Journal of Innovation in Health Informatics (Dec 2016)

UK National Data Guardian for Health and Care’s Review of Data Security: Trust, better security and opt-outs

  • Tom Chan,
  • Concetta Tania Di Iorio,
  • Simon de Lusignan,
  • Daniel Lo Russo,
  • Craig Kuziemsky,
  • Siaw-Teng Liaw

DOI
https://doi.org/10.14236/jhi.v23i3.909
Journal volume & issue
Vol. 23, no. 3
pp. 627 – 632

Abstract

Read online

Sharing health and social care data is essential to the delivery of high quality health care as well as disease surveillance, public health, and for conducting research. However, these societal benefits may be constrained by privacy and data protection principles. Hence, societies are striving to find a balance between the two competing public interests. Whilst the spread of IT advancements in recent decades has increased the demand for an increased privacy and data protection in many ways health is a special case. UK, are adopting guidelines, codes of conduct and regulatory instruments aimed to implement privacy principles into practical settings and enhance public trust. Accordingly, in 2015, the UK National Data Guardian (NDG) requested to conduct a further review of data protection, referred to as Caldicott 3. The scope of this review is to strengthen data security standards and confidentiality. It also proposes a consent system based on an “opt-out” model rather than on “opt-in. Across Europe as well as internationally the privacy-health data sharing balance is not fixed. In Europe enactment of the new EU Data Protection Regulation in 2016 constitute a major breakthrough, which is likely to have a profound effect on European countries and beyond. In Australia and across North America different ways are being sought to balance out these twin requirements of a modern society - to preserve privacy alongside affording high quality health care for an ageing population. Whilst in the UK privacy legal framework remains complex and fragmented into different layers of legislation, which may negatively impact on both the rights to privacy and health the UK is at the forefront in the uptake of international and EU privacy and data protection principles. And, if the privacy regime were reorganised in a more comprehensive manner, it could be used as a sound implementation model for other countries.

Keywords