Del |

Legal Frameworks for eHealth: Based on the Findings of the Second Global Survey on eHealth, WHO

Given that privacy of the doctor-patient relationship is at the heart of good health care, and that the electronic health record (EHR) is at the heart of good eHealth practice, the question arises: Is privacy legislation at the heart of the EHR? The second global survey on eHealth conducted by the Global Observatory for eHealth (GOe) set out to answer that question by investigating the extent to which the legal frameworks in the Member States of the World Health Organization (WHO) address the need to protect patient privacy in EHRs as health care systems move towards leveraging the power of EHRs to deliver safer, more efficient, and more accessible health care.
The survey began with a question on the existence of generic privacy legislation followed by questions to establish if specific rules had been adopted to address privacy in EHRs. A series of questions followed pertaining to the way in which privacy is addressed in transmittable EHRs and patients' rights to access, correct, and control the use of the EHR. The investigation ended by broaching the issue of privacy protection in secondary uses of data contained in EHRs, such as for international research purposes.

In the present report the analysis of the survey responses is preceded by an overview of the ethical and legal roots of privacy protection. Focusing on the ethical concepts of autonomy, beneficence, and justice, the report reminds the reader of the early recognition of the duty of privacy in the Hippocratic Oath and goes on to consider how that is reflected in international binding legislation such as the United Nations Declaration on Human Rights and the European Union Data Protection Directive, as well as non-binding international codes of practice.