I hope private health providers are > also able to use openEHR ;D > I think we should also review the "consent" mechanisms we have, as they > probably should also be tweaked to comply with GDPR. > > > _______________________________________________ > openEHR-technical mailing list > [email protected] > > http://lists.openehr.org/mailman/listinfo/openehr-technical_lists.openehr.org >
_______________________________________________ openEHR-technical mailing list [email protected] http://lists.openehr.org/mailman/listinfo/openehr-technical_lists.openehr.org
