About nine in 10 Canadians support legislation that would protect patient confidentiality. However, the Canadian public is not consistent in its views regarding privacy. Data suggest that the public's attitudes to privacy, and particularly access to medical records, are heavily influenced by the context in which the situation is presented and potential benefits to the individual or to the public.
In living kidney donation, transplant professionals consider the rights of a living kidney donor and recipient to keep their personal health information confidential and the need to disclose this information to the other for informed consent. In incompatible kidney exchange, personal health information from multiple living donors and recipients may affect decision making and outcomes.
We conducted a survey to understand and compare the preferences of potential donors (n = 43), potential recipients (n = 73), and health professionals (n = 41) toward sharing personal health information (in total 157 individuals).
When considering traditional live-donor transplantation, donors and recipients generally agreed that a recipient's health information should be shared with the donor (86 and 80%, respectively) and that a donor's information should be shared with the recipient (97 and 89%, respectively). When considering incompatible kidney exchange, donors and recipients generally agreed that a recipient's information should be shared with all donors and recipients involved in the transplant (85 and 85%, respectively) and that a donor's information should also be shared with all involved (95 and 90%, respectively). These results were contrary to attitudes expressed by transplant professionals, who frequently disagreed about whether such information should be shared.
Future policies and practice could facilitate greater sharing of personal health information in living kidney donation. This requires a consideration of which information is relevant, how to put it in context, and a plan to obtain consent from all concerned.
Cites: Am J Transplant. 2003 Jul;3(7):830-412814474
Cites: Am J Transplant. 2009 Jul;9(7):1558-7319459792
Cites: Transplantation. 2004 Aug 27;78(4):491-215446304
Cites: Lancet. 1992 Oct 3;340(8823):807-101357243
Cites: Can J Surg. 2004 Dec;47(6):408-1315646438
Cites: Transplantation. 2005 Mar 27;79(6 Suppl):S53-6615785361
Cites: HIV Med. 2006 Apr;7(3):133-916494626
Cites: Ann Intern Med. 2006 Aug 1;145(3):185-9616880460
The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy.
To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information.
We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet.
We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information.
The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a specific implementation environment. When implemented in specific environments, these principles and guidelines must also be complemented by measures, which are more specific. Even when a High Level Security Policy already exists in an institution, it is advisable that the management of the Health Care Establishment periodically revisits it to see whether it should be modified or augmented.
Cites: Med Inform Internet Med. 2000 Oct-Dec;25(4):265-7311198188