36th International Conference (Mauritius) 16th October 2014 Panel 7: E-Health and Data Protection The electronic health records in Luxembourg Gérard Lommel (President) The electronic health records in Luxembourg Healthcare systems in Europe Largely publicly funded and build on compulsory “social security” insurances (universal health care) Challenges: – The demand for health care is rapidly growing as a result of ageing populations and of rising public expectations – How to keep Healthcare systems able of delivering equal, efficient and high quality services at affordable cost without: • avoiding redundancy of medical acts and unnecessary care • encouraging a closer interdisciplinary cooperation of professionals and a coordinated follow up of treatments and care – Make it ready for integration of advanced eMedecine and mobile technologies 16th October 2014 2 The electronic health records in Luxembourg Healthcare systems in Europe Can the introduction of “electronic health records” and a new coordination role of a referred doctor be the answer to these challenges? – Make existing data and a comprehensive information about the patient available helps to ensure best quality of treatment and follow up – guidance by a dedicated referring doctor should help to avoid inefficient consumption of health services – Enhanced cost efficiency helps control & reduce the rapid growth of health care costs (avoiding duplication and unnecessary examination and treatments) – But the new gatekeeper function raises critics, as it might limit free access to medical consultation and care 16th October 2014 3 The electronic health records in Luxembourg Enhanced sharing of patient information: a key element of eHealth policy Since 10 years, the EU Commission promotes national eHealth strategies Stimulating the set up of: – Health Portals on the Internet for a comprehensive patient information – Nationwide directories of health professions by region and specialization – Collaborative platform facilitating a personalized interaction among physicians – Regional and nationwide EHR systems for : • the sharing of individual patient information by all health professionals enrolled in care • chronological record of examinations & medication delivery and registration of diagnostics/intervention reports • ePrescription, prepare for smart new technologies … 16th October 2014 5 The electronic health records in Luxembourg Other elements of eHealth policy In parallel: – More focus on preventive health policy – Boosting of statistical data gathering on entire health population and development of multiple monitoring tools – Enhanced secondary use of medical data for analytics and scientific research Prepare for integration of new electronic medical devices and mobile solutions in existing IT systems 16th October 2014 6 The electronic health records in Luxembourg Exchange of medical data via a cloud platform Compatible with the Medical secrecy obligation? (the Duty of confidence) Threats for privacy and data security: – The whole consultation and care history of each patient will be laid down in a central register – More and more patient data are gathered and accessed from anywhere by a great number of praticioners – Data confidentiality and security risks (data hosted centrally and accessed through a cloud system) – Secondary use of anonymized data is made possible for statistical purposes and scientific research Importance of trust to win the adherence of the public to such a large-scale and sensitive project 16th October 2014 7 The electronic health records in Luxembourg Introduction of EHR in Luxembourg Method chosen by the Data Protection Authority for assessing privacy risks and data protection = PIA Privacy Impact Assessment – Constructive dialogue between CNPD and “eSanté”agency (in charge of the developpment of the system and running of the EHR platform) – “Privacy by design” methodology best fitting to the scope and sensitivity of the project Important to build trust through transparency and a high level of implemented safeguards Public acceptance of our intervention is crucial for the credibility of Luxembourg’s DPA’ action 16th October 2014 8 The electronic health records in Luxembourg Privacy Impact Assessment (PIA) Evaluation of the model (central indexation, partly decentral storage) and its technical & operational properties Detailed analysis of all potential privacy risks and of the validity of implemented safeguards which are to be examined with their long-term consequences The PIA grid will continue to be a part of our monitoring of the further evolution of the “eSanté”management Close look on ways of expression of patient consent/opt-out and tools for giving him own control 16th October 2014 9 The electronic health records in Luxembourg Main focus of the PIA The technical security measures – – – – – architectural design of the system, security of data communication (transmission ways), security of data storage, encryption policy advanced anonymisation techniques, ... The organisational data governance – – – – code of conduct for all implicated actors, implementation of a data security policy, business continuity plans, audit policy, ... The data accountability – respect of a patient’s self determination and a proper privacy policy, – limitation of data exchange to the needs of treatment, care, follow-up, etc. – granular definition and control of limited access rights (e.g. EHR matrix habilitation), – prevention of abuse, tracing of all accesses, – facilitation of data subjects rights, – Transparency and appropriate information policy. 16th October 2014 10 The electronic health records in Luxembourg Informational self-determination Opt-out: Each person covered by social security will automatically get an EHR. He can however decide to deactivate it at any time Patients get own control over what information may be shared: they can hide certain data/documents (of sensitive nature) from a particular practitioner or completely ban them from sharing across the system The patient can add personal comments or particular information about his well-being to the EHR (personal expression space) The patient can verify any time who accessed his EHR 16th October 2014 11 The electronic health records in Luxembourg Public criticism A patient right organization claimed for: – leaving a full “opt-in”-choice to the patient : explicit consent asked before his EHR is activated and for each including of data and documents – a more detailed and comprehensive code of conduct applicable to the medical and administrative staff with severe sanctions established for cases of misuse and data confidentiality breach – stronger technical security measures – stricter conditions for one-time access allowed to medical staff by-passing the normal justification in urgent situations – User friendly controls for the patients over their health data – the creation of a specific supervisisory body 16th October 2014 12 36th International Conference (Mauritius) 16th October 2014 Panel 7: E-Health and Data Protection The electronic health records in Luxembourg Questions? Commission nationale pour la protection des données 1, avenue du Rock’n’Roll L-4361 Esch-sur-Alzette (Belval) 261060-1 www.cnpd.lu info@cnpd.lu