Legislative issues in the processing of sensitive personal data in the electronic patient record
Journal
Health Science Journal
Date Issued
2009
Author(s)
Abstract
Introduction: EPR is an evolving idea determined as a long-term collection of health care
information of patients and populations. EPR has gained a great value in the healthcare
environment. Its contribution to the improvement of the quality of health care provision, to the
reduction of health services’ costs, and to the increase of productivity and efficiency of health
care professionals, justify its importance.
Purpose / Objective: The purpose of this study was to explore the general legislative status in
Greece, E.U., and USA for the protection of sensitive personal data in the Electronic Patient
Record (EPR).
Methodology: In preparation for reviewing the literature on the general legislative status in
Greece, E.U., and USA for the protection of sensitive personal data in the EPR, a MEDLINE and a
GOOGLE search was conducted. Bibliographic review was made with key words “Electronic
patient record, sensitive personal data, legislation, security”.
Results: Each country in E.U but in America also tries to protect the people’s right for a safe
handling of personal data included in an EPR by setting the minimum necessary requirements for
each health organization that uses it and by creating laws for the same purpose. Greece,
following the instructions by E.U, has already legislated in order to protect the EPR’s sensitive
personal data.
Conclusion: The determination of ethic and legal guidelines and criteria relevant to the
electronic collection, processing, and communication of personal sensitive health data, is vital.
A potential disclosure of patient’s personal data puts in risk the relationship between the
patient and the physician or nurse but also the one among the members of the entire society
since the patient may be afraid or reluctant to trust to reveal critical information that concern
not only his personal health but also the public health.
information of patients and populations. EPR has gained a great value in the healthcare
environment. Its contribution to the improvement of the quality of health care provision, to the
reduction of health services’ costs, and to the increase of productivity and efficiency of health
care professionals, justify its importance.
Purpose / Objective: The purpose of this study was to explore the general legislative status in
Greece, E.U., and USA for the protection of sensitive personal data in the Electronic Patient
Record (EPR).
Methodology: In preparation for reviewing the literature on the general legislative status in
Greece, E.U., and USA for the protection of sensitive personal data in the EPR, a MEDLINE and a
GOOGLE search was conducted. Bibliographic review was made with key words “Electronic
patient record, sensitive personal data, legislation, security”.
Results: Each country in E.U but in America also tries to protect the people’s right for a safe
handling of personal data included in an EPR by setting the minimum necessary requirements for
each health organization that uses it and by creating laws for the same purpose. Greece,
following the instructions by E.U, has already legislated in order to protect the EPR’s sensitive
personal data.
Conclusion: The determination of ethic and legal guidelines and criteria relevant to the
electronic collection, processing, and communication of personal sensitive health data, is vital.
A potential disclosure of patient’s personal data puts in risk the relationship between the
patient and the physician or nurse but also the one among the members of the entire society
since the patient may be afraid or reluctant to trust to reveal critical information that concern
not only his personal health but also the public health.