Skip header and navigation

Refine By

10 records – page 1 of 1.

Alternatives to project-specific consent for access to personal information for health research: insights from a public dialogue.

https://arctichealth.org/en/permalink/ahliterature154140
Source
BMC Med Ethics. 2008;9:18
Publication Type
Article
Date
2008
Author
Donald J Willison
Marilyn Swinton
Lisa Schwartz
Julia Abelson
Cathy Charles
David Northrup
Ji Cheng
Lehana Thabane
Author Affiliation
Department of Clinical Epidemiology & Biostatistics, McMaster University, Hamilton, Canada. willison@mcmaster.ca
Source
BMC Med Ethics. 2008;9:18
Date
2008
Language
English
Publication Type
Article
Keywords
Adult
Canada
Choice Behavior
Confidentiality - standards
Consensus
Female
Humans
Informed Consent - ethics
Male
Middle Aged
Public Opinion
Questionnaires
Research Design
Abstract
The role of consent for research use of health information is contentious. Most discussion has focused on when project-specific consent may be waived but, recently, a broader range of consent options has been entertained, including broad opt-in for multiple studies with restrictions and notification with opt-out. We sought to elicit public values in this matter and to work toward an agreement about a common approach to consent for use of personal information for health research through deliberative public dialogues.
We conducted seven day-long public dialogues, involving 98 participants across Canada. Immediately before and after each dialogue, participants completed a fixed-response questionnaire rating individuals' support for 3 approaches to consent in the abstract and their consent choices for 5 health research scenarios using personal information. They also rated how confident different safeguards made them feel that their information was being used responsibly.
Broad opt-in consent for use of personal information garnered the greatest support in the abstract. When presented with specific research scenarios, no one approach to consent predominated. When profit was introduced into the scenarios, consent choices shifted toward greater control over use. Despite lively and constructive dialogues, and considerable shifting in opinion at the individual level, at the end of the day, there was no substantive aggregate movement in opinion. Personal controls were among the most commonly cited approaches to improving people's confidence in the responsible use of their information for research.
Because no one approach to consent satisfied even a simple majority of dialogue participants and the importance placed on personal controls, a mechanism should be developed for documenting consent choice for different types of research, including ways for individuals to check who has accessed their medical record for purposes other than clinical care. This could be done, for example, through a web-based patient portal to their electronic health record. Researchers and policy makers should continue to engage the public to promote greater public understanding of the research process and to look for feasible alternatives to existing approaches to project-specific consent for observational research.
Notes
Cites: J Am Med Inform Assoc. 2007 Nov-Dec;14(6):706-1217712084
Cites: CMAJ. 2000 Oct 31;163(9):1146-811079059
Cites: J Law Med Ethics. 2003 Fall;31(3):429-3314626550
Cites: J Med Ethics. 2004 Feb;30(1):104-914872086
Cites: J Health Serv Res Policy. 2004 Jan;9(1):22-715006236
Cites: BMC Med Inform Decis Mak. 2007;7:2517850667
Cites: J Med Internet Res. 2005;7(4):e4716236699
Cites: Int J Med Inform. 2006 Jul;75(7):530-4116198142
Cites: BMJ. 2006 Jul 29;333(7561):255-816873867
Cites: Diabetes Technol Ther. 2006 Oct;8(5):576-8617037972
Cites: Soc Sci Med. 2007 Jan;64(1):223-3517045717
Cites: BMC Med Ethics. 2003 Jan 3;4:E112513704
PubMed ID
19019239 View in PubMed
Less detail

A framework for an institutional high level security policy for the processing of medical data and their transmission through the Internet.

https://arctichealth.org/en/permalink/ahliterature192425
Source
J Med Internet Res. 2001 Apr-Jun;3(2):E14
Publication Type
Article
Author
C. Ilioudis
G. Pangalos
Author Affiliation
Informatics Laboratory, Faculty of Technology, Aristotle University of Thessaloniki, Thessaloniki, 54006, Greece; iliou@eng.auth.gr
Source
J Med Internet Res. 2001 Apr-Jun;3(2):E14
Language
English
Publication Type
Article
Keywords
Access to Information - legislation & jurisprudence
Canada
Computer Security - legislation & jurisprudence - standards
Confidentiality - standards
Databases as Topic - classification - legislation & jurisprudence
Education, Professional - legislation & jurisprudence
Europe
Guidelines as Topic
Humans
Informed Consent - legislation & jurisprudence
Internet - standards
Medical Informatics Computing - legislation & jurisprudence - standards
Medical Records Systems, Computerized - standards
Organizational Policy
Patient Rights - legislation & jurisprudence
Quality of Health Care - legislation & jurisprudence
United States
Abstract
The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy.
To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information.
We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet.
We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information.
The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a specific implementation environment. When implemented in specific environments, these principles and guidelines must also be complemented by measures, which are more specific. Even when a High Level Security Policy already exists in an institution, it is advisable that the management of the Health Care Establishment periodically revisits it to see whether it should be modified or augmented.
Notes
Cites: Med Inform Internet Med. 2000 Oct-Dec;25(4):265-7311198188
PubMed ID
11720956 View in PubMed
Less detail

[Inadequate IT security is a potential threat to the integrity and patient safety].

https://arctichealth.org/en/permalink/ahliterature104287
Source
Lakartidningen. 2014 Apr 29-May 13;111(18-19):810-1
Publication Type
Article

Personal health data: patient consent in information age.

https://arctichealth.org/en/permalink/ahliterature131624
Source
Stud Health Technol Inform. 2011;169:58-62
Publication Type
Article
Date
2011
Author
Dragana Martinovic
Victor Ralevich
Milan Petkovic
Author Affiliation
University of Windsor, Windsor, Ontario, Canada. dragana@uwindsor.ca
Source
Stud Health Technol Inform. 2011;169:58-62
Date
2011
Language
English
Publication Type
Article
Keywords
Access to Information
Canada
Computers
Confidentiality - standards
European Union
Health Insurance Portability and Accountability Act
Humans
Informed consent
Medical Records Systems, Computerized
Privacy
United States
Abstract
In this paper we report on findings related to treatment of patient consent in various circumstances and geographic domains; explore transfer of health data between custodians and geo-political entities; and emphasize importance of educating general public about issues related to handling health data. A specific set of questions about consent/legislation and related issues in the Canada, the USA and the EU are addressed in an attempt to answer them systematically. This comparison identifies similarities and differences along a set of dimensions.
PubMed ID
21893714 View in PubMed
Less detail

Privacy concerns raised over "secondary use" of health records.

https://arctichealth.org/en/permalink/ahliterature147746
Source
CMAJ. 2009 Dec 8;181(12):E287
Publication Type
Article
Date
Dec-8-2009

Privacy of patients' information in hospital lifts: observational study.

https://arctichealth.org/en/permalink/ahliterature183054
Source
BMJ. 2003 Nov 1;327(7422):1024-5
Publication Type
Article
Date
Nov-1-2003
Author
Simone N Vigod
Chaim M Bell
John M A Bohnen
Author Affiliation
St Michael's Hospital, University of Toronto, 30 Bond Street, Toronto, ON, Canada M5B 1W8.
Source
BMJ. 2003 Nov 1;327(7422):1024-5
Date
Nov-1-2003
Language
English
Publication Type
Article
Keywords
Confidentiality - standards
Elevators and Escalators
Hospitals - standards
Humans
Medical Records
Medical Staff, Hospital - standards - statistics & numerical data
Observation
Ontario
Personnel, Hospital - standards - statistics & numerical data
Notes
Cites: J Clin Ethics. 1991 Spring;2(1):25-30; discussion 30-41932793
Cites: Ugeskr Laeger. 1997 Nov 10;159(46):6819-219411994
Cites: Am J Med. 1995 Aug;99(2):190-47625424
PubMed ID
14593037 View in PubMed
Less detail

Risk assessment of integrated electronic health records.

https://arctichealth.org/en/permalink/ahliterature142907
Source
Stud Health Technol Inform. 2010;155:78-84
Publication Type
Article
Date
2010
Author
Bjarni Thor Bjornsson
Gudlaug Sigurdardottir
Stefan Orri Stefansson
Author Affiliation
Stiki ehf., Reykjavik, Iceland. bjarni@stiki.eu
Source
Stud Health Technol Inform. 2010;155:78-84
Date
2010
Language
English
Publication Type
Article
Keywords
Computer Security - standards
Confidentiality - standards
Electronic Health Records - legislation & jurisprudence - organization & administration - standards
Humans
Iceland
Information Dissemination - methods
Medical Record Linkage - methods - standards
Risk assessment
Abstract
The paper describes the security concerns related to Electronic Health Records (EHR) both in registration of data and integration of systems. A description of the current state of EHR systems in Iceland is provided, along with the Ministry of Health's future vision and plans. New legislation provides the opportunity for increased integration of EHRs and further collaboration between institutions. Integration of systems, along with greater availability and access to EHR data, requires increased security awareness since additional risks are introduced. The paper describes the core principles of information security as it applies to EHR systems and data. The concepts of confidentiality, integrity, availability, accountability and traceability are introduced and described. The paper discusses the legal requirements and importance of performing risk assessment for EHR data. Risk assessment methodology according to the ISO/IEC 27001 information security standard is described with examples on how it is applied to EHR systems.
PubMed ID
20543313 View in PubMed
Less detail

Technology Ready to be Launched, but is there a Payer? Challenges for Implementing eHealth in Sweden.

https://arctichealth.org/en/permalink/ahliterature282189
Source
Stud Health Technol Inform. 2015;211:57-68
Publication Type
Article
Date
2015
Author
Malin Hollmark
Anna Lefevre Skjöldebrand
Christoffer Andersson
Ragnar Lindblad
Source
Stud Health Technol Inform. 2015;211:57-68
Date
2015
Language
English
Publication Type
Article
Keywords
Attitude
Computer Security - standards
Confidentiality - standards
Diffusion of Innovation
Health Information Systems - economics - organization & administration - standards
Humans
Insurance, Health, Reimbursement
Patient Participation
Remote Sensing Technology - instrumentation
Sweden
Systems Integration
Telemedicine - economics - organization & administration - standards
Workflow
Abstract
The development of a sustainable, high-quality, affordable health care is today a high priority for many actors in the society. This is to ensure that we will continue to afford to care for the growing portion of elderly in our population. One solution is to enable the individual's power over her own health or illness, and participation in her own care. There are evidently opportunities with the rapid development of eHealth and wearable sensors. Tracking and measuring vital data can help to keep people out of the hospital. Loads of data is generated to help us understand disease, to provide us with early diagnostics and warnings. It is providing us with possibilities to collect and capture the true health status of individuals. Successful technologies demonstrate savings, acceptance among users and improved access to healthcare. But there are also challenges. Implementing new technologies in health care is difficult. Researchers from around the world are reporting on similar problems, such as reimbursement, interoperability, usability and regulatory issues. This paper will discuss a few of these implementation challenges as well as a few of the efforts in meeting them. To conclude, eHealth solutions can contribute to patient empowerment and a sustainable health care. Our assumption is however, that as long as we do not face the implementation challenges and invest in overcoming the pressing obstacles, society will not be able, or willing, to pay for the solutions.
PubMed ID
25980848 View in PubMed
Less detail

10 records – page 1 of 1.