How can I trust the rest of Europe ?

Requirements and a possible organisation with regard to epSOS and eHealth

Frank RobbenGeneral manager eHealth platformSint-Pieterssteenweg 375B-1040 BrusselsE-mail: Frank.Robben@ehealth.fgov.be

epSOS• European Patients Smart Open Services• aims at developing a practical eHealth

framework and ICT infrastructure that will enable secure access to patient health information, particularly with respect to a basic patient summary and ePrescription, between European healthcare systems

• epSOS II: 48 beneficiaries within 23 Member States

epSOS• focus on services close to the patient

• patient summary for EU citizens• occasional visit• regular visit

• ePrescribing for EU citizens• medication ePrescription• medication eDispensation

• build on existing national eHealth projects and use experiences and knowledge from all Member States

epSOS: expected impact• improving interoperability for

• enhanced quality of health care• enhanced patient safety• administrative simplification

• facilitating integration of ICT solutions suppor-ting emergency and healthcare services

• contributing to the adoption of common ICT based components / building blocks needed for the deployment of eHealth services

Cooperation is keyOh! so you are

also implementing

eHealth?

Requirements related to trust• authentication of the identity of

• the patient• the health care provider• the health care institution

• proof of the relevant characteristics of a health care provider

• proof of the relevant relationships between• a health care provider and• a health care institution or a group of health care

providers

Requirements related to trust• proof of the informed consent of the patient

to exchange personal health data• proof of therapeutic relationship between

• a health care provider or institution and• a patient

• proof of authorizations• mutual recognition of electronic signatures or

equivalent means

Concrete organisation• quality standards for national registration

procedures related to identity, relevant characteristics and relevant relationships

• mutual respect of national evidence related to• identity, characteristics and relationships• informed consent• therapeutic relationships

• interoperability and security standards with regard to technical means of evidence

Concrete organisation• mutual respect for the national implemen-

tation of the technical means of evidence that meet the security standards

• avoidance of export of national limitations to other countries where those limitations doesn’t exist according to the national (privacy) law (e.g. use of a unique identifier)

Policy enforcement model

UserPolicy

Application(PEP)

Application

PolicyDecision (PDP)

Policy Administration

(PAP)

Policy Information(PIP)

Policy Information(PIP)

Policy Repository Authentic Source Authentic Source

Administrator

Action on application

Action on application ALLOWED

Action on applicationDECLINED

Fetch Policies

InformationQuestion/Answer

InformationQuestion/Answer

Decision answer

Decision request

Authorisation management

Cross-border implementation

UserPolicy

Application(PEP)

Application

PolicyDecision (PDP)

Policy Administration

(PAP)

Policy Information(PIP)

Policy Information(PIP)

Policy Repository Authentic Source Authentic Source

Administrator

Action on application

Action on application ALLOWED

Action on applicationDECLINED

Fetch Policies

InformationQuestion/Answer

InformationQuestion/Answer

Decision answer

Decision request

Authorisation management

UserPolicy

Application(PEP)

Application

PolicyDecision (PDP)

Policy Administration

(PAP)

Policy Information(PIP)

Policy Information(PIP)

Policy Repository Authentic Source Authentic Source

Administrator

Action on application

Action on application ALLOWED

Action on applicationDECLINED

Fetch Policies

InformationQuestion/Answer

InformationQuestion/Answer

Decision answer

Decision request

Authorisation management

Member State A Member State B

Read more• epSOS

• http://www.epsos.eu/

• Belgian eHealth-platform• https://www.ehealth.fgov.be

• personal web site Frank Robben• http://www.law.kuleuven.be/icri/frobben/index.htm