Article

Legal and social implications of health telematics in the EU

Authors:
  • Dierks+Company
To read the full-text of this research, you can request a copy directly from the author.

Abstract

Health telematics involve the processing of data concerning health. The European Directive 95/46/EC constitutes a general prohibition of processing this special category of data. Exemptions to that principle are found in the data subject's consent, vital interests and professional obligation to secrecy. These exemptions, however, do not sufficiently secure legal grounds for health data protection in practice. It is for that reason, that the member states must establish a harmonised legal basis for telematics services. Multinational working groups, such as EHTEL, need respective support.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the author.

... One of the more troublesome questions that surround the establishment and use of electronic health records (EHRs) is whether it is ethically defensible to make non-consensual use of personal data for purposes other than those that were initially specified in their collection. The prevailing opinion seems to be that by and large, such secondary use requires the informed consent of the subjects of the records or of their duly empowered proxies.[1] This position can be argued in three ways: by citing the privacy rights of the subjects of the records, by claiming a contractual or quasi-contractual privacy arrangement between the subjects and whoever establishes the records, and by asserting a proprietary interest that subjects have in any personal data that originate with them.[2] The privacy rights tend to be grounded in the close association between the records and their subjects, and in the analogue role that EHRs play in information and decision space.[3,4] ...
... In informatic ethics it entails that the right to informatic autonomy is subject to the equal and competing informatic rights of other persons. Consequently, when withholding or blocking relevant data would imperil the equal and competing informatic rights of third parties, the legitimacy of such blocking or of such withholding has to be examined in light of these competing informatic third-party rights.[1] In other words, a balancing process is then called for. ...
Article
It is frequently asserted that the secondary use of data contained in electronic health records (EHRs) requires the informed consent of the subjects of these records. This paper argues that while correct in principle, this has four important ethically based limitations: when it seriously threatens the equal and competing right of others, when it undermines the ability of health care providers to carry out their mandates, when it imperils the possibility of establishing and maintaining a health care system in the first place, and when it makes bona fide research impossible. Nevertheless, as a general rule, when consent can be had, it should be had. This paper provides a theoretical basis for these claims by looking at the nature and role of EHRs and provides some possible approaches for incorporating them into the health care delivery process.
... Wozak). tructure is required for the exchange of medical data [6,7]. End-to-end security is introduced to safeguard information in an information system from point of origin to point of destina- tion [8]. ...
Article
The interconnection of medical networks in different healthcare institutions will be constantly increasing over the next few years, which will require concepts for securing medical data during transfer, since transmitting patient related data via potentially insecure public networks is considered a violation of data privacy. The aim of our work was to develop a model-based approach towards end-to-end security which is defined as continuous security from point of origin to point of destination in a communication process. We show that end-to-end security must be seen as a holistic security concept, which comprises the following three major parts: authentication and access control, transport security, as well as system security. For integration into existing security infrastructures abuse case models were used, which extend UML use cases, by elements necessary to describe abusive interactions. Abuse case models can be constructed for each part mentioned above, allowing for potential security risks in communication from point of origin to point of destination to be identified and counteractive measures to be directly derived from the abuse case models. The model-based approach is a guideline to continuous risk assessment and improvement of end-to-end security in medical networks. Validity and relevance to practice will be systematically evaluated using close-to-reality test networks as well as in production environments.
Article
Gegenstand der hier vorliegenden Arbeit war es, im Rahmen des digitalen Bilddatenversands eine Beschreibung von derzeit gültigen Standards und gesetzlichen Bestimmungen abzugeben, sowie hieraus eine Empfehlung zum Versand von digitalen Bilddaten angesichts der gesetzlichen Bestimmungen innerhalb des deutschen Bundesgebietes abzuleiten. Insbesondere im Bereich der digitalen Bilderzeugung und -verarbeitung bietet sich inzwischen das Internet in besonderem Maße als Medium für den Transport digitaler Datenbestände an. Dabei wird jedoch der Schutz sensibler Daten durch den Arzt häufig in starkem Maße vernachlässigt. Diesem Sachverhalt versuchen diverse gesetzliche Bestimmungen und Richtlinien zwar vorzubeugen, doch sieht die Realität nach wie vor anders aus. Aus diesem Grund stellte sich bei der vorliegenden Arbeit die zentrale Frage: Wie kann der Versand von digitalen Bilddaten gestaltet werden, dass einerseits die derzeit gültigen gesetzlichen Bestimmungen erfüllt werden, das Vertrauensverhältnis zum Patienten aufrechterhalten wird, andererseits aber auch für den Arzt wirtschaftliche Vorteile resultieren? Der Ansatz zur Lösung des Problems zeichnete sich in einer adäquaten Verschlüsselung der zu versendenden Daten ab. Wichtige Kriterien hierbei waren ein Maximum an Sicherheit der verschlüsselten Daten, sowie eine hohe Verschlüsselungsgeschwindigkeit. Weiterhin standen eine einfache – nach Möglichkeit automatisierte – Bedienung der Software und nicht zuletzt der Ausschluss von Manipulation durch Dritte im Mittelpunkt. Die ausgewählte Kryptosoftware wurde im Anschluss erfolgreich installiert, entsprechend den unterschiedlichen Voraussetzungen der einzelnen Systeme der Teilnehmer konfiguriert und ein digitaler Bilddatenversand praxisnah simuliert.
ResearchGate has not been able to resolve any references for this publication.