Electronic health records concern some of an individual’s most sensitive data, and therefore deserves the highest degree of protection against all kinds of abuse. The challenge is clear: EHR can only be used to their full potential when medical personnel can access the data they need. At the same time, it has to be assured that data not needed in the context of a specific treatment is made inaccessible and that the data does not get dispersed or accessed by non-authorised persons or organisations. The planned revision of the EU Data Protection Directive in the next Parliamentary term may have an impact on the way medical professionals need to manage their records.

 

Electronic Health Records (EHRs) are records, stored in digital format, of a patient's health information as it evolves over a certain timespan. EHRs may be made up of electronic medical records (EMRs) from many locations and/or sources. Among the many forms of data often included in EMRs are patient demographics, medical history, medicine and allergy lists (including immunization status), laboratory test results, radiology images, billing records and advanced directives.

For doctors, hospital operators, medical personnel and caretakers, the advantage of the electronic health record is the opportunity it provides to structure, automate and streamline their workflow. It can generate a complete record of encounters with clinical patients and support other care-related activities. 

As patient mobility increases in Europe, EHRs that are readable by clinicians in different settings and languages could enable safer treatments and reduce costs. 

The issue of mobility is closely linked to interoperability: If standards for EHR remain confined within one country's borders, they will raise new barriers to patient mobility. This means, however, that standards would have to overcome not only language barriers but also differences in countries' healthcare systems, from medical treatments to the way pharmaceuticals are marketed. 

The EU's e-Health action plan (2004) defines the development of interoperable healthcare systems across the Union by 2010 as a priority. In June 2006, the Commission's ICT for Health unit adopted a new strategy to promote the transformation of the European healthcare landscape.

Following a comparatively low initial investment, electronic health records would enable doctors and medical personnel to share the results of medical exams more efficiently. This would help them avoiding a situation where the same type of exam is performed on the same patient several times as they move from one clinic or doctor to another. 

In addition, computing power could be used to cut additional costs such as prescription pharmaceuticals and hospitalisation and travel fees. Anonymous healthcare data based on all patients could be used to make healthcare markets more efficient. For example, the effectiveness and safety of generic as opposed to original drugs could be tested independently and more efficiently. 

The Rand Corporation estimates that the introduction of electronic health records in the US would lead to savings of around US$80bn (€55bn) a year, the lion's share of which would be through reductions in in-patients' length of stay and nursing time, followed by out-patients' drug use.  

Data protection and security

Electronic health records concern some of a person's most sensitive data, which therefore deserves the highest degree of protection against all kinds of abuse. The challenge is clear: EHR can only be used to their full potential when medical personnel can access the data they need. At the same time, it has to be assured that data not needed in the context of a specific treatment is made inaccessible and that the data does not get dispersed or accessed by non-authorised persons or organisations. 

Recent data losses stress the importance of more effective protection measures. A November 2007 poll by British newspaper The Guardian revealed how critical a challenge this will be: According to the research, almost 60% of general practitioners in the UK are unwilling to upload their patient data to a proposed national database, for fear that "sensitive personal data could be stolen by hackers and blackmailers". According to research commissioned by the UK Medical Research Council, this feeling is shared by the general public. 

On 15 February 2007, the Article 29 Working Party an EU privacy watchdog issued a Working Document on the processing of personal data relating to health in electronic health records, warning: "From a data protection point of view, the fact has to be stressed that EHR systems [...] have the potential not only to process more personal data (e.g. in new contexts, or through aggregation) but also to make a patient's data more readily available to a wider circle of recipients than before." 

It added: "In compiling existing medical information about an individual from different sources with the result of allowing for easier and more widespread access to this sensitive information, EHR systems introduce a new risk scenario, changing the whole scale of possible misuse of medical information about individuals."

Some of the trickiest questions in setting up EHR systems concern the introduction of integrated and interoperable solutions for access control and data security systems. 

Conclusion

Because of the direct applicability and supremacy of European regulations of national legislation and the mandatory transposition of EU Directives into national laws, decisions taken at the EU level in Brussels and Strasbourg influence every aspect of society Europe-wide and even globally. No sector can afford to have a blind spot for European Union policies,  as it can cost them substantial resources when European legislation is adopted  or altered against their wishes.

Many multinational companies, and by extension, the trade and professional associations that represent their interests, industries and professions, have a critical stake in European Union issues. To infuence the process requires participation. To participate requires an understanding of the rules of the game, who the players are and to obtain knowledgeable, expert, local guidance. Please click here to learn more.

 

Sources: Euractive.com, EUObserver, European Voice, European Commission, European ePractice Newsletter N. 250

 

Contact us at info@agshq.com or at +32 2645 2670.