Privacy Interests in EMRs

Rationale

  • No EMRs, no electronic health record to share, no potential for privacy breach of electronic health records. While paper-based patient information may also be shared illegitimately, electronic records magnify the ease and reach of unauthorized sharing or privacy breach.
  • greater potential for privacy breach, greater need for accountability
  • privacy and data security are intertwined

Privacy By Default and Design

  • Access Roles (encoders, managers, supervisors, doctors, nurses, PhilHealth, other PHIE operators): Data Warehouse vs Shared Patient Records
  • Encryption (data at rest, transmission, sharing, backup)
  • Masking, Hiding, Password (identify data fields to be hidden, masked fully or partially to whom?)
  • Audit Trail (access to logs; authority to copy, download, delete logs)
  • Use Cases for Data Dumps
  • Privacy Breach (definition, monitoring, reporting)
  • Authority, Accountability (who does what?: breach monitoring & reporting; data field masking, data download, data backup)
  • Roles of data custodian, processessor, encoders
  • privacy provisions in employment contracts of EMR operators
  • Privacy Policy Statement (institution's website)
  • data retention and processing policies