Think the GDPR already provides many answers...:-), see at https://gdpr-info.eu/art-17-gdpr/
In the case of a person ("data subject") not being able to take control; normally another person is appointed to do so on behalf of the "data subject". So the same law applies.. Cheers, Jan-Marc Op ma 3 sep. 2018 om 13:50 schreef Bert Verhees <bert.verh...@rosa.nl>: > It would be a bad thing to let all patients be restricted in their rights > because one patient, suffering in the past from depression and having a > recurring cancer can get into problems. Some people are emotionally > unstable, they need protection. I don't know the best way, but I would > think of something as the digital locked room. (mentioned here below), but > this should not default happen for all patients. > It is, btw, possible to switch digital locked rooms also when switching > data to a new PHR provider. So that all data remain to be maintained at the > company the patient chooses. > > For research purpose, the must also be solutions. People can allow > voluntary access to their data by researchers, this is how it works now. So > in the PHR situation, researchers go to the PHR providers instead of the > clinicians. Not many people will delete all their data without transporting > them to a new PHR provider (if someone wants to do, you can build a net of > safety measures, confirmation time, etc), and for those two or three who > still destroy all, researchers will not have data. > > Bert > > > Op za 1 sep. 2018 om 20:29 schreef Thomas Beale <thomas.be...@openehr.org > >: > >> I continue to wonder what will happen when a cancer patient (perhaps in a >> moment of depression or disaffection with care) asks for the hard delete, >> gets better, then has a recurrence a few years later. What does the health >> system do when *all the notes are really gone*? >> >> I think a better solution is to create a digital locked room when such >> EHRs are put, one-way encrypted with a giant key provided by the patient. >> Then when they have regrets, they can ask - nicely - for their record to >> come out of cold storage. >> >> Another argument against total deletion is that a) the state has invested >> in helping sick patients and b) other citizens have a potential interest in >> health records belonging to those in the same major disease cohort, i.e. >> diabetes, cystic fibrosis, BRCA1 cancer etc. Numerous deletions are >> certainly going to compromise research that looks at longitudinal Dx v >> treatments v outcomes. Perhaps perhaps permanent anonymisation is a better >> solution in this case, with the original patient being given the new EHR id. >> >> I think GDPR has some way to go yet in healthcare... >> >> - thomas >> >> On 01/09/2018 18:57, Diego Boscá wrote: >> >> If a patient uses a private health provider then he has the right of >> taking all that information and move to another provider. In that case he >> will want a hard-delete of data. And I hope private health providers are >> also able to use openEHR ;D >> I think we should also review the "consent" mechanisms we have, as they >> probably should also be tweaked to comply with GDPR. >> >> >> _______________________________________________ >> openEHR-technical mailing list >> openEHR-technical@lists.openehr.org >> >> http://lists.openehr.org/mailman/listinfo/openehr-technical_lists.openehr.org >> > _______________________________________________ > openEHR-technical mailing list > openEHR-technical@lists.openehr.org > > http://lists.openehr.org/mailman/listinfo/openehr-technical_lists.openehr.org > -- Regards, Jan-Marc Mobile: +31 6 53785650 www.medrecord.io
_______________________________________________ openEHR-technical mailing list openEHR-technical@lists.openehr.org http://lists.openehr.org/mailman/listinfo/openehr-technical_lists.openehr.org