IEHR Privacy Blueprint released

The Australian public has been given its first glimpse of how an individual electronic health record (IEHR) may work with the release of a document detailing the proposed privacy considerations for a national IEHR system.

The Privacy Blueprint for the Individual Electronic Health Record (Privacy Blueprint) has been put together by the National E-Health Transition Authority (NEHTA), the organisation that has been charged with the task of developing the national foundations for the electronic exchange of information for healthcare purposes. An individual’s privacy and how that is protected is integral to the proposed design of the IEHR.

“(NEHTA) has a responsibility to ensure privacy risks are minimised. The Privacy Blueprint shows how (NEHTA) takes this commitment a step further by identifying areas where we can take a privacy-positive approach. This is important as it shows how a proactive approach to privacy can become a positive building block in realising the full range of benefits of an IEHR system,” said Dr Bridget Bainbridge, head of policy and privacy, (NEHTA).

The Privacy Blueprint was released for public comment in July this year to members of the health sector, industry groups, governments, privacy advocates and health consumers to provide feedback on privacy.

“The success of an e-health system depends on making sure that privacy protection issues are addressed. If consumers have trust and confidence in the system, and they have a degree of control over how their health information is handled, then we are likely to see a greater uptake of the IEHR,” said Dr Bainbridge.

The Privacy Blueprint has generated a lot of interest and elicited a wide range of views from consumers and different areas of the health sector.

“Importantly, (NEHTA) acknowledges that privacy protection not only requires an appropriate legal framework, but that it must also be embedded into the design and operation of the IEHR. (NEHTA) is working to ensure that privacy standards are incorporated into the technical design of the IEHR from the outset, and that mechanisms are in place to prevent and detect potential privacy breaches in the future, such as thorough audit mechanisms,” said Dr Bainbridge.

In addition to a detailed description of how the IEHR will work and be used by consumers, healthcare providers and healthcare provider organisations within Australia, the Privacy Blueprint also provides detailed information about how each of these sectors will access and use the information stored in the IEHR.

The IEHR will be voluntary and consumers can choose to participate by registering in a number of ways, such as through a website or via their GP. Once registered, an electronic health record will be created on their behalf which is then ready to start receiving information from healthcare providers. The individual will be able to choose which healthcare providers may access their IEHR, and request that certain information not be included on their IEHR.

The IEHR is also expected to give healthcare providers greater confidence in treating patients by giving them access to more accurate and up-to-date medical information, enabling them to make better healthcare decisions in relation to their patients.

A Summary Health Profile will be the core document in the IEHR and will contain key facts about an individual at a glance, such as allergies and alerts, current medications and problem history, and will be used by a wide range of providers to assist in clinical decision making.

As the Summary Health Profile may contain potentially sensitive data, (NEHTA) has given considerable thought to the protection of privacy of consumers using the IEHR at the same time as supporting healthcare providers and organisations in using the IEHR data to provide an improved healthcare service.

According to the Privacy Blueprint, one of the key considerations in constructing a privacy framework is “balancing the improved healthcare practice and security that a national approach to IEHR brings, against the potential privacy risks that may arise from the IEHR design.”

(NEHTA) is in the process of reviewing all of the feedback it has received in response to the release of the Privacy Blueprint. Once all this data is compiled, a summary report on all the feedback received will be produced and made available on the (NEHTA) website.

Posted in Australian eHealth

You need to log in to post comments. If you don't have a Pulse+IT website account, click here to subscribe.

Sign up for Pulse+IT eNewsletters

Sign up for Pulse+IT website access

For more information, click here.